Cryptology ePrint Archive: Report 2016/1193

Superscalar Encrypted RISC: Measure of a Secret Computer

Peter T. Breuer and Jonathan P. Bowen

Abstract: It suffices to change the arithmetic embedded in a processor in order to cause data to remain in encrypted form throughout. The theory has been embodied in a prototype design for a superscalar pipelined general purpose processor that `works encrypted', a new approach to encrypted computation.

The prototype runs encrypted machine code on encrypted data in registers and memory and on buses. The aim is to protect user data against the operator, and so-called `Iago' attacks in general, for those computing paradigms that entail trust in data-oriented computation in remote locations, overseen by untrusted operators, or embedded unattended.

The architecture is 32-bit OpenRISC, admitting any block cipher compatible with the physical word size chosen for implementation. We are reporting performance from cycle-accurate behavioural simulations of the design running AES-128 (symmetric, keyed; the US Advanced Encryption Standard) and Paillier-72 (asymmetric, additively homomorphic, no key in-processor) encryptions in a 128-bit word, and RC2-64 encryption (symmetric, keyed) in a 64-bit word.

Category / Keywords: applications / Encrypted Computation, Computer Architecture

Date: received 31 Dec 2016, last revised 4 May 2017

Contact author: Peter T Breuer at gmail com

Available format(s): PDF | BibTeX Citation

Note: Update for resubmission.

Version: 20170504:062554 (All versions of this report)

Short URL: ia.cr/2016/1193

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]