Lightweight, High-Performance CPU Extension for Protected Key Handles with CPU-Enforced Usage (CISPA, Ruhr Univ. Bochum)


A new technical paper titled "KeyVisor -- A Lightweight ISA Extension for Protected Key Handles with CPU-enforced Usage Policies" was published by researchers at CISPA Helmholtz Center for Information Security and Ruhr University Bochum. Abstract "The confidentiality of cryptographic keys is essential for the security of protection schemes used for communication, file encryption, and outsou... » read more

Private Delegated Computations Using Strong Isolation


Computations are now routinely delegated to third-parties. In response, Confidential Computing technologies are being added to microprocessors offering a trusted execution environment (TEE) that provides confidentiality and integrity guarantees to code and data hosted within—even in the face of a privileged attacker. TEEs, along with an attestation protocol, permit remote third-parties to est... » read more

Hardware-Based Confidential Computing (NIST)


NIST has published a draft report, titled “Hardware Enabled Security: Hardware-Based Confidential Computing,” which presents an approach for managing machine identities for protection against malware and other security vulnerabilities. Comments are due April 10, 2023. Abstract "Organizations employ a growing volume of machine identities, often numbering in the thousands or millions per ... » read more

Side-Channel Attacks Via Cache On the RISC-V Processor Configuration


A technical paper titled "A cross-process Spectre attack via cache on RISC-V processor with trusted execution environment" was published by researchers at University of Electro-Communication, Academy of Cryptography Techniques, Technology Research Association of Secure IoT Edge Application based on RISC-V Open Architecture (TRASIO), and AIST. "This work proposed a cross-process exploitation ... » read more

HW-Enabled Security Techniques To Improve Platform Security And Data Protection For Cloud Data Centers And Edge Computing (NIST)


A technical paper titled "Hardware-Enabled Security: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases" was published by NIST, Intel, AMD, Arm, IBM, Cisco and Scarfone Cybersecurity. Abstract: "In today’s cloud data centers and edge computing, attack surfaces have shifted and, in some cases, significantly increased. At the same time, hacking has becom... » read more

AI/ML Workloads Need Extra Security


The need for security is pervading all electronic systems. But given the growth in data-center machine-learning computing, which deals with extremely valuable data, some companies are paying particular attention to handling that data securely. All of the usual data-center security solutions must be brought to bear, but extra effort is needed to ensure that models and data sets are protected ... » read more

HECTOR-V: A Heterogeneous CPU Architecture for a Secure RISC-V Execution Environment


Summary "To ensure secure and trustworthy execution of applications, vendors frequently embed trusted execution environments into their systems. Here, applications are protected from adversaries, including a malicious operating system. TEEs are usually built by integrating protection mechanisms directly into the processor or by using dedicated external secure elements. However, both of these... » read more

Isolate Security-Critical Applications On Zynq UltraScale+ Device


Implementing a TEE on the Zynq UltraScale+ platform (RFSoCs and MPSoCs) greatly reduces the attack surface of security-critical applications. Explore this white paper to find out • What a TEE is • How the requirements for a TEE are easily met on the Zynq UltraScale+ platform • Why a TEE is needed, even if hypervisors are used • An example architecture of Prove & Run’s Proven... » read more

Security Verification For Processor-Based SoCs


By Ruud Derwig and Nicole Fern Security in modern systems is of utmost importance. Device manufacturers are including multiple security features and attack protections into both the hardware and software design. End-product system security, however, cannot be guaranteed by using a secure processor alone. The final product security results not only from using proven, secure hardware component... » read more

Five Ways To Avoid Being The Next IoT Security Headline


Whether it is the remote hacking of cars or the rise of the IoT botnet we have all read the scary headlines: security for the IoT is a growing issue. But how exactly do you stop your company and your product appearing on the front page, as part of the latest security violation story? Security in IoT is more than just the processor, it requires an approach that protects the entire system and all... » read more