Implementing security on the chip level

Tag: security , embedded , theory , microchip Author: jhkghjfghfghgfkyutu Date: 2010-08-07

With Intel's recent purchase of a well known security company, I'm starting to think about what software w/could be more secure on a chip level. Examples I've come up with are:

  • Random number generation
  • Encryption
  • Memory protection

But is hardware level security any more secure than software based security? ( I would assume garbage in garbage out no matter what level you operate at) What are the design considerations for embedded security? What are the limitations? Finally, do you have any good resources for learning more about the topic?

Best Answer

Actually intel already implemented a lot of hardware-based security technologies (chip and chipset).

Some relevant technologies are:

In general, hardware-based security is more secure, because it is virtually impossible to 'go under' your code (tweak it at a lower level).

Other Answer1

Hardware level security can only solve some security problems. For instance NX zones makes buffer overflows more difficult to exploit (but not impossible, return-to-libc). The cpu archatecture you are using isn't going to affect more common vulnerablites like SQL Injection and I don't think it can. There can also be vulnerabilities in hardware, for instance this vulnerability in Intel cpu's.

Intel wants to make their current products more secure. Intel also has a lot of money in savings and they might be looking at this recent purchase as an investment in a growing field.

Other Answer2

Here is the primary wikipedia topic on Trusted Computing.

Other Answer3

This thread is a little old, but you can also read about the Intel Secure Key technology (Random Number generation) that is built into Intel processors (starting in 2012 generation processors.) The implementation guide goes into detail about what makes it more secure than a software-based implementation.