Abstract—Most security mechanisms proposed to date unquestioningly place trust in microprocessor hardware. This trust, however, is misplaced and dangerous because microprocessors are vulnerable to insider attacks that can catastrophically compromise security, integrity and privacy of computer systems. In this paper, we describe several methods to strengthen the fundamental assumption about trust in microprocessors. By employing practical, lightweight attack detectors within a microprocessor, we show that it is possible to protect against malicious logic embedded in microprocessor hardware. We propose and evaluate two area-efficient hardware methods — TRUSTNET and DATAWATCH — that detect attacks on microprocessor hardware by knowledgeable, malicious insiders. Our mechanisms leverage the fact that multiple components within a microprocessor (e.g., fetch, decode pipeline stage etc.) must necessarily coordinate and communicate to execute even simple instructions, and that any attack on a microprocessor must cause erroneous communications between microarchitectural subcomponents used to build a processor. A key aspect of our solution is that TRUSTNET and DATAWATCH are themselves highly resilient to corruption. We demonstrate that under realistic assumptions, our solutions can protect pipelines and on-chip cache hierarchies at negligible area cost and with no performance impact. Combining TRUSTNET and DATAWATCH with prior work on fault detection has the potential to provide complete coverage against a large class of microprocessor attacks. 1 Index Terms—hardware security, backdoors, microprocessors, security based on causal structure and division of work.

degree from The University of Alabama in Huntsville, I agree that the Library of this University shall make it freely available for inspection. I further agree that permission for extensive copying for scholarly purposes may be granted by my advisor or, in his/her absence, by the Chair of the Department or the Dean of the School of Graduate Studies. It is also understood that due recognition shall be given to me and to The University of Alabama in Huntsville in any scholarly use which may be made of any material in this dissertation.

Recently, cryptanalysts have found collisions on the MD4, MD5, and SHA-0 algorithms; moreover, a method for finding SHA1 collisions with less than the expected calculus complexity has been published. The NIST [1] has thus decided to develop a new hash algorithm, so called SHA-3, which will be developed through a public competition [3]. From the set of accepted proposals for the further steps of the competition, we have decided to explore the design of an efficient parallel algorithm for the Skein [12] hash function family. The main reason for designing such an algorithm is to obtain optimal performances when dealing with critical applications which require efficiently tuned implementations on multi-core target processors. This preliminary work presents one of the first parallel implementation and associated performance evaluation of Skein available in the literature. To parallelize Skein we have used the tree hash mode in which we create one virtual thread for each node of the tree.