Doctor of Philosophy
CSHIA
My PhD work is about a computer architecture that provides code and data integrity and authenticity. Computer Security by Hardware-Intrinsic Authentication (CSHIA, for short) can be seen as an armor for processors. We provide complementary protection for processor that does not need to be aware about the CSHIA. Thus, no cost for redesigning instruction set or modifying software.The main difference between CSHIA and previous solutions on code and data integrity comes from the tight link between its authentication tag scheme and the phyical processor itself. This link is created by using Physical Unclonable Functions (PUFs) to generate a unique cryptographic key that authenticates the code and data. As PUFs are designed to be unique to every processor, a hacked code of an instance of CSHIA cannot used in another instance. In addition, recovering a key from any instance of CSHIA means to break PUF's security properties, which can be really difficult when well designed (more on this later).
Currently, we have been developing a VHDL implementation for CSHIA (more here: CSHIA page). This implemenation is a joint effort from Augusto Fernandes and I. The implementation is based on Gailser's Leon3. We now have a code patch that inserts our code and modifies Gailser's implementation to transform Leon on CSHIA. Unfortunetaly, our patch will only work for Altera designs. In the future, we intend to extend our patch to Xilinx boards as well.
My thesis can be found here: Thesis.