Design and Implementation of the Ascend Secure Processor

Ling Ren, Christopher Wardlaw Fletcher, Albert Kwon, Marten Van Dijk, Srinivas Devadas

Research output: Contribution to journalArticlepeer-review

Abstract

This paper presents post-silicon results for the Ascend secure processor, taped out in a 32 nm SOI process. Ascend prevents information leakage over a processor's digital I/O pins-in particular, the processor's requests to external memory-and certifies the program's execution by verifying the integrity of the external memory. In secure processor design, encrypting main memory is not sufficient for security because where and when memory is accessed reveals secret information. To this end, Ascend is equipped with a hardware Oblivious RAM (ORAM) controller, which obfuscates the address bus by reshuffling memory as it is accessed. To our knowledge, Ascend is the first prototyping of ORAM in custom silicon. Ascend has also been carefully engineered to ensure its timing behaviors are independent of user private data. In 32 nm silicon, all security components combined (the ORAM controller, which includes 12 AES rounds and one SHA-3 hash unit) impose a moderate area overhead of 0.51 mm$^2$2. Post tape-out, the security components of the Ascend chip have been successfully tested at 857 MHz and 1.1 V, at which point they consume 299 mW of power.

Original languageEnglish (US)
Article number7886270
Pages (from-to)204-216
Number of pages13
JournalIEEE Transactions on Dependable and Secure Computing
Volume16
Issue number2
DOIs
StatePublished - Mar 1 2019
Externally publishedYes

Keywords

  • ASIC design
  • Computation outsourcing
  • integrity verification
  • oblivious RAM
  • secure processors

ASJC Scopus subject areas

  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'Design and Implementation of the Ascend Secure Processor'. Together they form a unique fingerprint.

Cite this