Processor vendors are still debating whether encryption should be done in software or separate hardware engines. As with most tech puzzles, it depends on the application and the level of security desired.
MIPS Technologies Inc. thinks it can do the job for lightweight applications like smart cards by extending its instruction-set architecture to support cryptography, as it has done in the SmartMIPS 32-bit core. In applications with higher data transmission rates, hardware may be the answer. For example, NEC's latest 64-bit gateway processor, the MIPS-based VR4133, can handle Internet Key Exchange algorithms, used for secure transactions, entirely in software. But heavier algorithms for encryption and authentication had to be supported by adding hardware acceleration engines to stay within half the 100-Mbit/second line rate, said Arnold Estep, senior marketing manager at NEC Electronics America Inc.
ARC International is tinkering wit h the instruction set and adding hardware encryption. The hardware can do the heavy lifting when needed, but a number of instruction-set primitives exist to speed the algorithms when executed in software, said David Fritz, vice president of technical marketing.
David Fotland, chief technology officer at Ubicom, said he would favor using primitives over adding a separate encryption engine for an RSA algorithm. Today, however, the company's wireless network processor can support the Data Encryption Standard and Advanced Encryption Standard through table lookups, an efficient way to go since the processor comes equipped with direct memory access capability.
It's also important to sequester sensitive data from the rest of the chip. STMicroelectronics' Nomadik processor for portable applications was made to deny access to rogue programs posing as legitimate applications. Applications, for example, must be verified as safe before they can access certain portions of the memory, said Richard Chesson, ST's director of marketing for multimedia platforms. Similarly, ARM has new operating modes for its forthcoming ARM11 processor that act as parallel domains, but with a different privilege level.
To discourage snooping, MIPS has added the ability to "swizzle" information traveling between the cache and the core, making it impossible to decipher data by probing the cache line. There's also a way to randomly inject stalls into the core, scrambling the power signatures, said MIPS CTO Mike Uhler. This requires the use of a random-number generator, a feature that is becoming more common in embedded processors. Ubicom's Fotland said true random numbers are generated in hardware, though software implementations are "good enough" for many apps.
Some Motorola processors for cell phones have anti-tampering features. If a hacker tries to access information using a JTAG debugger, the chip detects the intrusion and disables the phone. Only authorized dealers have the key to reconfigure it, said Findlay S hearer, platform marketing manager for Motorola's Semiconductor Products Sector.