A Practical Encrypted Microprocessor

Peter T. Breuer, Jonathan P. Bowen, Esther Palomar, Zhiming Liu


This paper explores a new approach to encrypted microprocessing, potentiating new trade-offs in security versus performance engineering. The coprocessor prototype described runs standard machine code (32-bit OpenRISC v1.1) with encrypted data in registers, on buses, and in memory. The architecture is ‘superscalar’, executing multiple instructions simultaneously, and is sophisticated enough that it achieves speeds approaching that of contemporary off-the-shelf processor cores. The aim of the design is to protect user data against the operator or owner of the processor, and so-called ‘Iago’ attacks in general, for those paradigms that require trust in data-heavy computations in remote locations and/or overseen by untrusted operators. A single idea underlies the architecture, its performance and security properties: it is that a modified arithmetic is enough to cause all program execution to be encrypted. The privileged operator, running unencrypted with the standard arithmetic, can see and try their luck at modifying encrypted data, but has no special access to the information in it, as proven here. We test the issues, reporting performance in particular for 64-bit Rijndael and 72-bit Paillier encryptions, the latter running keylessly.


  1. Anati, I., Gueron, S., Johnson, S. P., and Scarlata, V. R. (2013). Innovative technology for CPU based attestation and sealing. In Proc. 2nd Intl. Workshop on Hardware and Architectural Support for Security & Privacy (HASP 7813). ACM.
  2. Breuer, P. and Bowen, J. (2012). Typed assembler for a RISC crypto-processor. In Barthe, G., Livshits, B., and Scandariato, R., editors, Proc. 4th Intl. Symp. on Engineering Secure Software & Systems (ESSoS 7812), number 7159 in LNCS, pages 22-29, Berlin/Heidelberg. Springer.
  3. Breuer, P. and Bowen, J. (2013). A fully homomorphic crypto-processor design: Correctness of a secret computer. In Jürjens, J., Livshits, B., and Scandariato, R., editors, Proc. 5th Intl. Symp. on Engineering Secure Software & Systems (ESSoS 7813), number 7781 in LNCS, pages 123-138, Berlin/Heidelberg. Springer.
  4. Breuer, P. and Bowen, J. (2014). Towards a working fully homomorphic crypto-processor: Practice and the secret computer. In J örjens, J., Pressens, F., and Bielova, N., editors, Proc. Intl. Symp. on Engineering Secure Software & Systems (ESSoS 7814), volume 8364 of LNCS, pages 131-140, Berlin/Heidelberg. Springer.
  5. Buer, M. (2006). CMOS-based stateless hardware security module. US Pat. App. 11/159,669.
  6. Daemen, J. and Rijmen, V. (2002). The Design of Rijndael: AES - The Advanced Encryption Standard . Springer, Berlin/Heidelberg.
  7. Gentry, C. (2009). Fully homomorphic encryption using ideal lattices. In Proc. 41st Ann. ACM Symp. on Theory of Computing (STOC 7809), pages 169-178, New York, NY.
  8. Halderman, J., Schoen, S., Heninger, N., Clarkson, W., Paul, W., Calandrino, J., Feldman, A., Appelbaum, J., and Felten, E. (2009). Lest we remember: cold-boot attacks on encryption keys. Commun. ACM, 52(5):91- 98.
  9. Hampson, B. (1989). Digital computer system for executing encrypted programs. US Pat. 4,847,902.
  10. Hashimoto, M., Teramoto, K., Saito, T., Shirakawa, K., and Fujimoto, K. (2001). Tamper resistant microprocessor. US Pat. 2001/0018736.
  11. Kissell, K. (2006). Method and apparatus for disassociating power consumed within a processing system with instructions it is executing. US Pat. App. 11/257,381.
  12. Kömmerling, O. and Kuhn, M. (1999). Design principles for tamper-resistant smartcard processors. In Proc. USENIX Workshop on Smartcard Technology (Smartcard 7899), pages 9-20.
  13. Liu, C., Harris, A., Maas, M., Hicks, M., Tiwari, M., and Shi, E. (2015). Ghostrider: A hardware-software system for memory trace oblivious computation. In Proc. Intl. Conf. on Architectural Support for Programming Languages and Operating Systems (ASPLOS'15).
  14. Maas, M., Love, E., Stefanov, E., Tiwari, M., Shi, E., Asanovic, K., Kubiatowicz, J., and Song, D. (2013). Phantom: Practical oblivious computation in a secure processor. In Proc. ACM Conf. on Computer & Communications Security (SIGSAC'13), pages 311-324.
  15. Ostrovsky, R. (1990). Efficient computation on oblivious RAMs. In Proc. 22nd Ann. ACM Symp. on Theory of Computing, pages 514-523.
  16. Paillier, P. (1999). Public-key cryptosystems based on composite degree residuosity classes. In Advances in cryptology - EUROCRYPT'99 , pages 223-238. Springer.
  17. Patterson, D. (1985). Reduced instruction set computers. Commun. ACM, 28(1):8-21.
  18. Schuster, F., Costa, M., Fournet, C., Gkantsidis, C., Peinado, M., Mainar-Ruiz, G., and Russinovich, M. (2015). VC3: Trustworthy data analytics in the cloud using SGX. In IEEE Symp. on Security & Privacy, pages 38-54.
  19. Tsoutsos, N. and Maniatakos, M. (2013). Investigating the application of one instruction set computing for encrypted data computation. In Gierlichs, B., Guilley, S., and Mukhopadhyay, D., editors, Proc. Security, Privacy and Applied Cryptography Engineering (SPACE 7813), pages 21-37. Springer, Berlin/Heidelberg.
  20. Tsoutsos, N. and Maniatakos, M. (2015). The HEROIC framework: Encrypted computation without shared keys. IEEE Trans. on CAD of Integrated Circuits and Systems, 34(6):875-888.

Paper Citation

in Harvard Style

Breuer P., Bowen J., Palomar E. and Liu Z. (2016). A Practical Encrypted Microprocessor . In Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016) ISBN 978-989-758-196-0, pages 239-250. DOI: 10.5220/0005955902390250

in Bibtex Style

author={Peter T. Breuer and Jonathan P. Bowen and Esther Palomar and Zhiming Liu},
title={A Practical Encrypted Microprocessor},
booktitle={Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016)},

in EndNote Style

JO - Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016)
TI - A Practical Encrypted Microprocessor
SN - 978-989-758-196-0
AU - Breuer P.
AU - Bowen J.
AU - Palomar E.
AU - Liu Z.
PY - 2016
SP - 239
EP - 250
DO - 10.5220/0005955902390250