The explosive growth of small-footprint Internet appliances and smart cards for e-commerce applications makes it increasingly profitable for hackers to develop methods of cracking security firewalls. ARM engineers design the CPUs on which many of these systems are based and we have invested considerable effort to produce a family of microprocessor cores that are specifically targeted for high-security applications.

How security and encryption mechanisms are implemented varies greatly depending on the particular device and the individual OEM. We knew it was necessary to provide a single base architecture that would allow OEMs to implement security in a highly customized manner without affecting software compatibility.

The biggest concern was finding ways to subvert hacker attacks within the limitations of the small memories, limited battery power and high-speed requirements of the applications served by our technology.

The first line of defense against hackers must be to use the most secure form of cryptography available: Asymmetric cryptography is considered the most secure and is generally the technique of choice for most e-commerce applications.

However, asymmetric cryptography hasn't been used much in smart cards because although asymmetric decryption is quite simple, encryption involves long calculations that take a lot of processing power, memory and battery power. This has made the asymmetric method impractical in smart cards equipped with the inexpensive standard microprocessors that manufacturers use to keep costs down.

However, advanced technology provides an opportunity to modify microprocessors to execute cryptography faster and more efficiently, making asymmetric cryptography practical without increasing the cost of manufacturing the card.

One of the ways we accomplished this was to support integration of cryptographic instructions alongside the core, providing very high performance with low power consumption. These instructions are configurable through a standardized coprocessor interface that enables users to add customized cryptographic processing extensions to our instruction set. This allows the designer to choose the optimum balance of performance and area for a particular application. Plus, the engine includes scalable parallel-processing elements and features to resist power and timing attacks.

Future generations of secure microprocessors will allow the number of parallel-processing elements to be varied, making the cores even more customizable.

The target for our first cryptographically enhanced processor is to provide sub-100-millisecond RSA performance at low clock frequencies (20 MHz) without the use of the well-known but somewhat questionable Chinese Remainder Theorem. Elliptic curves are another popular form of asymmetric cryptography.

To get around such sophisticated mechanisms, hackers have two options when breaking into a smart card: invasive and noninvasive. In principle, given a large enough budget, any smart card could be cracked through invasive means such as microprobing, focused-ion-beam editing and layout reconstruction.

Methods have been developed to analyze smart cards beyond such straightforward invasive and noninvasive attacks based on monitoring and analyzing a smart card's power consumption. There are two types of power attack: Simple power analysis (SPA) can be used to look at the increase in power consumption each time a particular algorithm is performed, allowing an attacker to capture secret information bit by bit. Differential power analysis (DPA) retrieves information by performing a statistical analysis of power-consumption curves for several executions of the same algorithm with different inputs. The ability to analyze DES keys using SPA and DPA has been demonstrated on a number of existing smart cards.

There are a number of design strategies that make ARM microprocessors less vulnerable to hacker attacks. For example, in standard smart cards various operations take a different number of clock cycles to complete, and hackers can read these operations by counting the cycles. ARM's engineers have implemented the instructions so that all operations appear to take the same number of clock cycles, which makes counting cycles useless to hackers.

We have also increased the parallelism in the processor core and the cryptographic accelerator, which strengthens the resistance to power attacks. Operation time is another change: Essentially, any given operation can take a different amount of time to complete each time it runs. There are many ways to get the same result, and by varying the way you implement an operation from one instance to the next, the time it takes to complete is inconsistent and so the operation will appear to be a different operation.

Code provided with the core allows manufacturers to test a device without having to use scan-chain techniques. Scan chains are a simple and efficient way to test the logic on a chip, but this technique could leave a connection that a hacker can use to analyze the logic on a chip just as well as the manufacturer can. The manufacturer can fuse the connections so that once the testing is completed the fuses can be blown to prevent anyone else using the scan chain. But this method may not be entirely secure, since it is sometimes possible to reconnect the fuses through a focused ion beam.

ARM's engineers also added hardware to the core that detects attempts to glitch the power supply or the clock. The hardware provides integrity checks for key parts of the core and can detect when some of the side effects of glitching occur. Smart-card manufacturers can configure the hardware as they see fit.

For the complete online version, go to www. eet.com/in_ focus/.