Cell Broadband Engine™ processor security architecture and digital content protection

ABSTRACTCurrent content protection technologies such as those based on broadcast encryption and public-key encryption focus on the distribution and control of content. Although these technologies are effective and mathematically sound, they are susceptible to systematic attacks that utilize any underlying platform weakness, bypassing the cryptographic strengths of the actual schemes. Thus, ensuring that the computing platform supports the cryptographic content protection layers on top is a critical issue. In this light, the Cell Broadband Engine (Cell BE) processor [1] security architecture has three core features that are well-suited for this purpose. First, it provides a hardware-enforced memory isolation whereby code and data are robustly protected during code execution. Unlike competing security solutions, this design is unique in that even if the supervisory software such as the operating system or the hypervisor is compromised, the memory isolation is guaranteed. In contrast, most security architectures rely on the perpetual integrity and security of its supervisory software to protect and separate the processes. Second, the Cell BE architecture provides the ability to do a hardware supported authentication of the software stack (i.e. "secure boot") during runtime. Many security architectures do a secure boot only at boot time with the assumption that if the software's integrity is verified at time 0, it can be trusted forever afterwards. However, many security attacks such as those that are software-based, compromise the software stack during runtime. The Cell BE protects against this by offering a runtime secure boot feature so that the software stack can be constantly re-verified. Third, the architecture provides a hardware key to act as the root of an encryption chain. Data encrypted by this key directly or indirectly can only be decrypted and provided to an application that is running in the isolated memory (the first feature) and has been verified (via the second feature). This significantly limits an adversary's chances of manipulating software to expose the keys fundamental to a content protection scheme.