Field
The present invention relates to an apparatus and method to protect against key tampering.
Relevant Background
A cryptoprocessor may be a co-processor that performs computationally intensive encoding and decoding of information for a central processing unit (CPU) based upon an extended language or may be a cryptoengine that is a separate piece of hardware (e.g., an accelerator processor) that is run by a dedicated software driver for the encoding and decoding of information. A cryptoprocessor may be used to store keys for encryption and decryption. This information typically is write-only, meaning that no one (e.g., software applications) can read it, even the one that wrote the information.
However, an attacker may try to overwrite part of a key in order to collect information about the key. Additionally, an attacker may try to modify metadata associated with a key that defines what can be done with the key, what execution environments or processes can use the key, and which domains are allowed for use with the key.
Unfortunately, these types of attacks may be very destructive to computing devices that utilize cryptoprocessors, and may cause problems, such as: severe fines, loss of contracts, revocation of entire products lines, diminished brand value, etc.