In a computer system, private data are protected with cryptography. In a public-key cryptographic algorithm, keys are generated in pairs. Each pair of keys consist of a private key and a public key. The private key is kept only by the owner. The premise for protecting private data with a public-key cryptographic algorithm is ensuring confidentiality of the private key.
Normally, in the computer system, the private key is stored and operated in a memory. However, system intrusions and physical attacks severely threaten the security of the computer system. The system intrusions utilize a software bug of the system and directly obtain the private key via memory access instructions. The physical attacks, such as a cold boot attack, may obtain an image of the whole Random-Access Memory (RAM) chip while there is a physical access with a target computer. In order to prevent the cold boot attack, a general practice is storing the key with resources in the CPU, rather than resources in the RAM. These schemes may be classified into two categories. One kind of scheme is utilizing a register. Since the capacity of the register is limited, this scheme may only support a symmetric cryptographic algorithm and a simple asymmetric cryptographic algorithm, in which length of the key is limited. The other kind of scheme is applicable to a multi-core processor and stores the key and intermediate variables in an on-chip cache of the CPU. This kind of scheme utilizes a write back mode of the cache to clear up contents, which are newly written into the memory, before the contents are synchronized to the RAM chip and only computation results are reserved. Meanwhile, in order to eliminate influence of cache sharing, when the cryptographic computation is performed, all cores, which share the cache with the cryptographic computation core, need to be configured as a no-fill mode. In the no-fill mode, a memory access operation, which is a read miss or a write miss, does not incur replacement of the cache. It can be seen that in a situation that an L3 cache is shared by all cores of the multi-core processor, this kind of scheme supports only one core in performing the cryptographic operation at the same time. Further, when one core performs the cryptographic operation, other cores are configured as the no-fill mode, so that the processor is inefficient. Besides, as for this kind of configuration, if the Operating System (OS) has a bug, malicious processes still may directly read the keys stored in the memory via the bug, resulting in invalidity of the protection mechanism.