1. Field
This invention relates to microprocessor. In particular, the invention relates to microprocessor cryptography.
2. General Background
Advances in microprocessor and communication technologies have opened up many opportunities for applications that go beyond the traditional ways of doing business. Electronic commerce (E-commerce) and business-to-business (B2B) transactions are now becoming popular, reaching the global markets at a fast rate. Unfortunately, while modern microprocessor systems provide users convenient and efficient methods of doing business, communicating and transacting, they are also vulnerable to unscrupulous attacks. Examples of these attacks include virus, intrusion, security breach, and tampering. Computer security, therefore, is becoming more and more important to protect the integrity of the computer systems and increase the trust of users.
Threats caused by unscrupulous attacks may be in a number of forms such as passive wiretapping (eavesdropping), e.g., interception of messages, usually without detection, and active wiretapping (tampering), e.g., deliberate modification made to the message stream, which threatens authenticity. An invasive remote-launched attack by attackers may disrupt the normal operation of a system connected to thousands or even millions of users. A virus program may corrupt code and/or data of a single-user platform.
Various efforts in the computer industry have been directed at improving security in computer processing environments. These efforts have been focused on various issues concerning data security including privacy, authentication, integrity, and non-repudiation, etc. Security solutions have been developed by various entities and companies in dealing with these basic security issues. In cases where software or other digital content is licensed to be used only on a specific system (e.g., platform) it is common to have the platform sign a unique message supplied by the content provider to “prove” that the platform identity matches the platform identity authorized to use the digital content. In cases where a platform originates a message or data it is common to have the platform sign the message or data to prove that the message or data originated from that platform.
The digital signature in these cases is produced using a private key. Ideally, the private key is kept secretly inside a platform (i.e., first platform) so that unauthorized users (e.g., intruders, attackers, forgers) cannot find out what it is. Unfortunately, signatures can be forged because if the authorized users can write code to use the private key, then the unauthorized users can also write code to read the private key and install it on another platform, allowing that other platform to impersonate the identity of the first platform.
Therefore, there is a need to have a technique to sign data with a high degree of resistance to attack that provides protection against a second platform impersonating a first platform even if the attacker has access to the first platform.