Effective implementation of the cell broadband engine™ isolation loader

Abstract

This paper presents the design and implementation of the Cell Broadband Engine™ (Cell/B.E.) isolation loader which is a part of the IBM Software Development Kit for Multicore Acceleration [14]. Our isolation loader is a key component in realizing secure application boot and encrypted application execution. During the application load process, the isolation loader fetches, validates, and decrypts a Synergistic Processor Element (SPE) executable, establishing a chain of trust from the hardware to the application. Since not all applications are SPE executables, we also introduce a general solution. This is a verification service framework in which all applications including system functions can be verified by the isolation loader immediately before execution. We have applied several novel implementation techniques to the isolation loader. The countermeasure implemented in our isolation loader against the substituted-ciphertext attack is given and our staging technique to allocate contiguous working areas for applications is also introduced. The load overhead of this loader including application fetch, validation (RSA-2048/SHA-1), and decryption (RSA-2048 and AES) is less than 50 milliseconds on the 2.8 GHz IBM PowerXCell 8i processor. This overhead is reasonable compared with the 500-millisecond 2048-bit RSA signing needed by the Trusted Platform Module chips [3]. Copyright 2009 ACM.