To ensure the security of cryptographic algorithm implementations, several cryptographic key protection schemes have been proposed to prevent various memory disclosure attacks. Among them, the register-based solutions do not rely on special hardware features and offer better applicability. However, due to the size limitation of register resources, the performance of register-based solutions is much worse than conventional cryptosystem implementations without security enhancements. This paper presents RegKey, an efficient register-based implementation of ECC (elliptic curve cryptography) signature algorithms. Different from other schemes that protect the whole cryptographic operations, RegKey only uses CPU registers to execute simple but critical operations, significantly reducing the usage of register resources and performance overheads. To achieve this goal, RegKey splits the ECC signing into two parts, (1) complex elliptic curve group operations on non-sensitive data in main memory as normal implementations, and (2) simple prime field operations on sensitive data inside CPU registers. RegKey guarantees the plaintext private key and random number used for signing only appear in registers to effectively resist one-shot memory disclosure attacks such as cold-boot attacks and warm-boot attacks, which are usually launched by physically accessing the victim machine to acquire partial or even entire memory data but only once. Compared with existing cryptographic key protection schemes, the performance of RegKey is greatly improved. Regkey is applicable to different platforms because it does not rely on special CPU hardware features. Since RegKey focuses on one-shot memory disclosure instead of persistent software-based attacks, it works as a choice suitable for embedded devices or offline machines where physical attacks are the main threat.

为了确保密码算法实现的安全性，已经提出了几种密码密钥保护方案来防止各种内存泄漏攻击。其中，基于寄存器的方案不依赖特殊的硬件特性，具有更好的适用性。然而，由于寄存器资源的大小限制，基于寄存器的解决方案的性能比没有安全增强的传统密码系统实现要差得多。本文介绍了 RegKey，这是一种基于寄存器的ECC（椭圆曲线加密）签名算法的高效实现。与其他保护整个密码操作的方案不同，RegKey仅使用CPU寄存器来执行简单但关键的操作，大大减少了寄存器资源的使用和性能开销。为了实现这一目标，RegKey 将 ECC 签名分为两部分：(1) 作为正常实现对主内存中的非敏感数据进行复杂的椭圆曲线组操作，以及 (2) 对 CPU 寄存器内的敏感数据进行简单的素数字段操作。RegKey保证用于签名的明文私钥和随机数仅出现在寄存器中，有效抵御冷启动攻击和热启动攻击等一次性内存泄露攻击，这些攻击通常通过物理访问受害机器来获取部分内存来发起甚至整个内存数据，但仅一次。与现有的密钥保护方案相比，RegKey的性能得到了很大的提高。Regkey适用于不同的平台，因为它不依赖于特殊的CPU硬件功能。由于 RegKey 专注于一次性内存泄露而不是持续的基于软件的攻击，因此它是适合物理攻击是主要威胁的嵌入式设备或离线机器的选择。