Friday, February 16, 2018

Details of the pipeline structure

The whole principle of controlling the pipeline is that all protocols are small compiled object, known and their memory access never leaves the span of the code, all data is immediate.  The exceptions are the kernel calls to kernel stubs also known code and also coexisting in the pipeline.

Keys, all of them, public and private ae in a section of the pipeline and when the kernel needs to context switch, the secret keys are encrypted, and the pipeline control exits the pipeline, leaving it to standardcontext switch.

The entire resource cost depends entirely on the nature of outside calls to the notaries and the pits. But no protocol will stall any other independent protocol, all of them contiguous and coexisting the pipeline.

So the exchange with the notaries is strictly an external delay imposed, by choice, within the protocol.

The processor's secret key

One can see security depends on the kernel having access to the secret key only when under pipeline control. otherwise the key is buried in an inaccessible hardware register.  The processor has to enforce his with microcode, and we don't have that,yet.  

But we can simulate it.  The point being the secret key is used only in the pipeline with public code that is checkable by the notaries.

No comments: