The address sequence on the processor-memory bus can reveal abundant information about the control flow of a program. This can lead to critical information leakage such as encryption keys or proprietary algorithms. Addresses can be observed by attaching a hardware device on the bus that passively monitors the bus transaction. Such side-channel attacks should be given rising attention especially in a distributed computing environment, where remote servers running sensitive programs are not within the physical control of the client.Two previously proposed hardware techniques tackled this problem through randomizing address patterns on the bus. One proposal permutes a set of contiguous memory blocks under certain conditions, while the other approach randomly swaps two blocks when necessary. In this paper, we present an anatomy of these attempts and show that they impose great pressure on both the memory and the disk. This leaves them less scalable in high-performance systems where the bandwidth of the bus and memory are critical resources. We propose a lightweight solution to alleviating the pressure without compromising the security strength. The results show that our technique can reduce the memory traffic by a factor of 10 compared with the prior scheme, while keeping almost the same page fault rate as a baseline system with no security protection.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	DS5002FP secure microprocessor chip data sheet.
	2	http://www.buyya.com/ecogrid.
	3	http://www.micron.com.
	4	http://www.modchip.com.
	5	2.5-inch enterprise disc drives. Technology Paper, Feb 2005.
	6	IA-32 Intel Architecture Software Developer's Manual, Vol. 3A, Part 1. ftp://download.intel.com/design/Pentium4/manuals/25366818.pdf, Jan 2006.
	7	T. M. Austin. The SimpleScalar Toolset. http://www.simplescalar.com, Simplescalar LLC.
	8	Boaz Barak , Oded Goldreich , Russell Impagliazzo , Steven Rudich , Amit Sahai , Salil P. Vadhan , Ke Yang, On the (Im)possibility of Obfuscating Programs, Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, p.1-18, August 19-23, 2001
	9	C. Collberg, C. Thomborson, and D. Low. A taxonomy of obfuscating transformations. Technical Report 148, University of Auckland, 1997.
	10	Vinodh Cuppu , Bruce Jacob , Brian Davis , Trevor Mudge, High-Performance DRAMs in Workstation Environments, IEEE Transactions on Computers, v.50 n.11, p.1133-1153, November 2001  [doi>10.1109/12.966491]
	11	Vinodh Cuppu , Bruce Jacob , Brian Davis , Trevor Mudge, A performance comparison of contemporary DRAM architectures, Proceedings of the 26th annual international symposium on Computer architecture, p.222-233, May 01-04, 1999, Atlanta, Georgia, United States
	12	Blaise Gassend , G. Edward Suh , Dwaine Clarke , Marten van Dijk , Srinivas Devadas, Caches and Hash Trees for Efficient Memory Integrity Verification, Proceedings of the 9th International Symposium on High-Performance Computer Architecture, p.295, February 08-12, 2003
	13	O. Goldreich, Towards a theory of software protection and simulation by oblivious RAMs, Proceedings of the nineteenth annual ACM conference on Theory of computing, p.182-194, January 1987, New York, New York, United States  [doi>10.1145/28395.28416]
	14	Oded Goldreich , Rafail Ostrovsky, Software protection and simulation on oblivious RAMs, Journal of the ACM (JACM), v.43 n.3, p.431-473, May 1996  [doi>10.1145/233551.233553]
	15	Paul C. Kocher, Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems, Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, p.104-113, August 18-22, 1996
	16	M. G. Kuhn. The trustno1 cryptoprocessor concept. Technical Report CS555 Report, Purdue University, 1997.
	17	Markus G. Kuhn, Cipher Instruction Search Attack on the Bus-Encryption Security Microcontroller DS5002FP, IEEE Transactions on Computers, v.47 n.10, p.1153-1157, October 1998  [doi>10.1109/12.729797]
	18	David Lie Chandramohan Thekkath , Mark Mitchell , Patrick Lincoln , Dan Boneh , John Mitchell , Mark Horowitz, Architectural support for copy and tamper resistant software, Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, p.168-177, November 2000, Cambridge, Massachusetts, United States
	19	C. McClure. Software reuse planning by way of domain analysis. Technical Paper, Extended Intelligence, Inc. http://www.reusability.com.
	20	Ashwini Nanda , Kwok-Ken Mak , Krishnan Sugarvanam , Ramendra K. Sahoo , Vijayaraghavan Soundarararjan , T. Basil Smith, MemorIES3: a programmable, real-time hardware emulation tool for multiprocessor server design, Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, p.37-48, November 2000, Cambridge, Massachusetts, United States
	21	D. A. Osvik, A. Shamir, and E. Tromer. Cache attacks and countermeasures: the case of aes. In RSA Conference, February 2006.
	22	C. Percival. Cache missing for fun and profit. In BSDCan 2005, 2005.
	23	Xiaogang Qiu , Michel Dubois, Towards Virtually-Addressed Memory Hierarchies, Proceedings of the 7th International Symposium on High-Performance Computer Architecture, p.51, January 20-24, 2001
	24	Xiaogang Qiu , Michel Dubois, Tolerating Late Memory Traps in Dynamically Scheduled Processors, IEEE Transactions on Computers, v.53 n.6, p.732-743, June 2004  [doi>10.1109/TC.2004.18]
	25	Xiaogang Qiu , Michel Dubois, Moving Address Translation Closer to Memory in Distributed Shared-Memory Multiprocessors, IEEE Transactions on Parallel and Distributed Systems, v.16 n.7, p.612-623, July 2005  [doi>10.1109/TPDS.2005.84]
	26	Weidong Shi , Hsien-Hsin S. Lee , Mrinmoy Ghosh , Chenghuai Lu , Alexandra Boldyreva, High Efficiency Counter Mode Security Architecture via Prediction and Precomputation, Proceedings of the 32nd annual international symposium on Computer Architecture, p.14-24, June 04-08, 2005
	27	G. Edward Suh , Dwaine Clarke , Blaise Gassend , Marten van Dijk , Srinivas Devadas, AEGIS: architecture for tamper-evident and tamper-resistant processing, Proceedings of the 17th annual international conference on Supercomputing, June 23-26, 2003, San Francisco, CA, USA  [doi>10.1145/782814.782838]
	28	G. Edward Suh , Dwaine Clarke , Blaise Gassend , Marten van Dijk , Srinivas Devadas, Efficient Memory Integrity Verification and Encryption for Secure Processors, Proceedings of the 36th annual IEEE/ACM International Symposium on Microarchitecture, p.339, December 03-05, 2003
	29	Chenxi Wang , John Knight, A security architecture for survivability mechanisms, 2001
	30	Jun Yang , Youtao Zhang , Lan Gao, Fast Secure Processor for Inhibiting Software Piracy and Tampering, Proceedings of the 36th annual IEEE/ACM International Symposium on Microarchitecture, p.351, December 03-05, 2003
	31	Youtao Zhang , Lan Gao , Jun Yang , Xiangyu Zhang , Rajiv Gupta, SENSS: Security Enhancement to Symmetric Shared Memory Multiprocessors, Proceedings of the 11th International Symposium on High-Performance Computer Architecture, p.352-362, February 12-16, 2005  [doi>10.1109/HPCA.2005.31]
	32	Xiaotong Zhuang , Tao Zhang , Hsien-Hsin S. Lee , Santosh Pande, Hardware assisted control flow obfuscation for embedded processors, Proceedings of the 2004 international conference on Compilers, architecture, and synthesis for embedded systems, September 22-25, 2004, Washington DC, USA  [doi>10.1145/1023833.1023873]
	33	Xiaotong Zhuang , Tao Zhang , Santosh Pande, HIDE: an infrastructure for efficiently protecting information leakage on the address bus, Proceedings of the 11th international conference on Architectural support for programming languages and operating systems, October 07-13, 2004, Boston, MA, USA