AEGIS

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

AEGIS: architecture for tamper-evident and tamper-resistant processing

Full text

Pdf (287 KB)

Source

International Conference on Supercomputing archive
Proceedings of the 17th annual international conference on Supercomputing table of contents

San Francisco, CA, USA

SESSION: Processor microarchitecture II table of contents

Pages: 160 - 171

Year of Publication: 2003

ISBN:1-58113-733-8

Authors

G. Edward Suh	Massachusetts Institute of Technology, Cambridge, MA
Dwaine Clarke	Massachusetts Institute of Technology, Cambridge, MA
Blaise Gassend	Massachusetts Institute of Technology, Cambridge, MA
Marten van Dijk	Massachusetts Institute of Technology, Cambridge, MA
Srinivas Devadas	Massachusetts Institute of Technology, Cambridge, MA

Sponsors

ACM: Association for Computing Machinery
SIGARCH: ACM Special Interest Group on Computer Architecture

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 11, Downloads (12 Months): 106, Citation Count: 50

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/782814.782838 What is a DOI?

ABSTRACT

We describe the architecture for a single-chip aegis processor which can be used to build computing systems secure against both physical and software attacks. Our architecture assumes that all components external to the processor, such as memory, are untrusted. We show two different implementations. In the first case, the core functionality of the operating system is trusted and implemented in a security kernel. We also describe a variant implementation assuming an untrusted operating system.aegis provides users with tamper-evident, authenticated environments in which any physical or software tampering by an adversary is guaranteed to be detected, and private and authenticated tamper-resistant environments where additionally the adversary is unable to obtain any information about software or data by tampering with, or otherwise observing, system operation. aegis enables many applications, such as commercial grid computing, secure mobile agents, software licensing, and digital rights management.Preliminary simulation results indicate that the overhead of security mechanisms in aegis is reasonable.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Johan Agat, Transforming out timing leaks, Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.40-53, January 19-21, 2000, Boston, MA, USA [doi>10.1145/325694.325702]
	2	W. A. Arbaugh , D. J. Farber , J. M. Smith, A secure and reliable bootstrap architecture, Proceedings of the 1997 IEEE Symposium on Security and Privacy, p.65, May 04-07, 1997
	3	D. Burger and T. M. Austin. The SimpleScalar Tool Set, Version 2.0. Technical report, University of Wisconsin-Madison Computer Science Department, 1997.
	4	A. Carroll, M. Juarez, J. Polk, and T. Leininger. Microsoft "Palladium": A Business Overview. In Microsoft Content Security Business Unit, August 2002.
	5	Joris Claessens , Bart Preneel , Joos Vandewalle, (How) can mobile agents do secure electronic transactions on untrusted hosts? A survey of the security issues and the current solutions, ACM Transactions on Internet Technology (TOIT), v.3 n.1, p.28-48, February 2003 [doi>10.1145/643477.643479]
	6	W. Diffie and M. E. Hellman. New Directions in Cryptography. IEEE Transactions on Information Theory, IT-22(6):644--654, 1976.
	7	Blaise Gassend , Dwaine Clarke , Marten van Dijk , Srinivas Devadas, Silicon physical random functions, Proceedings of the 9th ACM conference on Computer and communications security, November 18-22, 2002, Washington, DC, USA [doi>10.1145/586110.586132]
	8	Blaise Gassend , G. Edward Suh , Dwaine Clarke , Marten van Dijk , Srinivas Devadas, Caches and Hash Trees for Efficient Memory Integrity Verification, Proceedings of the 9th International Symposium on High-Performance Computer Architecture, p.295, February 08-12, 2003
	9	Oded Goldreich , Rafail Ostrovsky, Software protection and simulation on oblivious RAMs, Journal of the ACM (JACM), v.43 n.3, p.431-473, May 1996 [doi>10.1145/233551.233553]
	10	John L. Henning, SPEC CPU2000: Measuring CPU Performance in the New Millennium, Computer, v.33 n.7, p.28-35, July 2000 [doi>10.1109/2.869367]
	11	Henry Kuo , Ingrid Verbauwhede, Architectural Optimization for a 1.82Gbits/sec VLSI Implementation of the AES Rijndael Algorithm, Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems, p.51-64, May 14-16, 2001
	12	David Lie Chandramohan Thekkath , Mark Mitchell , Patrick Lincoln , Dan Boneh , John Mitchell , Mark Horowitz, Architectural support for copy and tamper resistant software, Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, p.168-177, November 2000, Cambridge, Massachusetts, United States
	13	R. C. Merkle. Protocols for public key cryptography. In IEEE Symposium on Security and Privacy, pages 122--134, 1980.
	14	Andrew C. Myers, JFlow: practical mostly-static information flow control, Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.228-241, January 20-22, 1999, San Antonio, Texas, United States [doi>10.1145/292540.292561]
	15	National Institute of~Science and Technology. FIPS PUB 197: Advanced Encryption Standard (AES), November 2001.
	16	SSL and TLS: designing and building secure systems, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 2001
	17	R. L. Rivest , A. Shamir , L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, v.21 n.2, p.120-126, Feb. 1978 [doi>10.1145/359340.359342]
	18	Luis F. G. Sarmenta , Stephen A. Ward, Volunteer computing, 2001
	19	Patrick R. Schaumont , Henry Kuo , Ingrid M. Verbauwhede, Unlocking the design secrets of a 2.29 Gb/s Rijndael processor, Proceedings of the 39th conference on Design automation, June 10-14, 2002, New Orleans, Louisiana, USA [doi>10.1145/513918.514079]
	20	William Shapiro , Radek Vingralek, How to Manage Persistent State in DRM Systems, Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management, p.176-191, November 05, 2001
	21	Sean W. Smith , Steve Weingart, Building a high-performance, programmable secure coprocessor, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.31 n.9, p.831-860, April 23, 1999
	22	G. E. Suh, D. Clarke, B. Gassend, M. van Dijk, and S. Devadas. Hardware mechanisms for memory integrity checking. In Technical Report MIT-LCS-TR-872, November 2002.
	23	B. S. Yee. Using Secure Coprocessors. PhD thesis, Carnegie Mellon University, 1994.

CITED BY 50

	Weidong Shi , Hsien-Hsin S. Lee , Chenghuai Lu , Tao Zhang, Attacks and risk analysis for hardware supported software copy protection systems, Proceedings of the 4th ACM workshop on Digital rights management, October 25-25, 2004, Washington DC, USA
	John P. McGregor , Ruby B. Lee, Protecting cryptographic keys and computations via virtual secure coprocessing, ACM SIGARCH Computer Architecture News, v.33 n.1, March 2005
	Srivaths Ravi , Anand Raghunathan , Paul Kocher , Sunil Hattangady, Security in embedded systems: Design challenges, ACM Transactions on Embedded Computing Systems (TECS), v.3 n.3, p.461-491, August 2004
	Xiaotong Zhuang , Tao Zhang , Santosh Pande, HIDE: an infrastructure for efficiently protecting information leakage on the address bus, ACM SIGPLAN Notices, v.39 n.11, November 2004
	Yuanyuan Zhou , Pin Zhou , Feng Qin , Wei Liu , Josep Torrellas, Efficient and flexible architectural support for dynamic monitoring, ACM Transactions on Architecture and Code Optimization (TACO), v.2 n.1, p.3-33, March 2005
	Weidong Shi , Hsien-Hsin S. Lee , Chenghuai Lu , Mrinmoy Ghosh, Towards the issues in architectural support for protection of software execution, ACM SIGARCH Computer Architecture News, v.33 n.1, March 2005
	Youtao Zhang , Jun Yang , Yongjing Lin , Lan Gao, Architectural support for protecting user privacy on trusted processors, ACM SIGARCH Computer Architecture News, v.33 n.1, March 2005
	Srivaths Ravi , Paul Kocher , Ruby Lee , Gary McGraw , Anand Raghunathan, Security as a new dimension in embedded system design, Proceedings of the 41st annual conference on Design automation, June 07-11, 2004, San Diego, CA, USA
	Paul C. van Oorschot , Anil Somayaji , Glenn Wurster, Hardware-Assisted Circumvention of Self-Hashing Software Tamper Resistance, IEEE Transactions on Dependable and Secure Computing, v.2 n.2, p.82-92, April 2005
	Jürg Platte , Edwin Naroska, A combined hardware and software architecture for secure computing, Proceedings of the 2nd conference on Computing frontiers, May 04-06, 2005, Ischia, Italy
	Joel Coburn , Srivaths Ravi , Anand Raghunathan , Srimat Chakradhar, SECA: security-enhanced communication architecture, Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems, September 24-27, 2005, San Francisco, California, USA
	Reouven Elbaz , Lionel Torres , Gilles Sassatelli , Pierre Guillemin , Michel Bardouillet , Albert Martinez, A parallelized way to provide data encryption and integrity checking on a processor-memory bus, Proceedings of the 43rd annual conference on Design automation, July 24-28, 2006, San Francisco, CA, USA
	Weidong Shi , Hsien-Hsin S. Lee , Mrinmoy Ghosh , Chenghuai Lu, Architectural Support for High Speed Protection of Memory Integrity and Confidentiality in Multiprocessor Systems, Proceedings of the 13th International Conference on Parallel Architectures and Compilation Techniques, p.123-134, September 29-October 03, 2004
	Neil Vachharajani , Matthew J. Bridges , Jonathan Chang , Ram Rangan , Guilherme Ottoni , Jason A. Blome , George A. Reis , Manish Vachharajani , David I. August, RIFLE: An Architectural Framework for User-Centric Information-Flow Security, Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture, p.243-254, December 04-08, 2004, Portland, Oregon
	Jedidiah R. Crandall , Frederic T. Chong, Minos: Control Data Attack Prevention Orthogonal to Memory Model, Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture, p.221-232, December 04-08, 2004, Portland, Oregon
	Jedidiah R. Crandall , S. Felix Wu , Frederic T. Chong, Minos: Architectural support for protecting control data, ACM Transactions on Architecture and Code Optimization (TACO), v.3 n.4, p.359-389, December 2006
	Luis F. G. Sarmenta , Marten van Dijk , Charles W. O'Donnell , Jonathan Rhodes , Srinivas Devadas, Virtual monotonic counters and count-limited objects using a TPM without a trusted OS, Proceedings of the first ACM workshop on Scalable trusted computing, November 03-03, 2006, Alexandria, Virginia, USA
	James Hendricks , Leendert van Doorn, Secure bootstrap is not enough: shoring up the trusted computing base, Proceedings of the 11th workshop on ACM SIGOPS European workshop: beyond the PC, September 19-22, 2004, Leuven, Belgium
	Chenghuai Lu , Tao Zhang , Weidong Shi , Hsien-Hsin S. Lee, M-TREE: a high efficiency security architecture for protecting integrity and privacy of software, Journal of Parallel and Distributed Computing, v.66 n.9, p.1116-1128, September 2006
	Yunsi Fei , Z. Jerry Shi, Microarchitectural support for program code integrity monitoring in application-specific instruction set processors, Proceedings of the conference on Design, automation and test in Europe, April 16-20, 2007, Nice, France
	Blaise Gassend , Marten Van Dijk , Dwaine Clarke , Emina Torlak , Srinivas Devadas , Pim Tuyls, Controlled physical random functions and applications, ACM Transactions on Information and System Security (TISSEC), v.10 n.4, p.1-22, January 2008
	Lan Gao , Jun Yang , Marek Chrobak , Youtao Zhang , San Nguyen , Hsien-Hsin S. Lee, A low-cost memory remapping scheme for address bus protection, Proceedings of the 15th international conference on Parallel architectures and compilation techniques, September 16-20, 2006, Seattle, Washington, USA
	Weidong Shi , Hsien-Hsin S. Lee, Accelerating memory decryption and authentication with frequent value prediction, Proceedings of the 4th international conference on Computing frontiers, May 07-09, 2007, Ischia, Italy
	Divya Arora , Srivaths Ravi , Anand Raghunathan , Niraj K. Jha, Architectural support for run-time validation of program data properties, IEEE Transactions on Very Large Scale Integration (VLSI) Systems, v.15 n.5, p.546-559, May 2007
	Pin Zhou , Feng Qin , Wei Liu , Yuanyuan Zhou , Josep Torrellas, iWatcher: Efficient Architectural Support for Software Debugging, ACM SIGARCH Computer Architecture News, v.32 n.2, p.224, March 2004
	Matthias Jacob , Mariusz H. Jakubowski , Ramarathnam Venkatesan, Towards integral binary execution: implementing oblivious hashing using overlapped instruction encodings, Proceedings of the 9th workshop on Multimedia & security, September 20-21, 2007, Dallas, Texas, USA
	Weidong Shi , Hsien-Hsin S. Lee, Authentication Control Point and Its Implications For Secure Processor Design, Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture, p.103-112, December 09-13, 2006
	Ruby B. Lee , Peter C. S. Kwan , John P. McGregor , Jeffrey Dwoskin , Zhenghong Wang, Architecture for Protecting Critical Secrets in Microprocessors, ACM SIGARCH Computer Architecture News, v.33 n.2, p.2-13, May 2005
	Weidong Shi , Hsien-Hsin S. Lee , Mrinmoy Ghosh , Chenghuai Lu , Alexandra Boldyreva, High Efficiency Counter Mode Security Architecture via Prediction and Precomputation, ACM SIGARCH Computer Architecture News, v.33 n.2, p.14-24, May 2005
	G. Edward Suh , Charles W. O'Donnell , Ishan Sachdev , Srinivas Devadas, Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions, ACM SIGARCH Computer Architecture News, v.33 n.2, p.25-36, May 2005
	R. Elbaz , L. Torres , G. Sassatelli , P. Guillemin , C. Anguille , M. Bardouillet , C. Buatois , J. B. Rigaud, Hardware Engines for Bus Encryption: A Survey of Existing Techniques, Proceedings of the conference on Design, Automation and Test in Europe, p.40-45, March 07-11, 2005
	Divya Arora , Srivaths Ravi , Anand Raghunathan , Niraj K. Jha, Secure Embedded Processing through Hardware-Assisted Run-Time Monitoring, Proceedings of the conference on Design, Automation and Test in Europe, p.178-183, March 07-11, 2005
	G. Edward Suh , Dwaine Clarke , Blaise Gassend , Marten van Dijk , Srinivas Devadas, Efficient Memory Integrity Verification and Encryption for Secure Processors, Proceedings of the 36th annual IEEE/ACM International Symposium on Microarchitecture, p.339, December 03-05, 2003
	Olga Gelbart , Eugen Leontie , Bhagirath Narahari , Rahul Simha, A compiler-hardware approach to software protection for embedded systems, Computers and Electrical Engineering, v.35 n.2, p.315-328, March, 2009
	Youtao Zhang , Jun Yang , Lan Gao, Supporting flexible streaming media protection through privacy-aware secure processors, Computers and Electrical Engineering, v.35 n.2, p.286-299, March, 2009
	Marten van Dijk , Jonathan Rhodes , Luis F. G. Sarmenta , Srinivas Devadas, Offline untrusted storage with immediate detection of forking and replay attacks, Proceedings of the 2007 ACM workshop on Scalable trusted computing, November 02-02, 2007, Alexandria, Virginia, USA
	Haibo Chen , Jieyun Chen , Wenbo Mao , Fei Yan, Daonity - Grid security from two levels of virtualization, Information Security Tech. Report, v.12 n.3, p.123-138, January, 2007
	Jeffrey S. Dwoskin , Ruby B. Lee, Hardware-rooted trust for secure key management and transient trust, Proceedings of the 14th ACM conference on Computer and communications security, October 28-31, 2007, Alexandria, Virginia, USA
	Jonathan M. McCune , Bryan Parno , Adrian Perrig , Michael K. Reiter , Arvind Seshadri, How low can you go?: recommendations for hardware-supported minimal TCB code execution, ACM SIGARCH Computer Architecture News, v.36 n.1, March 2008
	Jisoo Yang , Kang G. Shin, Using hypervisor to provide data secrecy for user applications on a per-page basis, Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, March 05-07, 2008, Seattle, WA, USA
	Joe Devietti , Colin Blundell , Milo M. K. Martin , Steve Zdancewic, Hardbound: architectural support for spatial safety of the C programming language, ACM SIGARCH Computer Architecture News, v.36 n.1, March 2008
	Xi Chen , Robert P. Dick , Alok Choudhary, Operating system controlled processor-memory bus encryption, Proceedings of the conference on Design, automation and test in Europe, March 10-14, 2008, Munich, Germany
	Romain Vaslin , Guy Gogniat , Jean-Philippe Diguet , Eduardo Wanderley , Russell Tessier , Wayne Burleson, A security approach for off-chip memory in embedded microprocessor systems, Microprocessors & Microsystems, v.33 n.1, p.37-45, February, 2009
	Divya Arora , Srivaths Ravi , Anand Raghunathan , Niraj K. Jha, Hardware-assisted run-time monitoring for secure program execution on embedded processors, IEEE Transactions on Very Large Scale Integration (VLSI) Systems, v.14 n.12, p.1295-1308, December 2006
	Vikas R. Vasisht , Hsien-Hsin S. Lee, SHARK: Architectural support for autonomic protection against stealth by rootkit exploits, Proceedings of the 2008 41st IEEE/ACM International Symposium on Microarchitecture, p.106-116, November 08-12, 2008
	Siddhartha Chhabra , Brian Rogers , Yan Solihin , Milos Prvulovic, Making secure processors OS- and performance-friendly, ACM Transactions on Architecture and Code Optimization (TACO), v.5 n.4, p.1-35, March 2009
	Shuichi Ichikawa , Takashi Sawada , Hisashi Hata, Diversification of Processors Based on Redundancy in Instruction Set, IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, v.E91-A n.1, p.211-220, January 2008
	Mahadevan Gomathisankaran , Akhilesh Tyagi, Relating Boolean gate truth tables to one-way functions, Integrated Computer-Aided Engineering, v.16 n.2, p.141-150, April 2009
	Eimear Gallery , Chris J. Mitchell, Trusted Computing: Security and Applications, Cryptologia, v.33 n.3, p.217-245, July 2009
	Marko Wolf , Andre Osterhues , Christian Stueble, Secure offline superdistribution for mobile platforms, International Journal of Applied Cryptography, v.1 n.4, p.251-263, August 2009