ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Efficient Memory Integrity Verification and Encryption for Secure Processors
Full text PdfPdf (307 KB)
Source International Symposium on Microarchitecture archive
Proceedings of the 36th annual IEEE/ACM International Symposium on Microarchitecture table of contents
Page: 339  
Year of Publication: 2003
ISBN:0-7695-2043-X
Authors
G. Edward Suh  MIT Computer Science and Artificial Intelligence Laboratory, Cambridge, MA, USA
Dwaine Clarke  MIT Computer Science and Artificial Intelligence Laboratory, Cambridge, MA, USA
Blaise Gassend  MIT Computer Science and Artificial Intelligence Laboratory, Cambridge, MA, USA
Marten van Dijk  MIT Computer Science and Artificial Intelligence Laboratory, Cambridge, MA, USA
Srinivas Devadas  MIT Computer Science and Artificial Intelligence Laboratory, Cambridge, MA, USA
Sponsor
SIGMICRO: ACM Special Interest Group on Microarchitectural Research and Processing
Publisher
IEEE Computer Society  Washington, DC, USA
Bibliometrics
Downloads (6 Weeks): 10,   Downloads (12 Months): 78,   Citation Count: 27
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  

ABSTRACT

Secure processors enable new sets of applications suchas commercial grid computing, software copy-protection,and secure mobile agents by providing security from bothphysical and software attacks. This paper proposes newhardware mechanisms for memory integrity verification andencryption, which are two key primitives required in single-chipsecure processors. The integrity verification mechanismoffers significant performance advantages over existingones when the checks are infrequent as in grid computingapplications. The encryption mechanism improves theperformance in all cases.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Ross J. Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems, John Wiley & Sons, Inc., New York, NY, 2001
 
2
Manuel Blum , Will Evans , Peter Gemmell , Sampath Kannan , Moni Naor, Checking the correctness of memories, Proceedings of the 32nd annual symposium on Foundations of computer science, p.90-99, September 1991, San Juan, Puerto Rico  [doi>10.1109/SFCS.1991.185352]
 
3
[3] D. Burger and T. M. Austin. The SimpleScalar Tool Set, Version 2.0. Technical report, University of Wisconsin-Madison Computer Science Department, 1997.
 
4
[4] A. Carroll, M. Juarez, J. Polk, and T. Leininger. Microsoft "Palladium": A Business Overview. In Microsoft Content Security Business Unit, August 2002.
5
Joris Claessens , Bart Preneel , Joos Vandewalle, (How) can mobile agents do secure electronic transactions on untrusted hosts? A survey of the security issues and the current solutions, ACM Transactions on Internet Technology (TOIT), v.3 n.1, p.28-48, February 2003  [doi>10.1145/643477.643479]
 
6
[6] D. Clarke, S. Devadas, M. van Dijk, B. Gassend, and G. E. Suh. Incremental multiset hash functions and their application to memory integrity checking. In Asiacrypt 2003 Proceedings , November 2003.
 
7
D. Eastlake, 3rd , P. Jones, US Secure Hash Algorithm 1 (SHA1), RFC Editor, 2001
8
Blaise Gassend , Dwaine Clarke , Marten van Dijk , Srinivas Devadas, Silicon physical random functions, Proceedings of the 9th ACM conference on Computer and communications security, November 18-22, 2002, Washington, DC, USA  [doi>10.1145/586110.586132]
 
9
Blaise Gassend , G. Edward Suh , Dwaine Clarke , Marten van Dijk , Srinivas Devadas, Caches and Hash Trees for Efficient Memory Integrity Verification, Proceedings of the 9th International Symposium on High-Performance Computer Architecture, p.295, February 08-12, 2003
 
10
John L. Henning, SPEC CPU2000: Measuring CPU Performance in the New Millennium, Computer, v.33 n.7, p.28-35, July 2000  [doi>10.1109/2.869367]
 
11
Henry Kuo , Ingrid Verbauwhede, Architectural Optimization for a 1.82Gbits/sec VLSI Implementation of the AES Rijndael Algorithm, Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems, p.51-64, May 14-16, 2001
12
David Lie Chandramohan Thekkath , Mark Mitchell , Patrick Lincoln , Dan Boneh , John Mitchell , Mark Horowitz, Architectural support for copy and tamper resistant software, Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, p.168-177, November 2000, Cambridge, Massachusetts, United States
 
13
[13] H. Lipmaa, P. Rogaway, and D. Wagner. Comments to NIST concerning AES-modes of operations: CTR-mode encryption. In Symmetric Key Block Cipher Modes of Operation Workshop, Baltimore, Maryland, USA, 2000.
 
14
[14] R. C. Merkle. Protocols for public key cryptography. In IEEE Symposium on Security and Privacy, pages 122-134, 1980.
15
J. Naor , M. Naor, Small-bias probability spaces: efficient constructions and applications, Proceedings of the twenty-second annual ACM symposium on Theory of computing, p.213-223, May 13-17, 1990, Baltimore, Maryland, United States  [doi>10.1145/100216.100244]
 
16
[16] N. I. of Science and Technology. FIPS PUB 197: Advanced Encryption Standard (AES), November 2001.
 
17
R. Rivest, The MD5 Message-Digest Algorithm, RFC Editor, 1992
 
18
[18] R. L. Rivest. The RC5 Encryption Algorithm, from Dr. Dobb's Journal, January, 1995. In William Stallings, Practical Cryptography for Data Internetworks, IEEE Computer Society Press, 1996. 1996.
19
Patrick R. Schaumont , Henry Kuo , Ingrid M. Verbauwhede, Unlocking the design secrets of a 2.29 Gb/s Rijndael processor, Proceedings of the 39th conference on Design automation, June 10-14, 2002, New Orleans, Louisiana, USA  [doi>10.1145/513918.514079]
 
20
Sean W. Smith , Steve Weingart, Building a high-performance, programmable secure coprocessor, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.31 n.9, p.831-860, April 23, 1999
21
G. Edward Suh , Dwaine Clarke , Blaise Gassend , Marten van Dijk , Srinivas Devadas, AEGIS: architecture for tamper-evident and tamper-resistant processing, Proceedings of the 17th annual international conference on Supercomputing, June 23-26, 2003, San Francisco, CA, USA  [doi>10.1145/782814.782838]
 
22
[22] B. S. Yee. Using Secure Coprocessors. PhD thesis, Carnegie Mellon University, 1994.

CITED BY  27
Weidong Shi , Hsien-Hsin S. Lee , Chenghuai Lu , Tao Zhang, Attacks and risk analysis for hardware supported software copy protection systems, Proceedings of the 4th ACM workshop on Digital rights management, October 25-25, 2004, Washington DC, USA
Xiaotong Zhuang , Tao Zhang , Hsien-Hsin S. Lee , Santosh Pande, Hardware assisted control flow obfuscation for embedded processors, Proceedings of the 2004 international conference on Compilers, architecture, and synthesis for embedded systems, September 22-25, 2004, Washington DC, USA
Xiaotong Zhuang , Tao Zhang , Santosh Pande, HIDE: an infrastructure for efficiently protecting information leakage on the address bus, ACM SIGPLAN Notices, v.39 n.11, November 2004
Weidong Shi , Hsien-Hsin S. Lee , Chenghuai Lu , Mrinmoy Ghosh, Towards the issues in architectural support for protection of software execution, ACM SIGARCH Computer Architecture News, v.33 n.1, March 2005
Jun Yang , Lan Gao , Youtao Zhang, Improving Memory Encryption Performance in Secure Processors, IEEE Transactions on Computers, v.54 n.5, p.630-640, May 2005
Youtao Zhang , Jun Yang , Yongjing Lin , Lan Gao, Architectural support for protecting user privacy on trusted processors, ACM SIGARCH Computer Architecture News, v.33 n.1, March 2005
Brian Rogers , Yan Solihin , Milos Prvulovic, Memory predecryption: hiding the latency overhead of memory encryption, ACM SIGARCH Computer Architecture News, v.33 n.1, March 2005
Taeho Kgil , Laura Falk , Trevor Mudge, ChipLock: support for secure microarchitectures, ACM SIGARCH Computer Architecture News, v.33 n.1, March 2005
Reouven Elbaz , Lionel Torres , Gilles Sassatelli , Pierre Guillemin , Michel Bardouillet , Albert Martinez, A parallelized way to provide data encryption and integrity checking on a processor-memory bus, Proceedings of the 43rd annual conference on Design automation, July 24-28, 2006, San Francisco, CA, USA
Weidong Shi , Hsien-Hsin S. Lee , Mrinmoy Ghosh , Chenghuai Lu, Architectural Support for High Speed Protection of Memory Integrity and Confidentiality in Multiprocessor Systems, Proceedings of the 13th International Conference on Parallel Architectures and Compilation Techniques, p.123-134, September 29-October 03, 2004
Nathan Tuck , Brad Calder , George Varghese, Hardware and Binary Modification Support for Code Pointer Protection From Buffer Overflow, Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture, p.209-220, December 04-08, 2004, Portland, Oregon
Chenghuai Lu , Tao Zhang , Weidong Shi , Hsien-Hsin S. Lee, M-TREE: a high efficiency security architecture for protecting integrity and privacy of software, Journal of Parallel and Distributed Computing, v.66 n.9, p.1116-1128, September 2006
Lan Gao , Jun Yang , Marek Chrobak , Youtao Zhang , San Nguyen , Hsien-Hsin S. Lee, A low-cost memory remapping scheme for address bus protection, Proceedings of the 15th international conference on Parallel architectures and compilation techniques, September 16-20, 2006, Seattle, Washington, USA
Brian Rogers , Milos Prvulovic , Yan Solihin, Efficient data protection for distributed shared memory multiprocessors, Proceedings of the 15th international conference on Parallel architectures and compilation techniques, September 16-20, 2006, Seattle, Washington, USA
Weidong Shi , Hsien-Hsin S. Lee, Accelerating memory decryption and authentication with frequent value prediction, Proceedings of the 4th international conference on Computing frontiers, May 07-09, 2007, Ischia, Italy
Chenyu Yan , Daniel Englender , Milos Prvulovic , Brian Rogers , Yan Solihin, Improving Cost, Performance, and Security of Memory Encryption and Authentication, ACM SIGARCH Computer Architecture News, v.34 n.2, p.179-190, May 2006
Weidong Shi , Hsien-Hsin S. Lee, Authentication Control Point and Its Implications For Secure Processor Design, Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture, p.103-112, December 09-13, 2006
Ruby B. Lee , Peter C. S. Kwan , John P. McGregor , Jeffrey Dwoskin , Zhenghong Wang, Architecture for Protecting Critical Secrets in Microprocessors, ACM SIGARCH Computer Architecture News, v.33 n.2, p.2-13, May 2005
Weidong Shi , Hsien-Hsin S. Lee , Mrinmoy Ghosh , Chenghuai Lu , Alexandra Boldyreva, High Efficiency Counter Mode Security Architecture via Prediction and Precomputation, ACM SIGARCH Computer Architecture News, v.33 n.2, p.14-24, May 2005
G. Edward Suh , Charles W. O'Donnell , Ishan Sachdev , Srinivas Devadas, Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions, ACM SIGARCH Computer Architecture News, v.33 n.2, p.25-36, May 2005
Tao Zhang , Xiaotong Zhuang , Santosh Pande, Building Intrusion-Tolerant Secure Software, Proceedings of the international symposium on Code generation and optimization, p.255-266, March 20-23, 2005
Youtao Zhang , Jun Yang , Lan Gao, Supporting flexible streaming media protection through privacy-aware secure processors, Computers and Electrical Engineering, v.35 n.2, p.286-299, March, 2009
Haibo Chen , Jieyun Chen , Wenbo Mao , Fei Yan, Daonity - Grid security from two levels of virtualization, Information Security Tech. Report, v.12 n.3, p.123-138, January, 2007
G. Edward Suh , Charles W. O'Donnell , Srinivas Devadas, Aegis: A Single-Chip Secure Processor, IEEE Design & Test, v.24 n.6, p.570-580, November 2007
Romain Vaslin , Guy Gogniat , Jean-Philippe Diguet , Eduardo Wanderley , Russell Tessier , Wayne Burleson, A security approach for off-chip memory in embedded microprocessor systems, Microprocessors & Microsystems, v.33 n.1, p.37-45, February, 2009
Siddhartha Chhabra , Brian Rogers , Yan Solihin , Milos Prvulovic, Making secure processors OS- and performance-friendly, ACM Transactions on Architecture and Code Optimization (TACO), v.5 n.4, p.1-35, March 2009
Shuichi Ichikawa , Takashi Sawada , Hisashi Hata, Diversification of Processors Based on Redundancy in Instruction Set, IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, v.E91-A n.1, p.211-220, January 2008

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General
          Subjects: Security and protection (e.g., firewalls)

Additional Classification:
  B. Hardware
  B.7 INTEGRATED CIRCUITS
      B.7.1 Types and Design Styles
          Subjects: Algorithms implemented in hardware; Memory technologies


General Terms:
Design, Performance, Reliability, Security

Collaborative Colleagues:
G. Edward Suh: colleagues
Dwaine Clarke: colleagues
Blaise Gassend: colleagues
Marten van Dijk: colleagues
Srinivas Devadas: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player