Improving virus protection with an efficient secure architecture with memory encryption, integrity and information leakage protection

Malicious software and other attacks are a major concern in the computing ecosystem and there is a need to go beyond the answers based on untrusted software. Trusted and secure computing can add a new hardware dimension to software protection. Several secure computing hardware architectures using memory encryption and memory integrity checkers have been proposed during the past few years to provide applications with a tamper resistant environment. Some solutions, such as HIDE, have also been proposed to solve the problem of information leakage on the address bus. We propose the CRYPTOPAGE architecture which implements memory encryption, memory integrity protection checking and information leakage protection together with a low performance penalty (3% slowdown on average) by combining the Counter Mode of operation, local authentication values and MERKLE trees. It has also several other security features such as attestation, secure storage for applications and program identification. We present some applications of the CRYPTOPAGE architecture in the computer virology field as a proof of concept of improving security in presence of viruses compared to software only solutions.

[1]  Sean W. Smith Trusted Computing Platforms - Design and Applications , 2005 .

[2]  Cédric Lauradoux,et al.  CryptoPage : Support matériel pour cryptoprocessus , 2005, Tech. Sci. Informatiques.

[3]  John L. Henning SPEC CPU2000: Measuring CPU Performance in the New Millennium , 2000, Computer.

[4]  Tao Zhang,et al.  HIDE: an infrastructure for efficiently protecting information leakage on the address bus , 2004, ASPLOS XI.

[5]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[6]  Simon Heron,et al.  Encryption: Advanced Encryption Standard (AES) , 2009 .

[7]  Mark Horowitz,et al.  Implementing an untrusted operating system on trusted hardware , 2003, SOSP '03.

[8]  Andrew Huang,et al.  Keeping Secrets in Hardware: The Microsoft Xbox™ Case Study , 2002, CHES.

[9]  Morris J. Dworkin,et al.  SP 800-38A 2001 edition. Recommendation for Block Cipher Modes of Operation: Methods and Techniques , 2001 .

[10]  Ronan Keryell CryptoPage-2 : un processeur sØcurisØ contre le rejeu , 2003 .

[11]  Todd M. Austin,et al.  SimpleScalar: An Infrastructure for Computer System Modeling , 2002, Computer.

[12]  Ronan Keryell,et al.  CryptoPage: An Efficient Secure Architecture with Memory Encryption, Integrity and Information Leakage Protection , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[13]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[14]  G. Edward Suh,et al.  AEGIS: architecture for tamper-evident and tamper-resistant processing , 2003, ICS.

[15]  Sean W. Smith,et al.  Building a high-performance, programmable secure coprocessor , 1999, Comput. Networks.

[16]  Ronan Keryell,et al.  CryptoPage. Une architecture efficace combinant chiffrement, intégrité mémoire et protection contre les fuites d'informations permettant du calcul distribué sr , 2008, Tech. Sci. Informatiques.

[17]  Markus G. Kuhn,et al.  Cipher Instruction Search Attack on the Bus-Encryption Security Microcontroller DS5002FP , 1998, IEEE Trans. Computers.

[18]  G. Edward Suh,et al.  Design and implementation of the AEGIS single-chip secure processor using physical random functions , 2005, 32nd International Symposium on Computer Architecture (ISCA'05).

[19]  李幼升,et al.  Ph , 1989 .

[20]  G. Edward Suh,et al.  Caches and hash trees for efficient memory integrity verification , 2003, The Ninth International Symposium on High-Performance Computer Architecture, 2003. HPCA-9 2003. Proceedings..

[21]  Dan Boneh,et al.  Architectural support for copy and tamper resistant software , 2000, SIGP.