CryptoPage: An Efficient Secure Architecture with Memory Encryption, Integrity and Information Leakage Protection

Several secure computing hardware architectures using memory encryption and memory integrity checkers have been proposed during the past few years to provide applications with a tamper resistant environment. Some solutions, such as Hide, have also been proposed to solve the problem of information leakage on the address bus. We propose the CryptoPage architecture which implements memory encryption, memory integrity protection checking and information leakage protection together with a low performance penalty (3% slowdown on average) by combining the counter mode of operation, local authentication values and Merkle trees

[1]  Ronan Keryell CryptoPage-2 : un processeur sØcurisØ contre le rejeu , 2003 .

[2]  G. Edward Suh,et al.  Design and implementation of the AEGIS single-chip secure processor using physical random functions , 2005, 32nd International Symposium on Computer Architecture (ISCA'05).

[3]  John L. Henning SPEC CPU2000: Measuring CPU Performance in the New Millennium , 2000, Computer.

[4]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[5]  Andrew Huang,et al.  Keeping Secrets in Hardware: The Microsoft Xbox™ Case Study , 2002, CHES.

[6]  Tao Zhang,et al.  HIDE: an infrastructure for efficiently protecting information leakage on the address bus , 2004, ASPLOS XI.

[7]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[8]  Mark Horowitz,et al.  Implementing an untrusted operating system on trusted hardware , 2003, SOSP '03.

[9]  G. Edward Suh,et al.  Caches and hash trees for efficient memory integrity verification , 2003, The Ninth International Symposium on High-Performance Computer Architecture, 2003. HPCA-9 2003. Proceedings..

[10]  Dan Boneh,et al.  Architectural support for copy and tamper resistant software , 2000, SIGP.

[11]  Brian Rogers,et al.  Improving Cost, Performance, and Security of Memory Encryption and Authentication , 2006, 33rd International Symposium on Computer Architecture (ISCA'06).

[12]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[13]  Mihir Bellare,et al.  A concrete security treatment of symmetric encryption , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[14]  Hsien-Hsin S. Lee,et al.  High efficiency counter mode security architecture via prediction and precomputation , 2005, 32nd International Symposium on Computer Architecture (ISCA'05).

[15]  Cédric Lauradoux,et al.  CryptoPage : Support matériel pour cryptoprocessus , 2005, Tech. Sci. Informatiques.

[16]  Todd M. Austin,et al.  SimpleScalar: An Infrastructure for Computer System Modeling , 2002, Computer.

[17]  Dwaine E. Clarke,et al.  Towards constant bandwidth overhead integrity checking of untrusted data , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[18]  D. McGrew,et al.  The Galois/Counter Mode of Operation (GCM) , 2005 .

[19]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[20]  G. Edward Suh,et al.  AEGIS: architecture for tamper-evident and tamper-resistant processing , 2003, ICS.

[21]  Chanathip Namprempre,et al.  Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm , 2000, Journal of Cryptology.