Guaranteeing memory integrity in secure processors with Dynamic Trees

Due to the widespread software copyright violations (piracy, reverse engineering and tampering), significant efforts have been made to protect applications from host attacks. With the advent of open operating systems like Linux, it is has become even easier for adversaries to hack the OS and inflict such attacks. As a result, it is becoming increasingly difficult to trust OS for protecting software copyrights. Recently, an eXecution Only Memory (XOM) architecture has been proposed to support copy and tamper resistant software, where the program and data are stored in encrypted format outside the CPU boundary and decrypted just before being executed by the CPU. XOM uses a memory integrity verification scheme that can protect it against spoofing and splicing attacks but cannot protect it against replay attacks. In this report, we present an efficient memory-integrity verification scheme called Dynamic-Trees (or D-Trees), which eliminates these kinds of attacks and provides an efficient implementation. Dtrees create a recursive tree structure with multiple root nodes and eliminates many short-comings (higher latency for updates and limited arity) in Merkle trees. This report also presents a brief survey of existing schemes proposed to improve Merkle trees and their relative advantages and disadvantages.

[1]  Butler W. Lampson,et al.  A Trusted Open Platform , 2003, Computer.

[2]  G. Edward Suh,et al.  AEGIS: architecture for tamper-evident and tamper-resistant processing , 2003 .

[3]  Jun Yang,et al.  Fast Secure Processor for Inhibiting Software Piracy and Tampering , 2003, MICRO.

[4]  CRISPIN COWAN,et al.  Software Security for Open-Source Systems , 2003, IEEE Secur. Priv..

[5]  Tal Garfinkel,et al.  Terra: a virtual machine-based platform for trusted computing , 2003, SOSP '03.

[6]  Mark Horowitz,et al.  Specifying and verifying hardware for tamper-resistant software , 2003, 2003 Symposium on Security and Privacy, 2003..

[7]  P. V. Oorschot Overview of Cryptography , .

[8]  Marten van Dijk,et al.  Efficient memory integrity verification and encryption for secure processors , 2003, Proceedings. 36th Annual IEEE/ACM International Symposium on Microarchitecture, 2003. MICRO-36..

[9]  Dan Boneh,et al.  Architectural Support For Copy And Tamper-Resistant Software PhD Thesis , 2003 .

[10]  G. Edward Suh,et al.  Caches and hash trees for efficient memory integrity verification , 2003, The Ninth International Symposium on High-Performance Computer Architecture, 2003. HPCA-9 2003. Proceedings..

[11]  David M'Raïhi,et al.  Cryptographic smart cards , 1996, IEEE Micro.

[12]  Christian S. Collberg,et al.  Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection , 2002, IEEE Trans. Software Eng..