Feasibility study of dynamic Trusted Platform Module

A Trusted Platform Module (TPM) authenticates general purpose computing platforms. This is done by taking platform integrity measurement and comparing it with a precomputed value at boot-time. Existing TPM architectures do not support run-time integrity checking of a program on the platform. Attackers can modify the program after it has been verified at the Time Of Check (TOC) and before its Time Of Use (TOU). In this paper we study the feasibility of integrating a dynamic on-chip TPM (DTPM) into the core processor pipeline to protect against TOCTOU attacks. We explore the challenges involved in designing DTPM and describe techniques to improve its performance. The proposed DTPM has 2.5% area overhead and 18% performance impact when compared to a single processor core without DTPM.

[1]  Zhou Tong,et al.  An efficient ASIC implementation of SHA-1 engine for TPM , 2004, The 2004 IEEE Asia-Pacific Conference on Circuits and Systems, 2004. Proceedings..

[2]  Alok N. Choudhary,et al.  CODESSEAL: Compiler/FPGA Approach to Secure Applications , 2005, ISI.

[3]  Quinn Jacobson,et al.  Trace processors , 1997, Proceedings of 30th Annual International Symposium on Microarchitecture.

[4]  Gabriel H. Loh,et al.  Zesto: A cycle-level simulator for highly detailed microarchitecture exploration , 2009, 2009 IEEE International Symposium on Performance Analysis of Systems and Software.

[5]  John Paul Shen,et al.  Processor Control Flow Monitoring Using Signatured Instruction Streams , 1987, IEEE Transactions on Computers.

[6]  Sergey Bratus,et al.  TOCTOU, Traps, and Trusted Computing , 2008, TRUST.

[7]  Ruby B. Lee,et al.  Runtime execution monitoring (REM) to detect and prevent malicious code execution , 2004, IEEE International Conference on Computer Design: VLSI in Computers and Processors, 2004. ICCD 2004. Proceedings..

[8]  G. Edward Suh,et al.  Caches and hash trees for efficient memory integrity verification , 2003, The Ninth International Symposium on High-Performance Computer Architecture, 2003. HPCA-9 2003. Proceedings..

[9]  David A. Patterson,et al.  Computer Architecture: A Quantitative Approach , 1969 .

[10]  Donald Yeung,et al.  BioBench: A Benchmark Suite of Bioinformatics Applications , 2005, IEEE International Symposium on Performance Analysis of Systems and Software, 2005. ISPASS 2005..