High-efficiency protection solution for off-chip memory in embedded systems

This paper proposes a complete hardware solution for embedded systems that fully protects off-chip memory. Our security core is based on one-time pad (OTP) encryption and a CRC32 integrity check module. These modules safeguard external memories for embedded processors against a series of well-known attacks, including replay attacks, spoofing attacks and relocation attacks. The implementation limits memory space overhead to about 18.75% and reduces memory latency from 14 cycles for a alternate approach to 3 clock cycles. A FPGA-based implementation of the security core has been completed to gauge the security overhead and to compare our approach with existing solutions.

[1]  Lionel Torres,et al.  A parallelized way to provide data encryption and integrity checking on a processor-memory bus , 2006, 2006 43rd ACM/IEEE Design Automation Conference.

[2]  G. Edward Suh,et al.  Design and implementation of the AEGIS single-chip secure processor using physical random functions , 2005, 32nd International Symposium on Computer Architecture (ISCA'05).

[3]  G. Edward Suh,et al.  AEGIS: architecture for tamper-evident and tamper-resistant processing , 2003 .

[4]  Dan Boneh,et al.  Architectural Support For Copy And Tamper-Resistant Software PhD Thesis , 2003 .

[5]  Tilman Wolf,et al.  Reconfigurable Security Support for Embedded Systems , 2006, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06).

[6]  Mark Horowitz,et al.  Implementing an untrusted operating system on trusted hardware , 2003, SOSP '03.

[7]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[8]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[9]  Marten van Dijk,et al.  Efficient memory integrity verification and encryption for secure processors , 2003, Proceedings. 36th Annual IEEE/ACM International Symposium on Microarchitecture, 2003. MICRO-36..

[10]  Tom Martin,et al.  Mobile phones as computing devices: the viruses are coming! , 2004, IEEE Pervasive Computing.