Memory Confidentiality and Integrity Protection Method Based on Variable Length Counter

Focusing on the problem of high overhead and frequent overflow of counter mode encryption, this paper proposed an efficient scheme to protect data confidentiality and integrity. Based on the locality character of data accessing, the scheme set different counter length for memory area according to different accessing frequency and the counter length can be dynamic adjusted. The analysis and the simulation results indicated that compared with the counter mode encryption, the scheme can decrease memory space overhead and the number of overflow. The proposed scheme can be applied to other schemes of protecting confidentiality and integrity based on counters and can satisfy performance requirement for most applications.

[1]  Lionel Torres,et al.  TEC-Tree: A Low-Cost, Parallelizable Tree for Efficient Defense Against Memory Replay Attacks , 2007, CHES.

[2]  Manhee Lee,et al.  I2SEMS: Interconnects-Independent Security Enhanced Shared Memory Multiprocessor Systems , 2007, 16th International Conference on Parallel Architecture and Compilation Techniques (PACT 2007).

[3]  John Flynn,et al.  Adapting the SPEC 2000 benchmark suite for simulation-based computer architecture research , 2001 .

[4]  Brian Rogers,et al.  Single-level integrity and confidentiality protection for distributed shared memory multiprocessors , 2008, 2008 IEEE 14th International Symposium on High Performance Computer Architecture.

[5]  H.-H.S. Lee,et al.  Architectural support for high speed protection of memory integrity and confidentiality in multiprocessor systems , 2004, Proceedings. 13th International Conference on Parallel Architecture and Compilation Techniques, 2004. PACT 2004..

[6]  Brian Rogers,et al.  Efficient data protection for distributed shared memory multiprocessors , 2006, 2006 International Conference on Parallel Architectures and Compilation Techniques (PACT).

[7]  Tao Zhang,et al.  M-TREE: A high efficiency security architecture for protecting integrity and privacy of software , 2006, J. Parallel Distributed Comput..

[8]  Hsien-Hsin S. Lee,et al.  Accelerating memory decryption and authentication with frequent value prediction , 2007, CF '07.

[9]  Hsien-Hsin S. Lee,et al.  High Efficiency Counter Mode Security Architecture via Prediction and Precomputation , 2005, ISCA 2005.

[10]  G. Edward Suh,et al.  Caches and hash trees for efficient memory integrity verification , 2003, The Ninth International Symposium on High-Performance Computer Architecture, 2003. HPCA-9 2003. Proceedings..

[11]  Brian Rogers,et al.  Improving Cost, Performance, and Security of Memory Encryption and Authentication , 2006, 33rd International Symposium on Computer Architecture (ISCA'06).

[12]  Brian Rogers,et al.  Using Address Independent Seed Encryption and Bonsai Merkle Trees to Make Secure Processors OS- and Performance-Friendly , 2007, 40th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO 2007).

[13]  G. Edward Suh,et al.  Orthrus: efficient software integrity protection on multi-cores , 2010, ASPLOS 2010.

[14]  Charanjit S. Jutla,et al.  Parallelizable Authentication Trees , 2005, IACR Cryptol. ePrint Arch..

[15]  Marten van Dijk,et al.  Efficient memory integrity verification and encryption for secure processors , 2003, Proceedings. 36th Annual IEEE/ACM International Symposium on Microarchitecture, 2003. MICRO-36..

[16]  Xiangyu Zhang,et al.  SENSS: security enhancement to symmetric shared memory multiprocessors , 2005, 11th International Symposium on High-Performance Computer Architecture.

[17]  Todd M. Austin,et al.  SimpleScalar: An Infrastructure for Computer System Modeling , 2002, Computer.