Calendar

Current Events

3.30

Creating a Sustainable Society

3.16

Sustainable Energy Engineering

2.28

National Science Foundation Day

2.17

Reformulation-Based Approaches to Query Optimization

2.15

FREEDM Day

2.10

WEST: Cloning Data Cache Behavior using Stochastic Traces

2.09

Computer Vision and Image Analysis in the Study of Art

2.08

GSA Social

2.03

Skewed functional processes and their applications

Using Address Independent Seed Encryption and Bonsai Merkle Trees to Make Secure Processors OS- and Performance-Friendly

Abstract:

In today's digital world, computer security issues have become increasingly important. In particular, researchers have proposed designs for secure processors which utilize hardware-based memory encryption and integrity verification to protect the privacy and integrity of computations even from sophisticated physical attacks. However, currently proposed schemes remain hampered by problems that make them impractical for use in today's computer systems such as lack of virtual memory and Inter-Process Communication support as well as excessive storage and performance overheads. In this paper, we propose 1) Address Independent Seed Encryption (AISE), a counter-mode based memory encryption scheme using a novel seed composition, and 2) Bonsai Merkle Trees (BMT), a novel Merkle Tree-based memory integrity verification technique, to eliminate these system and performance issues associated with prior counter-mode memory encryption and Merkle Tree integrity verification schemes. We present both a qualitative discussion and quantitative analysis to illustrate the advantages of our techniques over previously proposed approaches in terms of both complexity and feasibility as well as performance and storage. Our results show that AISE+BMT reduces the overhead of prior memory encryption and integrity verification schemes from 12% to 2% on average, while eliminating their critical system-level problems.