Cipher Instruction Search Attack on the Bus-Encryption Security Microcontroller DS5002FP
IEEE Transactions on Computers
Caches and Hash Trees for Efficient Memory Integrity Verification
HPCA '03 Proceedings of the 9th International Symposium on High-Performance Computer Architecture
Security as a new dimension in embedded system design
Proceedings of the 41st annual Design Automation Conference
Improving Cost, Performance, and Security of Memory Encryption and Authentication
Proceedings of the 33rd annual international symposium on Computer Architecture
A parallelized way to provide data encryption and integrity checking on a processor-memory bus
Proceedings of the 43rd annual Design Automation Conference
Aegis: a single-chip secure processor
Aegis: a single-chip secure processor
The Reduced Address Space (RAS) for Application Memory Authentication
ISC '08 Proceedings of the 11th international conference on Information Security
Hardware Mechanisms for Memory Authentication: A Survey of Existing Techniques and Engines
Transactions on Computational Science IV
MAC Precomputation with Applications to Secure Memory
ISC '09 Proceedings of the 12th International Conference on Information Security
SecBus: operating system controlled hierarchical page-based memory bus protection
Proceedings of the Conference on Design, Automation and Test in Europe
A framework for testing hardware-software security architectures
Proceedings of the 26th Annual Computer Security Applications Conference
Secure personal data servers: a vision paper
Proceedings of the VLDB Endowment
Transactions on computational science X
A cost-effective tag design for memory data authentication in embedded systems
Proceedings of the 2012 international conference on Compilers, architectures and synthesis for embedded systems
Authenticated storage using small trusted hardware
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
MILo-DB: a personal, secure and portable database machine
Distributed and Parallel Databases
| Hi-index | 0.00 |
Replay attacks are often the most costly attacks to thwart when dealing with off-chip memory integrity. With a trusted System-on-Chip, the existing countermeasures against replay require a large amount of on-chip memory to provide tamper-proof storage for metadata such as hash values or nonces. Tree-based strategies can be deployed to reduce this unacceptable overhead; for example, the well-known Merkle tree technique decreases this overhead to a single hash value. However, it comes at the cost of performance-killing characteristics for embedded systems --- e.g. non-parallelizable hash computations on tree updates. In this paper, we propose an alternative solution: the Tamper-Evident Counter Tree (TEC-Tree). It allows for tamper-evident off-chip storage of the nonces involved in a replay countermeasure; TEC-Tree parallelizes the computations involved in both the authentication and tree update processes. Moreover, because our tree relies on block encryption, it provides data confidentiality at no extra cost. TEC-Tree is a deployable solution for memory integrity, with low performance hit and hardware cost.