Cipher Instruction Search Attack on the Bus-Encryption Security Microcontroller DS5002FP
IEEE Transactions on Computers
Building a high-performance, programmable secure coprocessor
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Architectural support for copy and tamper resistant software
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
Handbook of Applied Cryptography
Handbook of Applied Cryptography
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
AEGIS: architecture for tamper-evident and tamper-resistant processing
ICS '03 Proceedings of the 17th annual international conference on Supercomputing
Caches and Hash Trees for Efficient Memory Integrity Verification
HPCA '03 Proceedings of the 9th International Symposium on High-Performance Computer Architecture
Implementing an untrusted operating system on trusted hardware
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Tamper Resistance Mechanisms for Secure, Embedded Systems
VLSID '04 Proceedings of the 17th International Conference on VLSI Design
Security as a new dimension in embedded system design
Proceedings of the 41st annual Design Automation Conference
Architectural support for copy and tamper-resistant software
Architectural support for copy and tamper-resistant software
Improving Memory Encryption Performance in Secure Processors
IEEE Transactions on Computers
A 3.84 gbits/s AES crypto coprocessor with modes of operation in a 0.18-μm CMOS technology
GLSVLSI '05 Proceedings of the 15th ACM Great Lakes symposium on VLSI
Architecture for Protecting Critical Secrets in Microprocessors
Proceedings of the 32nd annual international symposium on Computer Architecture
Improving Cost, Performance, and Security of Memory Encryption and Authentication
Proceedings of the 33rd annual international symposium on Computer Architecture
A parallelized way to provide data encryption and integrity checking on a processor-memory bus
Proceedings of the 43rd annual Design Automation Conference
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Aegis: a single-chip secure processor
Aegis: a single-chip secure processor
Proceedings of the 40th Annual IEEE/ACM International Symposium on Microarchitecture
TEC-Tree: A Low-Cost, Parallelizable Tree for Efficient Defense Against Memory Replay Attacks
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
A security approach for off-chip memory in embedded microprocessor systems
Microprocessors & Microsystems
Hardware Mechanisms for Memory Authentication: A Survey of Existing Techniques and Engines
Transactions on Computational Science IV
Cryptanalysis of two variants of PCBC mode when used for message integrity
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Parallelizable authentication trees
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
Hi-index | 0.00 |
The bus between the System on Chip (SoC) and the external memory is one of the weakest points of computer systems: an adversary can easily probe this bus in order to read private data (data confidentiality concern) or to inject data (data integrity concern). The conventional way to protect data against such attacks and to ensure data confidentiality and integrity is to implement two dedicated engines: one performing data encryption and another data authentication. This approach, while secure, prevents parallelizability of the underlying computations. In this paper, we introduce the concept of Block-Level Added Redundancy Explicit Authentication (BL-AREA) and we describe a Parallelized Encryption and Integrity Checking Engine (PE-ICE) based on this concept. BL-AREA and PE-ICE have been designed to provide an effective solution to ensure both security services while allowing for full parallelization on processor read and write operations and optimizing the hardware resources. Compared to standard encryption which ensures only confidentiality, we show that PE-ICE additionally guarantees code and data integrity for less than 4% of run-time performance overhead.