Hardware Mechanisms for Memory Integrity Checking
Memory integrity verification is a useful primitive when implementing secure processors that are resistant to attacks on hardware components. This paper proposes new hardware schemes to verify the integrity of untrusted external memory using a very small amount of trusted on-chip storage. Our sc...
Egile Nagusiak: | , , , , |
---|---|
Argitaratua: |
2023
|
Sarrera elektronikoa: | https://hdl.handle.net/1721.1/149968 |
_version_ | 1826202730931159040 |
---|---|
author | Suh, G. Edward Clarke, Dwaine Gassend, Blaise van Dijk, Marten Devadas, Srinivas |
author_facet | Suh, G. Edward Clarke, Dwaine Gassend, Blaise van Dijk, Marten Devadas, Srinivas |
author_sort | Suh, G. Edward |
collection | MIT |
description | Memory integrity verification is a useful primitive when implementing secure processors that are resistant to attacks on hardware components. This paper proposes new hardware schemes to verify the integrity of untrusted external memory using a very small amount of trusted on-chip storage. Our schemes maintain incremental multiset hashes of all memory reads and writes at run-time, and can verify a {\\em sequence} of memory operations at a later time. We study the advantages and disadvantages of the two new schemes and two existing integrity checking schemes, MACs and hash trees, when implemented in hardware in a microprocessor. Simulations show that the new schemes outperform existing schemes of equivalent functionality when integrity verification is infrequent. |
first_indexed | 2024-09-23T12:16:29Z |
id | mit-1721.1/149968 |
institution | Massachusetts Institute of Technology |
last_indexed | 2024-09-23T12:16:29Z |
publishDate | 2023 |
record_format | dspace |
spelling | mit-1721.1/1499682023-03-30T03:45:55Z Hardware Mechanisms for Memory Integrity Checking Suh, G. Edward Clarke, Dwaine Gassend, Blaise van Dijk, Marten Devadas, Srinivas Memory integrity verification is a useful primitive when implementing secure processors that are resistant to attacks on hardware components. This paper proposes new hardware schemes to verify the integrity of untrusted external memory using a very small amount of trusted on-chip storage. Our schemes maintain incremental multiset hashes of all memory reads and writes at run-time, and can verify a {\\em sequence} of memory operations at a later time. We study the advantages and disadvantages of the two new schemes and two existing integrity checking schemes, MACs and hash trees, when implemented in hardware in a microprocessor. Simulations show that the new schemes outperform existing schemes of equivalent functionality when integrity verification is infrequent. 2023-03-29T15:36:27Z 2023-03-29T15:36:27Z 2002-11 https://hdl.handle.net/1721.1/149968 MIT-LCS-TR-872 application/pdf |
spellingShingle | Suh, G. Edward Clarke, Dwaine Gassend, Blaise van Dijk, Marten Devadas, Srinivas Hardware Mechanisms for Memory Integrity Checking |
title | Hardware Mechanisms for Memory Integrity Checking |
title_full | Hardware Mechanisms for Memory Integrity Checking |
title_fullStr | Hardware Mechanisms for Memory Integrity Checking |
title_full_unstemmed | Hardware Mechanisms for Memory Integrity Checking |
title_short | Hardware Mechanisms for Memory Integrity Checking |
title_sort | hardware mechanisms for memory integrity checking |
url | https://hdl.handle.net/1721.1/149968 |
work_keys_str_mv | AT suhgedward hardwaremechanismsformemoryintegritychecking AT clarkedwaine hardwaremechanismsformemoryintegritychecking AT gassendblaise hardwaremechanismsformemoryintegritychecking AT vandijkmarten hardwaremechanismsformemoryintegritychecking AT devadassrinivas hardwaremechanismsformemoryintegritychecking |