Hardware Mechanisms for Memory Integrity Checking
Memory integrity verification is a useful primitive when implementing secure processors that are resistant to attacks on hardware components. This paper proposes new hardware schemes to verify the integrity of untrusted external memory using a very small amount of trusted on-chip storage. Our sc...
| Main Authors: | , , , , |
|---|---|
| Publicado: |
2023
|
| Acceso en liña: | https://hdl.handle.net/1721.1/149968 |
| _version_ | 1826202730931159040 |
|---|---|
| author | Suh, G. Edward Clarke, Dwaine Gassend, Blaise van Dijk, Marten Devadas, Srinivas |
| author_facet | Suh, G. Edward Clarke, Dwaine Gassend, Blaise van Dijk, Marten Devadas, Srinivas |
| author_sort | Suh, G. Edward |
| collection | MIT |
| description | Memory integrity verification is a useful primitive when implementing secure processors that are resistant to attacks on hardware components. This paper proposes new hardware schemes to verify the integrity of untrusted external memory using a very small amount of trusted on-chip storage. Our schemes maintain incremental multiset hashes of all memory reads and writes at run-time, and can verify a {\\em sequence} of memory operations at a later time. We study the advantages and disadvantages of the two new schemes and two existing integrity checking schemes, MACs and hash trees, when implemented in hardware in a microprocessor. Simulations show that the new schemes outperform existing schemes of equivalent functionality when integrity verification is infrequent. |
| first_indexed | 2024-09-23T12:16:29Z |
| id | mit-1721.1/149968 |
| institution | Massachusetts Institute of Technology |
| last_indexed | 2024-09-23T12:16:29Z |
| publishDate | 2023 |
| record_format | dspace |
| spelling | mit-1721.1/1499682023-03-30T03:45:55Z Hardware Mechanisms for Memory Integrity Checking Suh, G. Edward Clarke, Dwaine Gassend, Blaise van Dijk, Marten Devadas, Srinivas Memory integrity verification is a useful primitive when implementing secure processors that are resistant to attacks on hardware components. This paper proposes new hardware schemes to verify the integrity of untrusted external memory using a very small amount of trusted on-chip storage. Our schemes maintain incremental multiset hashes of all memory reads and writes at run-time, and can verify a {\\em sequence} of memory operations at a later time. We study the advantages and disadvantages of the two new schemes and two existing integrity checking schemes, MACs and hash trees, when implemented in hardware in a microprocessor. Simulations show that the new schemes outperform existing schemes of equivalent functionality when integrity verification is infrequent. 2023-03-29T15:36:27Z 2023-03-29T15:36:27Z 2002-11 https://hdl.handle.net/1721.1/149968 MIT-LCS-TR-872 application/pdf |
| spellingShingle | Suh, G. Edward Clarke, Dwaine Gassend, Blaise van Dijk, Marten Devadas, Srinivas Hardware Mechanisms for Memory Integrity Checking |
| title | Hardware Mechanisms for Memory Integrity Checking |
| title_full | Hardware Mechanisms for Memory Integrity Checking |
| title_fullStr | Hardware Mechanisms for Memory Integrity Checking |
| title_full_unstemmed | Hardware Mechanisms for Memory Integrity Checking |
| title_short | Hardware Mechanisms for Memory Integrity Checking |
| title_sort | hardware mechanisms for memory integrity checking |
| url | https://hdl.handle.net/1721.1/149968 |
| work_keys_str_mv | AT suhgedward hardwaremechanismsformemoryintegritychecking AT clarkedwaine hardwaremechanismsformemoryintegritychecking AT gassendblaise hardwaremechanismsformemoryintegritychecking AT vandijkmarten hardwaremechanismsformemoryintegritychecking AT devadassrinivas hardwaremechanismsformemoryintegritychecking |