Hardware Mechanisms for Memory Integrity Checking

Memory integrity verification is a useful primitive when implementing secure processors that are resistant to attacks on hardware components. This paper proposes new hardware schemes to verify the integrity of untrusted external memory using a very small amount of trusted on-chip storage. Our sc...

Deskribapen osoa

Xehetasun bibliografikoak
Egile Nagusiak: Suh, G. Edward, Clarke, Dwaine, Gassend, Blaise, van Dijk, Marten, Devadas, Srinivas
Argitaratua: 2023
Sarrera elektronikoa:https://hdl.handle.net/1721.1/149968
_version_ 1826202730931159040
author Suh, G. Edward
Clarke, Dwaine
Gassend, Blaise
van Dijk, Marten
Devadas, Srinivas
author_facet Suh, G. Edward
Clarke, Dwaine
Gassend, Blaise
van Dijk, Marten
Devadas, Srinivas
author_sort Suh, G. Edward
collection MIT
description Memory integrity verification is a useful primitive when implementing secure processors that are resistant to attacks on hardware components. This paper proposes new hardware schemes to verify the integrity of untrusted external memory using a very small amount of trusted on-chip storage. Our schemes maintain incremental multiset hashes of all memory reads and writes at run-time, and can verify a {\\em sequence} of memory operations at a later time. We study the advantages and disadvantages of the two new schemes and two existing integrity checking schemes, MACs and hash trees, when implemented in hardware in a microprocessor. Simulations show that the new schemes outperform existing schemes of equivalent functionality when integrity verification is infrequent.
first_indexed 2024-09-23T12:16:29Z
id mit-1721.1/149968
institution Massachusetts Institute of Technology
last_indexed 2024-09-23T12:16:29Z
publishDate 2023
record_format dspace
spelling mit-1721.1/1499682023-03-30T03:45:55Z Hardware Mechanisms for Memory Integrity Checking Suh, G. Edward Clarke, Dwaine Gassend, Blaise van Dijk, Marten Devadas, Srinivas Memory integrity verification is a useful primitive when implementing secure processors that are resistant to attacks on hardware components. This paper proposes new hardware schemes to verify the integrity of untrusted external memory using a very small amount of trusted on-chip storage. Our schemes maintain incremental multiset hashes of all memory reads and writes at run-time, and can verify a {\\em sequence} of memory operations at a later time. We study the advantages and disadvantages of the two new schemes and two existing integrity checking schemes, MACs and hash trees, when implemented in hardware in a microprocessor. Simulations show that the new schemes outperform existing schemes of equivalent functionality when integrity verification is infrequent. 2023-03-29T15:36:27Z 2023-03-29T15:36:27Z 2002-11 https://hdl.handle.net/1721.1/149968 MIT-LCS-TR-872 application/pdf
spellingShingle Suh, G. Edward
Clarke, Dwaine
Gassend, Blaise
van Dijk, Marten
Devadas, Srinivas
Hardware Mechanisms for Memory Integrity Checking
title Hardware Mechanisms for Memory Integrity Checking
title_full Hardware Mechanisms for Memory Integrity Checking
title_fullStr Hardware Mechanisms for Memory Integrity Checking
title_full_unstemmed Hardware Mechanisms for Memory Integrity Checking
title_short Hardware Mechanisms for Memory Integrity Checking
title_sort hardware mechanisms for memory integrity checking
url https://hdl.handle.net/1721.1/149968
work_keys_str_mv AT suhgedward hardwaremechanismsformemoryintegritychecking
AT clarkedwaine hardwaremechanismsformemoryintegritychecking
AT gassendblaise hardwaremechanismsformemoryintegritychecking
AT vandijkmarten hardwaremechanismsformemoryintegritychecking
AT devadassrinivas hardwaremechanismsformemoryintegritychecking