Fully Batch Processing Enabled Memory Integrity Verification Algorithm Based on Merkle Tree
详细信息    查看全文
  • 关键词:Memory integrity ; Incremental multiset hash function ; Temper ; resistant ; Merkle tree
  • 刊名:Lecture Notes in Computer Science
  • 出版年:2016
  • 出版时间:2016
  • 年:2016
  • 卷:9503
  • 期:1
  • 页码:386-398
  • 全文大小:905 KB
  • 参考文献:1.Bellard, F.: QEMU, a Fast and Portable Dynamic Translator. In: USENIX Annual Technical Conference, FREENIX Track, pp. 41–46 (2005)
    2.Blum, M., Evans, W., Gemmell, P., Kannan, S., Naor, M.: Checking the cor-rectness of memories. In: Proceedings of the 32nd IEEE Symposium on Foundations of Computer Science 1991, pp. 90–99 (1991)
    3.Clarke, D., Devadas, S., van Dijk, M., Gassend, B., Suh, G.: Incremental multiset hash functions and their application to memory integrity checking. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 188–207. Springer, Heidelberg (2003)CrossRef
    4.Clarke, D., Suh, G.E., Gassend, B., Sudan, A., Van Dijk, M., Devadas, S.: Towards constant bandwidth overhead integrity checking of untrusted data. In: IEEE Symposium on Security and Privacy, 2005, pp. 139–153 (2005)
    5.Eastlake, D., Jones, P.: US secure hash algorithm 1 (SHA1) (2001). http://​www.​hjp.​at/​doc/​rfc/​rfc3174.​html
    6.Foster, I., Zhao, Y., Raicu, I., Lu, S.: Cloud computing and grid computing 360-degree compared. Grid Comput. Environ. Workshop 2008, 1–10 (2008)
    7.Gassend, B., Suh, G.E., Clarke, D., Van Dijk, M., Devadas, S.: Caches and hash trees for efficient memory integrity verification. High Perform. Comput. Archit. 2003, 295–306 (2003)
    8.Henning, J.L.: SPEC CPU2006 benchmark descriptions. ACM SIGARCH Comput. Architect. News 34(4), 1–17 (2006)CrossRef MathSciNet
    9.Merkle, R.C.: Protocols for public key cryptosystems. IEEE Symp. Secur. Priv. 1980, 122–123 (1980)
    10.Patel, A., Afram, F., Ghose, K.: Marss-x86: A qemu-based micro-architectural and systems simulator for x86 multicore processors. In: 1st International Qemu Users’ Forum, pp. 29–30 (2011)
    11.Rogers, B., Chhabra, S., Prvulovic, M., Solihin, Y.: Using address independent seed encryption and bonsai merkle trees to make secure processors os and performance-friendly. In: Proceedings of the 40th Annual IEEE/ACM International Symposium on Microarchitecture 2007, pp. 183–196 (2007)
    12.Suh, G.E., Clarke, D., Gassend, B., Dijk, M.V., Devadas, S.: Efficient memory integrity verification and encryption for secure processors. In: Proceedings of the 36th Annual IEEE/ACM International Symposium on Microarchitecture 2003, p. 339 (2003)
    13.Szefer, J., Biedermann, S.: Towards fast hardware memory integrity checking with skewed Merkle trees. In: Proceedings of the Third Workshop on Hard-ware and Architectural Support for Security and Privacy 2014, p. 9 (2014)
    14.Yourst, M.T.: PTLsim: A cycle accurate full system x86-64 microarchitec-tural simulator. In: IEEE International Symposium on Performance Analysis of Systems & Software, ISPASS 2007, pp. 23–34 (2007)
  • 作者单位:Se Hwan Kim (15)
    Yonggon Kim (15)
    Ohmin Kwon (15)
    Hyunsoo Yoon (15)

    15. School of Computing, Korea Advanced Institute of Science and Technology (KAIST), Daejeon, 305-701, Republic of Korea
  • 丛书名:Information Security Applications
  • ISBN:978-3-319-31875-2
  • 刊物类别:Computer Science
  • 刊物主题:Artificial Intelligence and Robotics
    Computer Communication Networks
    Software Engineering
    Data Encryption
    Database Management
    Computation by Abstract Devices
    Algorithm Analysis and Problem Complexity
  • 出版者:Springer Berlin / Heidelberg
  • ISSN:1611-3349
文摘
Memory attacks have been increasing in number recently. Adversary can manipulate memory data or break system by doing active attacks. Especially, main memory is used as a target of attack, because main memory is more vulnerable than other components, such as CPU. To prevent adversary’s active attack, memory integrity verification algorithm has been proposed. Protection of computer’s memory integrity is important in situations where attacks on the computer systems are a threat. As technology has advanced, computer systems migrate from wire-based to wireless system. A lot of memory integrity verification algorithms are already developed, but these algorithms do not consider new wireless platform. Wireless platform is constrained by a lack of storage and power supply in comparison with wire-based system, therefore computational overhead and storage overhead must be considered when applying to algorithm, which is used in wireless system. In this study, integrity verification performance can be improved by doing batch-processing. Previous verification algorithms based on Merkle tree do not support fully batch processing verification. We propose fully batch processing enabled memory integrity verification algorithm based on Merkle tree. This algorithms can verify memory integrity in completely batches. For implement our algorithm, we use Incremental multiset hash function, and as a result, consume only 480-bit on-chip storage. Reducing consumption of on-chip storage leads to improving on the performance of computation. We implement our algorithm and previous memory integrity verification algorithms based on standard Merkle tree and lazy-processing Merkle tree in simulator to compare their performance. Our algorithm offers better system performance overall, especially when attack rarely occur.

© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号

地址:北京市海淀区学院路29号 邮编:100083

电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700