Abstract
Tamper-evident and tamper-resistant systems are vital to support applications such as digital right management and certified grid computing. Recently proposed schemes, such as XOM and AEGIS, assume trusting processor state only to build secure systems. Secure execution for shared memory multiprocessor is a challenging problem as multiple devices need to be trusted.
In this work, we propose a framework for providing secure execution on a bus-based multiprocessor system that tackles the key distribution problem, the overhead of encryption/decryption and the memory integrity overheads. We show how to remove the encryption/decryption latencies from the critical path of execution using pseudo one-time-pad.
While verifying the integrity of all memory transactions, we use a special buffer to check for replay on a random set of memory lines. Replay can be detected with certainty of 99.99%, even if the lines replayed are less than 1%.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
The Trusted Computing Platform Alliance, http://www.trustedpc.com
Lie, D., Thekkath, C., Mitchell, M., Lincoln, P., Boneh, D., Mitchell, J., Horowitz, M.: Architecural Support for Copy and Tamper Resistant Software. In: 9th Int’l Conf. on Arch. Support for Prog. Lang. and Operating Systems, pp. 168–177 (2000)
Suh, G.E., Clarke, D., Gassend, B., van Dijk, M., Devadas, S.: AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing. In: 17th Int’l Conf. on Supercomputing, pp. 160–171 (2003)
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography, vol. 5th printing. CRC Press, Boca Raton (2001)
Suh, G.E., Clarke, D., Gassend, B., van Dijk, M., Devadas, S.: Efficient Memory Integrity Verification and Encryption for Secure Processors. In: 36th Int’l Symp. in Microarchitecture, pp. 339–350 (2003)
Yang, J., Zhang, Y., Gao, L.: Fast Secure Processor for Inhibiting Software Piracy and Tampering. In: 36th Int’l Symp. in Microarchitecture, pp. 351–360 (2003)
Shi, W., Lee, H.H.S., Ghosh, M., Lu, C., Zhang, T.: Architecture Support for High Speed Protection of Memory Integrity and Confidentiality in Symmetric Multiprocessor. In: 13th Int’l Conf. on Parallel Arch. and Compilation Tech., pp. 123–134 (2004)
Zhuang, X., Pande, T.Z.S.: HIDE: An Infrastucture for Efficiently Protecting Information Leakage on the Address Bus. In: 11th Int’l Conf. on Arch. Support for Prog. Lang. and Operating Systems, pp. 72–84 (2004)
Zhang, Y., Gao, L., Yang, J., Zhang, X., Gupta, R.: SENSS: Security Enhancement to Symmetric Shared Memory Multiprocessors. In: 11th Int’l Conf. on High-Performance Computer Architecture, pp. 352–362 (2005)
Solihin, Y., Lee, J., Torrellas, J.: Prefetching in an Intelligent Memory Architecture using Helper Threads. In: 5th Workshop on Multithreaded Execution, Architecture, and Compilation (2001)
Chiou, G.H., Chen, W.T.: Secure Broadcasting Using Secure Lock. IEEE Trans. on Software Engineering 15(8), 929–934 (1989)
Clarke, D., Suh, G.E., Gassend, B., van Dijk, M., Devadas, S.: Checking the Integrity of a Memory in a Snooping-Based Symmetric Multiprocessor (SMP) System. MIT LCS memo-470 (2004)
Kaxiras, S., Hu, Z., Martonosi, M.: Cache Decay: Exploiting Generational Behavior to Reduce Cache Leakage Power. In: 28th Int’l Symp. on Computer Architecture, pp. 240–251 (2001)
Rosenblum, M., Bugnion, E., Devine, S., Herrod, S.A.: Using the SimOS Machine Simulator to Study Complex Computer Systems. Modeling and Computer Simulation 7, 78–103 (1997)
Woo, S., Ohara, M., Torrie, E., Singh, J.P., Gupta, A.: The SPLASH-2 Programs: Characterization and Methodological Considerations. In: 22nd Int’l Symp. on Computer Architecture, pp. 24–36 (1995)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ibrahim, K.Z. (2005). Efficient Architectural Support for Secure Bus-Based Shared Memory Multiprocessor. In: Srikanthan, T., Xue, J., Chang, CH. (eds) Advances in Computer Systems Architecture. ACSAC 2005. Lecture Notes in Computer Science, vol 3740. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11572961_52
Download citation
DOI: https://doi.org/10.1007/11572961_52
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29643-0
Online ISBN: 978-3-540-32108-8
eBook Packages: Computer ScienceComputer Science (R0)