Abstract
Memory attacks have been increasing in number recently. Adversary can manipulate memory data or break system by doing active attacks. Especially, main memory is used as a target of attack, because main memory is more vulnerable than other components, such as CPU. To prevent adversary’s active attack, memory integrity verification algorithm has been proposed. Protection of computer’s memory integrity is important in situations where attacks on the computer systems are a threat. As technology has advanced, computer systems migrate from wire-based to wireless system. A lot of memory integrity verification algorithms are already developed, but these algorithms do not consider new wireless platform. Wireless platform is constrained by a lack of storage and power supply in comparison with wire-based system, therefore computational overhead and storage overhead must be considered when applying to algorithm, which is used in wireless system. In this study, integrity verification performance can be improved by doing batch-processing. Previous verification algorithms based on Merkle tree do not support fully batch processing verification. We propose fully batch processing enabled memory integrity verification algorithm based on Merkle tree. This algorithms can verify memory integrity in completely batches. For implement our algorithm, we use Incremental multiset hash function, and as a result, consume only 480-bit on-chip storage. Reducing consumption of on-chip storage leads to improving on the performance of computation. We implement our algorithm and previous memory integrity verification algorithms based on standard Merkle tree and lazy-processing Merkle tree in simulator to compare their performance. Our algorithm offers better system performance overall, especially when attack rarely occur.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Bellard, F.: QEMU, a Fast and Portable Dynamic Translator. In: USENIX Annual Technical Conference, FREENIX Track, pp. 41–46 (2005)
Blum, M., Evans, W., Gemmell, P., Kannan, S., Naor, M.: Checking the cor-rectness of memories. In: Proceedings of the 32nd IEEE Symposium on Foundations of Computer Science 1991, pp. 90–99 (1991)
Clarke, D., Devadas, S., van Dijk, M., Gassend, B., Suh, G.: Incremental multiset hash functions and their application to memory integrity checking. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 188–207. Springer, Heidelberg (2003)
Clarke, D., Suh, G.E., Gassend, B., Sudan, A., Van Dijk, M., Devadas, S.: Towards constant bandwidth overhead integrity checking of untrusted data. In: IEEE Symposium on Security and Privacy, 2005, pp. 139–153 (2005)
Eastlake, D., Jones, P.: US secure hash algorithm 1 (SHA1) (2001). http://www.hjp.at/doc/rfc/rfc3174.html
Foster, I., Zhao, Y., Raicu, I., Lu, S.: Cloud computing and grid computing 360-degree compared. Grid Comput. Environ. Workshop 2008, 1–10 (2008)
Gassend, B., Suh, G.E., Clarke, D., Van Dijk, M., Devadas, S.: Caches and hash trees for efficient memory integrity verification. High Perform. Comput. Archit. 2003, 295–306 (2003)
Henning, J.L.: SPEC CPU2006 benchmark descriptions. ACM SIGARCH Comput. Architect. News 34(4), 1–17 (2006)
Merkle, R.C.: Protocols for public key cryptosystems. IEEE Symp. Secur. Priv. 1980, 122–123 (1980)
Patel, A., Afram, F., Ghose, K.: Marss-x86: A qemu-based micro-architectural and systems simulator for x86 multicore processors. In: 1st International Qemu Users’ Forum, pp. 29–30 (2011)
Rogers, B., Chhabra, S., Prvulovic, M., Solihin, Y.: Using address independent seed encryption and bonsai merkle trees to make secure processors os and performance-friendly. In: Proceedings of the 40th Annual IEEE/ACM International Symposium on Microarchitecture 2007, pp. 183–196 (2007)
Suh, G.E., Clarke, D., Gassend, B., Dijk, M.V., Devadas, S.: Efficient memory integrity verification and encryption for secure processors. In: Proceedings of the 36th Annual IEEE/ACM International Symposium on Microarchitecture 2003, p. 339 (2003)
Szefer, J., Biedermann, S.: Towards fast hardware memory integrity checking with skewed Merkle trees. In: Proceedings of the Third Workshop on Hard-ware and Architectural Support for Security and Privacy 2014, p. 9 (2014)
Yourst, M.T.: PTLsim: A cycle accurate full system x86-64 microarchitec-tural simulator. In: IEEE International Symposium on Performance Analysis of Systems & Software, ISPASS 2007, pp. 23–34 (2007)
Acknowledgements
This work was supported by the National Research Foundation of Korea Grant funded by the Korean Government (NRF-2014R1A2A2A01006957) and the Institute for Information & communication Technology Promotion (IITP) grant funded by the Korea government. (MSIP) (No. 10041244, SmartTV 2.0 Software Platform).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Kim, S.H., Kim, Y., Kwon, O., Yoon, H. (2016). Fully Batch Processing Enabled Memory Integrity Verification Algorithm Based on Merkle Tree. In: Kim, Hw., Choi, D. (eds) Information Security Applications. WISA 2015. Lecture Notes in Computer Science(), vol 9503. Springer, Cham. https://doi.org/10.1007/978-3-319-31875-2_32
Download citation
DOI: https://doi.org/10.1007/978-3-319-31875-2_32
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-31874-5
Online ISBN: 978-3-319-31875-2
eBook Packages: Computer ScienceComputer Science (R0)