Skip to main content
Springer Nature Link
Log in

Authenticated Encryption Primitives for Size-Constrained Trusted Computing

  • Conference paper
Trust and Trustworthy Computing (Trust 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7344))

Included in the following conference series:

  • 2268 Accesses

Abstract

Trusted execution environments (TEEs) are widely deployed both on mobile devices as well as in personal computers. TEEs typically have a small amount of physically secure memory but they are not enough to realize certain algorithms, such as authenticated encryption modes, in the standard manner. TEEs can however access the much larger but untrusted system memory using which “pipelined” variants of these algorithms can be realized by gradually reading input from, and/or writing output to the untrusted memory. In this paper, we motivate the need for pipelined variants of authenticated encryption modes in TEEs, describe a pipelined version of the EAX mode, and prove that it is as secure as standard, “baseline”, EAX. We point out potential pitfalls in mapping the abstract description of a pipelined variant to concrete implementation and discuss how these can be avoided. We also discuss other algorithms which can be adapted to the pipelined setting and proved correct in a similar fashion.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. ARM. Trustzone-enabled processor, http://www.arm.com/pdfs/DDI0301D_arm1176jzfs_r0p2_trm.pdf

  2. Bellare, M., Rogaway, P.: The game playing technique (2004), http://eprint.iacr.org/2004/331

  3. Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: CCS 1993: Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 62–73. ACM, New York (1993)

    Chapter  Google Scholar 

  4. Bellare, M., Rogaway, P., Wagner, D.: The EAX Mode of Operation. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 389–407. Springer, Heidelberg (2004), doi:10.1007/978-3-540-25937-4-25

    Chapter  Google Scholar 

  5. Boldyreva, A., Taesombut, N.: Online Encryption Schemes: New Security Notions and Constructions. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 1–14. Springer, Heidelberg (2004), doi:10.1007/978-3-540-24660-2-1

    Chapter  Google Scholar 

  6. Fouque, P.-A., Joux, A., Martinet, G., Valette, F.: Authenticated On-Line Encryption. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 145–159. Springer, Heidelberg (2004), doi:10.1007/978-3-540-24654-1-11

    Chapter  Google Scholar 

  7. GlobalPlatform Device Technology. TEE Internal API Specification. Global Platform, vrtsion 0.27 edition (September 2011), http://www.globalplatform.org/specificationform.asp?fid=7762

  8. Intel Corporation. Trusted eXecution Technology (TXT) – Measured LaunchedEnvironment Developer’s Guide (December 2009)

    Google Scholar 

  9. Kostiainen, K., Ekberg, J.-E., Asokan, N., Rantala, A.: On-board credentials with open provisioning. In: ASIACCS 2009: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, pp. 104–115. ACM, New York (2009)

    Google Scholar 

  10. Lie, D., Thekkath, C., Mitchell, M., Lincoln, P., Boneh, D., Mitchell, J., Horowitz, M.: Architectural support for copy and tamper resistant software. SIGPLAN Not. 35(11), 168–177 (2000)

    Article  Google Scholar 

  11. Srage, J., Azema, J.: M-Shield mobile security technology, TI White paper (2005), http://focus.ti.com/pdfs/wtbu/ti_mshield_whitepaper.pdf

  12. Edward Suh, G., Clarke, D., Gassend, B., van Dijk, M., Devadas, S.: Efficient memory integrity verification and encryption for secure processors. In: MICRO 36: Proceedings of the 36th Annual IEEE/ACM International Symposium on Microarchitecture, p. 339. IEEE Computer Society, Washington, DC (2003)

    Google Scholar 

  13. Edward Suh, G., O’Donnell, C.W., Sachdev, I., Devadas, S.: Design and implementation of the aegis single-chip secure processor using physical random functions. In: ISCA 2005: Proceedings of the 32nd Annual International Symposium on Computer Architecture, pp. 25–36. IEEE Computer Society, Washington, DC (2005)

    Google Scholar 

  14. Sundaresan, H.: OMAP platform security features, TI White paper (July 2003), http://focus.ti.com/pdfs/vf/wireless/platformsecuritywp.pdf

  15. Trusted Platform Module (TPM) Specifications, https://www.trustedcomputinggroup.org/specs/TPM/

  16. Chenyu, Y., Rogers, B., Englender, D., Solihin, D., Prvulovic, M.: Improving cost, performance, and security of memory encryption and authentication. In: 33rd International Symposium on Computer Architecture, ISCA 2006, Boston, MA, pp. 179–190 (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Nokia Research Center, Helsinki, Finland

    Jan-Erik Ekberg & N. Asokan

  2. State University of Aerospace Instrumentation, Saint-Petersburg, Russia

    Alexandra Afanasyeva

Authors
  1. Jan-Erik Ekberg
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alexandra Afanasyeva
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. N. Asokan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Technical University Darmstadt, Hochschulstrasse 10, 64289, Darmstadt, Germany

    Stefan Katzenbeisser  & Melanie Volkamer  & 

  2. Institute of Software Technology and Interactive Systems, Vienna University of Technology and SBA Research, Favoritenstrsse 9-11, 1040, Vienna, Austria

    Edgar Weippl

  3. School of Informatics, Indiana University, 901 East Tenth Street, 47405, Bloomington, IN, USA

    L. Jean Camp

  4. Department of Computer Science, University of North Carolina at Chapel Hill, 201 S. Columbia Street UNH-CH, 27599-3175, Chapel Hill, NC, USA

    Mike Reiter

  5. Huawei America R&D, 2330 Central Expressway, 95050, Santa Clara, CA, USA

    Xinwen Zhang

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ekberg, JE., Afanasyeva, A., Asokan, N. (2012). Authenticated Encryption Primitives for Size-Constrained Trusted Computing. In: Katzenbeisser, S., Weippl, E., Camp, L.J., Volkamer, M., Reiter, M., Zhang, X. (eds) Trust and Trustworthy Computing. Trust 2012. Lecture Notes in Computer Science, vol 7344. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30921-2_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-30921-2_1

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-30920-5

  • Online ISBN: 978-3-642-30921-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics