skip to main content
10.1145/1024393.1024403acmconferencesArticle/Chapter ViewAbstractPublication PagesasplosConference Proceedingsconference-collections
Article

HIDE: an infrastructure for efficiently protecting information leakage on the address bus

Published: 07 October 2004 Publication History

Abstract

XOM-based secure processor has recently been introduced as a mechanism to provide copy and tamper resistant execution. XOM provides support for encryption/decryption and integrity checking. However, neither XOM nor any other current approach adequately addresses the problem of information leakage via the address bus. This paper shows that without address bus protection, the XOM model is severely crippled. Two realistic attacks are shown and experiments show that 70% of the code might be cracked and sensitive data might be exposed leading to serious security breaches.Although the problem of address bus leakage has been widely acknowledged both in industry and academia, no practical solution has ever been proposed that can provide an adequate security guarantee. The main reason is that the problem is very difficult to solve in practice due to severe performance degradation which accompanies most of the solutions. This paper presents an infrastructure called HIDE (Hardware-support for leakage-Immune Dynamic Execution) which provides a solution consisting of chunk-level protection with hardware support and a flexible interface which can be orchestrated through the proposed compiler optimization and user specifications that allow utilizing underlying hardware solution more efficiently to provide better security guarantees.Our results show that protecting both data and code with a high level of security guarantee is possible with negligible performance penalty (1.3% slowdown).

References

[1]
D.Lie, C.Thekkath, M.Mitchell, P.Lincoln, D.Boneh, J.Mitchell, M.Horowitz, "Architectural Support for Copy and Tamper Resistant Software," International Conference on Architectural Support for Programming Languages and Operating Systems, Nov. 2000.]]
[2]
D.Lie, C.Thekkath, M.Horowitz, "Implementing an Untrusted Operating System on Trusted Hardware," 19th ACM Symposium on Operating Systems Principles (SOSP 2003), Oct. 2003.]]
[3]
J.Yang, Y.Zhang, L.Gao, "Fast Secure Processor for Inhibiting Software Piracy and Tampering," International Symposium on Microarchitecture, Dec. 2003.]]
[4]
E.Suh, D.Clarke, B.Gassend, M.v.Dijk, S.Devadas, "Efficient Memory Integrity Verification and Encryption for Secure Processors", International Symposium on Microarchitecture, Dec. 2003.]]
[5]
B.Gassend, G.E.Suh, D.Clarke, M.v.Dijk, S.Devadas, "Caches and Hash Trees for Efficient Memory Integrity Verification", International Symposium on High Performance Computer Architecture, Feb. 2003.]]
[6]
G.E.Suh, D.Clarke, B.Gassend, M.v.Dijk, S.Devadas, "AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing," International Conference on Supercomputing, Jun. 2003.]]
[7]
M.G.Kuhn, "Cipher Instruction Search Attack on the Bus-Encryption Security Microcontroller DS5002FP," IEEE Transaction on Computers, Vol.47, No.10, pp.1153--1157, 1998.]]
[8]
M.Kuhn, "The TrustNo 1 Cryptoprocessor Concept," CS555 Report, Purdue Univ. 1997.]]
[9]
O.Goldreich, "Towards a Theory of Software Protection and Simulation by Oblivious RAMs," The 19th Annual ACM Symposium on Theory of Computing (STOC), 1987.]]
[10]
O.Goldreich, R. Ostrovsky, "Software Protection and Simulation on Oblivious RAMs," Journal of the ACM, Vol.43, No.3, 1996.]]
[11]
"DS5002FP secure microprocessor chip data sheet," Dallas Semiconductor.]]
[12]
J.R.Ullman, "An Algorithm for subgraph Isomorphism," Journal of the ACM, Vol.23, pp.31--42, 1976.]]
[13]
VFLib Graph Matching Library, http://amalfi.dis.unina.it/ graph/db/vflib-2.0/doc/vflib-1.html]]
[14]
P.C.Kocher, "Timing attacks on implementations of Die-Hellman, RSA, DSS, and other systems," International Cryptology Conference, 1996.]]
[15]
P.Kocher, J.Jaffe, B.Jun, "Differential Power Analysis", International Cryptology Conference, 1999.]]
[16]
K.Gandolfi, C.Mourtel, F.Olivier, "Electromagnetic Analysis: Concrete Cresults," In Workshop on Cryptographic hardware and Embedded Systems, 2001.]]
[17]
D.Burger, T.M.Austin. "The SimpleScalar Tool Set Version 2.0," TR. 1342, Univ. of Wisconsin--Madison, May 1997.]]
[18]
R.Anderson, M.Kuhn, "Low Cost Attacks on Tamper Resistant Devices," Security Protocols Workshop, 1997.]]
[19]
J. Kelsey, B. Schneier, D.Wagner, and C. Hall, "Side channel cryptanalysis of product ciphers," European Symposium on Research in Computer Security, Sep. 1998]]
[20]
T.Sherwood, E.Perelman, G.Hamerly, B.Calder, "Auto-matically Characterizing Large Scale Program Behavior," International Conference on Architectural Support for Programming Languages and Operating Systems Oct. 2002.]]
[21]
A.Huang, "Keeping Secrets in Hardware: the Microsoft Xbox (TM) Case Study," MIT TR. AIM-2002-008, May 26, 2002.]]
[22]
C. McClure, "Software Reuse Planning by Way of Domain Analysis," Technical Paper, Extended Intelligence, Inc. http://www.reusability.com.]]
[23]
D.E.Knuth, "Seminumerical Algorithms," The Art of Computer Programming, Vol. 3, Addison Wesley 1981.]]
[24]
T.Zhang, S.Pande, A.D.Santos, F.Bruecklmayer, "Leakage-proof Program Partitioning," International Conference on Compiler, Architecture and Synthesis for Embedded Systems, Oct. 2002.]]
[25]
T.Zhang, S.Pande, A.Valverde, "Tamper-resistant Whole Program Partitioning," International Conference on Languages, Compilers, and Tools for Embedded Systems, Jun. 2003.]]

Cited By

View all
  • (2023)Hitchhiker: Accelerating ORAM With Dynamic SchedulingIEEE Transactions on Computers10.1109/TC.2023.324827272:8(2321-2335)Online publication date: 1-Aug-2023
  • (2023)AB-ORAM: Constructing Adjustable Buckets for Space Reduction in Ring ORAM2023 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA56546.2023.10071064(361-373)Online publication date: Feb-2023
  • (2022)Exploiting data locality in memory for ORAM to reduce memory access overheadsProceedings of the 59th ACM/IEEE Design Automation Conference10.1145/3489517.3530547(703-708)Online publication date: 10-Jul-2022
  • Show More Cited By

Index Terms

  1. HIDE: an infrastructure for efficiently protecting information leakage on the address bus

        Recommendations

        Comments

        Information & Contributors

        Information

        Published In

        cover image ACM Conferences
        ASPLOS XI: Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
        October 2004
        296 pages
        ISBN:1581138040
        DOI:10.1145/1024393
        • cover image ACM SIGARCH Computer Architecture News
          ACM SIGARCH Computer Architecture News  Volume 32, Issue 5
          ASPLOS 2004
          December 2004
          283 pages
          ISSN:0163-5964
          DOI:10.1145/1037947
          Issue’s Table of Contents
        • cover image ACM SIGOPS Operating Systems Review
          ACM SIGOPS Operating Systems Review  Volume 38, Issue 5
          ASPLOS '04
          December 2004
          283 pages
          ISSN:0163-5980
          DOI:10.1145/1037949
          Issue’s Table of Contents
        • cover image ACM SIGPLAN Notices
          ACM SIGPLAN Notices  Volume 39, Issue 11
          ASPLOS '04
          November 2004
          283 pages
          ISSN:0362-1340
          EISSN:1558-1160
          DOI:10.1145/1037187
          Issue’s Table of Contents
        Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

        Sponsors

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        Published: 07 October 2004

        Permissions

        Request permissions for this article.

        Check for updates

        Author Tags

        1. address bus leakage protection
        2. secure processor

        Qualifiers

        • Article

        Conference

        ASPLOS04

        Acceptance Rates

        Overall Acceptance Rate 535 of 2,713 submissions, 20%

        Upcoming Conference

        Contributors

        Other Metrics

        Bibliometrics & Citations

        Bibliometrics

        Article Metrics

        • Downloads (Last 12 months)33
        • Downloads (Last 6 weeks)0
        Reflects downloads up to 05 Jan 2025

        Other Metrics

        Citations

        Cited By

        View all
        • (2023)Hitchhiker: Accelerating ORAM With Dynamic SchedulingIEEE Transactions on Computers10.1109/TC.2023.324827272:8(2321-2335)Online publication date: 1-Aug-2023
        • (2023)AB-ORAM: Constructing Adjustable Buckets for Space Reduction in Ring ORAM2023 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA56546.2023.10071064(361-373)Online publication date: Feb-2023
        • (2022)Exploiting data locality in memory for ORAM to reduce memory access overheadsProceedings of the 59th ACM/IEEE Design Automation Conference10.1145/3489517.3530547(703-708)Online publication date: 10-Jul-2022
        • (2022)IR-ORAM: Path Access Type Based Memory Intensity Reduction for Path-ORAM2022 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA53966.2022.00034(360-372)Online publication date: Apr-2022
        • (2021)Ghost Routing to Enable Oblivious Computation on Memory-centric Networks2021 ACM/IEEE 48th Annual International Symposium on Computer Architecture (ISCA)10.1109/ISCA52012.2021.00077(930-943)Online publication date: Jun-2021
        • (2021)Streamline Ring ORAM Accesses through Spatial and Temporal Optimization2021 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA51647.2021.00012(14-25)Online publication date: Feb-2021
        • (2020)Justifications of welfare guarantees under normalized utilitiesACM SIGecom Exchanges10.1145/3381329.338133717:2(71-75)Online publication date: 28-Jan-2020
        • (2020)Tight revenue gaps among simple and optimal mechanismsACM SIGecom Exchanges10.1145/3381329.338133517:2(54-61)Online publication date: 28-Jan-2020
        • (2020)SCPORAM: A Hardware Support Scheme for Protecting Memory Access Patterns2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom50675.2020.00131(983-990)Online publication date: Dec-2020
        • (2020)A Lightweight Memory Access Pattern Obfuscation Framework for NVMIEEE Computer Architecture Letters10.1109/LCA.2020.304148419:2(163-166)Online publication date: 1-Jul-2020
        • Show More Cited By

        View Options

        Login options

        View options

        PDF

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader

        Media

        Figures

        Other

        Tables

        Share

        Share

        Share this Publication link

        Share on social media