research-article

SMARTS: secure memory assurance of RISC-V trusted SoC

Authors:
Ming Ming Wong

Nanyang Technological University, (NTU) Singapore

Nanyang Technological University, (NTU) Singapore
View Profile

,
Jawad Haj-Yahya

Nanyang Technological University, (NTU) Singapore

Nanyang Technological University, (NTU) Singapore
View Profile

,
Anupam Chattopadhyay

Nanyang Technological University, (NTU) Singapore

Nanyang Technological University, (NTU) Singapore
View Profile

HASP '18: Proceedings of the 7th International Workshop on Hardware and Architectural Support for Security and PrivacyJune 2018Article No.: 6Pages 1–8https://doi.org/10.1145/3214292.3214298

Published:02 June 2018Publication History

HASP '18: Proceedings of the 7th International Workshop on Hardware and Architectural Support for Security and Privacy

Pages 1–8

ABSTRACT

Security is evolving fast as the prime design concern for modern System-on-Chip (SoC), especially for lightweight design choices. In this manuscript, we study the design of memory protection unit (MPU) that will be integrated in RISC-V trusted SoC, with the intention of achieving lightweight, yet robust countermeasure towards the known attack vectors. The proposed framework provides integrity, confidentiality and also allows the flexibility of partial encryption based on the application requirements. We extensively benchmarked with state-of-the-art works in secure memory design. Our design obtains least storage overhead among the ones reported so far.

References

2008. IEEE Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices. IEEE Std 1619-2007 (April 2008), c1--32.Google Scholar
2013. Intel Corporation. Software Guard Extensions Programming Reference. Reference no. 329298-001US (2013).Google Scholar
2014. Intel Corporation. Software Guard Extensions Programming Reference. Reference no. 329298-002US (2014).Google Scholar
Mihir Bellare and Chanathip Namprempre. 2000. Authenticated Ecryption: Relations among Notions and Analysis of the Generic Composition Paradigm. In Advances in Cryptology --- ASIACRYPT 2000, Tatsuaki Okamoto (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 531--545. Google ScholarDigital Library
Alex Bradbury, Gavin Ferris, and Robert Mullins. 2014. Tagged memory and minion cores in the lowRISC SoC. Memo, University of Cambridge (2014).Google Scholar
D. Champagne and R. B. Lee. 2010. Scalable architectural support for trusted software. In HPCA - 16 2010 The Sixteenth International Symposium on High-Performance Computer Architecture. 1--12.Google Scholar
Siddhartha Chhabra, Brian Rogers, Yan Solihin, and Milos Prvulovic. 2011. SecureME: A Hardware-software Approach to Full System Security. In Proceedings of the International Conference on Supercomputing (ICS '11). ACM, New York, NY, USA, 108--119. Google ScholarDigital Library
Victor Costan and Srinivas Devadas. 2016. Intel SGX Explained. IACR Cryptology ePrint Archive 2016 (2016), 86. http://eprint.iacr.org/2016/086Google Scholar
Victor Costan, Ilia A. Lebedev, and Srinivas Devadas. 2016. Sanctum: Minimal Hardware Extensions for Strong Software Isolation. In 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10--12, 2016. 857--874. https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/costanGoogle Scholar
C. Dobraunig, M. Eichlseder, F. Mendel, and M. Schlaffer. 2016. Ascon v1.2. In Submission to the CAESAR Competition.Google Scholar
Morris J. Dworkin. 2004. SP800-38C. Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality. Technical Report. Gaithersburg, MD, United States. Google ScholarDigital Library
Morris J. Dworkin. 2007. SP 800-38D. Recommendation for Block Cipher Modes of Operation: Galois / Counter Mode (GCM) and GMAC. Technical Report. Gaithersburg, MD, United States. Google ScholarDigital Library
Reouven Elbaz, David Champagne, Catherine Gebotys, Ruby B. Lee, Nachiketh Potlapally, and Lionel Torres. 2009. Hardware Mechanisms for Memory Authentication: A Survey of Existing Techniques and Engines. Springer Berlin Heidelberg, Berlin, Heidelberg, 1--22. Google ScholarDigital Library
Reouven Elbaz, David Champagne, Ruby B. Lee, Lionel Torres, Gilles Sassatelli, and Pierre Guillemin. 2007. TEC-Tree: A Low-Cost, Parallelizable Tree for Efficient Defense Against Memory Replay Attacks. In Cryptographic Hardware and Embedded Systems - CHES 2007, Pascal Paillier and Ingrid Verbauwhede (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 289--302. Google ScholarDigital Library
Christopher W. Fletcher, Marten van Dijk, and Srinivas Devadas. 2012. A Secure Processor Architecture for Encrypted Computation on Untrusted Programs. In Proceedings of the Seventh ACM Workshop on Scalable Trusted Computing (STC '12). ACM, New York, NY, USA, 3--8. Google ScholarDigital Library
Clemens Fruhwirth. 2005. New methods in hard disk encryption. http://clemens.endorphin.org/nmihde/nmihde-A4-ds.pdf.Google Scholar
Shay Gueron. 2016. A Memory Encryption Engine Suitable for General Purpose Processors. IACR Cryptology ePrint Archive 2016 (2016), 204.Google Scholar
W. Eric Hall and Charanjit S. Jutla. 2006. Parallelizable Authentication Trees. In Selected Areas in Cryptography, Bart Preneel and Stafford Tavares (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 95--109. Google ScholarDigital Library
Michael Henson and Stephen Taylor. 2014. Memory Encryption: A Survey of Existing Techniques. ACM Comput. Surv. 46, 4, Article 53 (March 2014), 26 pages. Google ScholarDigital Library
Paul Kocher, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. 2018. Spectre Attacks: Exploiting Speculative Execution. arXiv preprint arXiv:1801.01203 (2018).Google Scholar
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. 2018. Meltdown. arXiv preprint arXiv:1801.01207 (2018).Google Scholar
David A. McGrew and John Viega. 2004. The Security and Performance of the Galois / Counter Mode (GCM) of Operation. In Proceedings of the 5th International Conference on Cryptology in India (INDOCRYPT'04). Springer-Verlag, Berlin, Heidelberg, 343--355. Google ScholarDigital Library
R. C. Merkle. 1980. Protocols for Public Key Cryptosystems. In 1980 IEEE Symposium on Security and Privacy. 122--122.Google Scholar
Phillip Rogaway. 2004. Efficient Instantiations of Tweakable Blockciphers and Refinements to Modes OCB and PMAC. In Advances in Cryptology - ASIACRYPT 2004, Pil Joong Lee (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 16--31.Google Scholar
B. Rogers, S. Chhabra, M. Prvulovic, and Y. Solihin. 2007. Using Address Independent Seed Encryption and Bonsai Merkle Trees to Make Secure Processors OS-and Performance-Friendly. In 40th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO 2007). 183--196. Google ScholarDigital Library
Mark Seaborn and Thomas Dullien. 2015. Exploiting the DRAM Rowhammer bug to gain kernel privileges. Black Hat (2015), 7--9.Google Scholar
G. E. Suh, D. Clarke, B. Gasend, M. van Dijk, and S. Devadas. 2003. Efficient memory integrity verification and encryption for secure processors. In Proceedings. 36th Annual IEEE/ACM International Symposium on Microarchitecture, 2003. MICRO-36. 339--350. Google ScholarDigital Library
G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten van Dijk, and Srinivas Devadas. 2003. AEGIS: Architecture for Tamper-evident and Tamper-resistant Processing. In Proceedings of the 17th Annual International Conference on Supercomputing (ICS '03). ACM, New York, NY, USA, 160--171. Google ScholarDigital Library
David Lie Chandramohan Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell, and Mark Horowitz. 2000. Architectural Support for Copy and Tamper Resistant Software. SIGARCH Comput. Archit. News 28, 5 (Nov. 2000), 168--177. Google ScholarDigital Library
Thomas Unterluggauer, Mario Werner, and Stefan Mangard. 2018. MEAS: memory encryption and authentication secure against side-channel attacks. Journal of Cryptographic Engineering (25 Jan 2018).Google ScholarCross Ref
Andrew Waterman, Yunsup Lee, Rimas Avizienis, David A. Patterson, and Krste Asanovic. 2016. The RISC-V Instruction Set Manual Volume II: Privileged Architecture Version 1.9. Technical Report UCB/EECS-2016-129. EECS Department, University of California, Berkeley. http://www2.eecs.berkeley.edu/Pubs/TechRpts/2016/EECS-2016-129.htmlGoogle Scholar
Andrew Waterman, Yunsup Lee, David A. Patterson, and Krste Asanovic. 2014. The RISC-V Instruction Set Manual, Volume I: User-Level ISA, Version 2.0. Technical ReportUCB/EECS-2014-54. EECS Department, University of California, Berkeley. http://www2.eecs.berkeley.edu/Pubs/TechRpts/2014/EECS-2014-54.htmlGoogle ScholarCross Ref
Chenyu Yan, Daniel Englender, Milos Prvulovic, Brian Rogers, and Yan Solihin. 2006. Improving Cost, Performance, and Security of Memory Encryption and Authentication. In Proceedings of the 33rd Annual International Symposium on Computer Architecture (ISCA '06). IEEE Computer Society, Washington, DC, USA, 179--190. Google ScholarDigital Library

Index Terms

SMARTS: secure memory assurance of RISC-V trusted SoC
1. Computer systems organization
  1. Architectures
    1. Serial architectures
      1. Reduced instruction set computing
2. Security and privacy
  1. Security in hardware
    1. Hardware security implementation

Recommendations

Designing a secure DRAM+NVM hybrid memory module
CF '19: Proceedings of the 16th ACM International Conference on Computing Frontiers

Non-Volatile Memory (NVM) such as PCM has emerged as a potential alternative for main memory due to its high density and low leakage power. However, an NVM main-memory system faces three challenges when compared to Dynamic Random Access Memory (DRAM) - ...
Read More
A New Interpretation for the GHASH Authenticator of AES-GCM
Cyber Security, Cryptology, and Machine Learning
Abstract
AES-GCM authenticated encryption scheme has a significant role in modern secure communications. It combines AES CTR encryption with authentication that is based on a polynomial evaluation hash function (GHASH) computed in $F_{2^{128}} [x] / P_{GCM} (x)$ , where $P_{...}^{}^{}^{}$ $_{^{}}$ $_{^{}}_{}$ $_{}$ $_{^{}} (^{}^{}^{}^{})$
Read More
Authentication Key Recovery on Galois/Counter Mode GCM
Proceedings of the 8th International Conference on Progress in Cryptology --- AFRICACRYPT 2016 - Volume 9646

GCM is used in a vast amount of security protocols and is quickly becoming the de facto mode of operation for block ciphers due to its exceptional performance. In this paper we analyze the NIST standardized version SP 800-38D of GCM, and in particular ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
HASP '18: Proceedings of the 7th International Workshop on Hardware and Architectural Support for Security and Privacy
June 2018
84 pages
ISBN:9781450365000
DOI:10.1145/3214292
Conference Chairs:
Jakub Szefer
Yale University
,
Weidong Shi
University of Houston
,
Ruby B. Lee
Princeton University
Copyright © 2018 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 2 June 2018
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
AES-GCM
RISC-V SoC
bonsai merkle tree (BMT)
memory protection unit (MPU)
partial memory encryption (PME)
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate9of13submissions,69%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 7
  Total Citations
  View Citations
- 547
  Total Downloads
- Downloads (Last 12 months)48
- Downloads (Last 6 weeks)6
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

SMARTS: secure memory assurance of RISC-V trusted SoC

HASP '18: Proceedings of the 7th International Workshop on Hardware and Architectural Support for Security and Privacy

ABSTRACT

References

Cited By

Index Terms

Recommendations

Designing a secure DRAM+NVM hybrid memory module

A New Interpretation for the GHASH Authenticator of AES-GCM

Authentication Key Recovery on Galois/Counter Mode GCM