ABSTRACT
Security is evolving fast as the prime design concern for modern System-on-Chip (SoC), especially for lightweight design choices. In this manuscript, we study the design of memory protection unit (MPU) that will be integrated in RISC-V trusted SoC, with the intention of achieving lightweight, yet robust countermeasure towards the known attack vectors. The proposed framework provides integrity, confidentiality and also allows the flexibility of partial encryption based on the application requirements. We extensively benchmarked with state-of-the-art works in secure memory design. Our design obtains least storage overhead among the ones reported so far.
- 2008. IEEE Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices. IEEE Std 1619-2007 (April 2008), c1--32.Google Scholar
- 2013. Intel Corporation. Software Guard Extensions Programming Reference. Reference no. 329298-001US (2013).Google Scholar
- 2014. Intel Corporation. Software Guard Extensions Programming Reference. Reference no. 329298-002US (2014).Google Scholar
- Mihir Bellare and Chanathip Namprempre. 2000. Authenticated Ecryption: Relations among Notions and Analysis of the Generic Composition Paradigm. In Advances in Cryptology --- ASIACRYPT 2000, Tatsuaki Okamoto (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 531--545. Google ScholarDigital Library
- Alex Bradbury, Gavin Ferris, and Robert Mullins. 2014. Tagged memory and minion cores in the lowRISC SoC. Memo, University of Cambridge (2014).Google Scholar
- D. Champagne and R. B. Lee. 2010. Scalable architectural support for trusted software. In HPCA - 16 2010 The Sixteenth International Symposium on High-Performance Computer Architecture. 1--12.Google Scholar
- Siddhartha Chhabra, Brian Rogers, Yan Solihin, and Milos Prvulovic. 2011. SecureME: A Hardware-software Approach to Full System Security. In Proceedings of the International Conference on Supercomputing (ICS '11). ACM, New York, NY, USA, 108--119. Google ScholarDigital Library
- Victor Costan and Srinivas Devadas. 2016. Intel SGX Explained. IACR Cryptology ePrint Archive 2016 (2016), 86. http://eprint.iacr.org/2016/086Google Scholar
- Victor Costan, Ilia A. Lebedev, and Srinivas Devadas. 2016. Sanctum: Minimal Hardware Extensions for Strong Software Isolation. In 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10--12, 2016. 857--874. https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/costanGoogle Scholar
- C. Dobraunig, M. Eichlseder, F. Mendel, and M. Schlaffer. 2016. Ascon v1.2. In Submission to the CAESAR Competition.Google Scholar
- Morris J. Dworkin. 2004. SP800-38C. Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality. Technical Report. Gaithersburg, MD, United States. Google ScholarDigital Library
- Morris J. Dworkin. 2007. SP 800-38D. Recommendation for Block Cipher Modes of Operation: Galois / Counter Mode (GCM) and GMAC. Technical Report. Gaithersburg, MD, United States. Google ScholarDigital Library
- Reouven Elbaz, David Champagne, Catherine Gebotys, Ruby B. Lee, Nachiketh Potlapally, and Lionel Torres. 2009. Hardware Mechanisms for Memory Authentication: A Survey of Existing Techniques and Engines. Springer Berlin Heidelberg, Berlin, Heidelberg, 1--22. Google ScholarDigital Library
- Reouven Elbaz, David Champagne, Ruby B. Lee, Lionel Torres, Gilles Sassatelli, and Pierre Guillemin. 2007. TEC-Tree: A Low-Cost, Parallelizable Tree for Efficient Defense Against Memory Replay Attacks. In Cryptographic Hardware and Embedded Systems - CHES 2007, Pascal Paillier and Ingrid Verbauwhede (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 289--302. Google ScholarDigital Library
- Christopher W. Fletcher, Marten van Dijk, and Srinivas Devadas. 2012. A Secure Processor Architecture for Encrypted Computation on Untrusted Programs. In Proceedings of the Seventh ACM Workshop on Scalable Trusted Computing (STC '12). ACM, New York, NY, USA, 3--8. Google ScholarDigital Library
- Clemens Fruhwirth. 2005. New methods in hard disk encryption. http://clemens.endorphin.org/nmihde/nmihde-A4-ds.pdf.Google Scholar
- Shay Gueron. 2016. A Memory Encryption Engine Suitable for General Purpose Processors. IACR Cryptology ePrint Archive 2016 (2016), 204.Google Scholar
- W. Eric Hall and Charanjit S. Jutla. 2006. Parallelizable Authentication Trees. In Selected Areas in Cryptography, Bart Preneel and Stafford Tavares (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 95--109. Google ScholarDigital Library
- Michael Henson and Stephen Taylor. 2014. Memory Encryption: A Survey of Existing Techniques. ACM Comput. Surv. 46, 4, Article 53 (March 2014), 26 pages. Google ScholarDigital Library
- Paul Kocher, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. 2018. Spectre Attacks: Exploiting Speculative Execution. arXiv preprint arXiv:1801.01203 (2018).Google Scholar
- Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. 2018. Meltdown. arXiv preprint arXiv:1801.01207 (2018).Google Scholar
- David A. McGrew and John Viega. 2004. The Security and Performance of the Galois / Counter Mode (GCM) of Operation. In Proceedings of the 5th International Conference on Cryptology in India (INDOCRYPT'04). Springer-Verlag, Berlin, Heidelberg, 343--355. Google ScholarDigital Library
- R. C. Merkle. 1980. Protocols for Public Key Cryptosystems. In 1980 IEEE Symposium on Security and Privacy. 122--122.Google Scholar
- Phillip Rogaway. 2004. Efficient Instantiations of Tweakable Blockciphers and Refinements to Modes OCB and PMAC. In Advances in Cryptology - ASIACRYPT 2004, Pil Joong Lee (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 16--31.Google Scholar
- B. Rogers, S. Chhabra, M. Prvulovic, and Y. Solihin. 2007. Using Address Independent Seed Encryption and Bonsai Merkle Trees to Make Secure Processors OS-and Performance-Friendly. In 40th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO 2007). 183--196. Google ScholarDigital Library
- Mark Seaborn and Thomas Dullien. 2015. Exploiting the DRAM Rowhammer bug to gain kernel privileges. Black Hat (2015), 7--9.Google Scholar
- G. E. Suh, D. Clarke, B. Gasend, M. van Dijk, and S. Devadas. 2003. Efficient memory integrity verification and encryption for secure processors. In Proceedings. 36th Annual IEEE/ACM International Symposium on Microarchitecture, 2003. MICRO-36. 339--350. Google ScholarDigital Library
- G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten van Dijk, and Srinivas Devadas. 2003. AEGIS: Architecture for Tamper-evident and Tamper-resistant Processing. In Proceedings of the 17th Annual International Conference on Supercomputing (ICS '03). ACM, New York, NY, USA, 160--171. Google ScholarDigital Library
- David Lie Chandramohan Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell, and Mark Horowitz. 2000. Architectural Support for Copy and Tamper Resistant Software. SIGARCH Comput. Archit. News 28, 5 (Nov. 2000), 168--177. Google ScholarDigital Library
- Thomas Unterluggauer, Mario Werner, and Stefan Mangard. 2018. MEAS: memory encryption and authentication secure against side-channel attacks. Journal of Cryptographic Engineering (25 Jan 2018).Google ScholarCross Ref
- Andrew Waterman, Yunsup Lee, Rimas Avizienis, David A. Patterson, and Krste Asanovic. 2016. The RISC-V Instruction Set Manual Volume II: Privileged Architecture Version 1.9. Technical Report UCB/EECS-2016-129. EECS Department, University of California, Berkeley. http://www2.eecs.berkeley.edu/Pubs/TechRpts/2016/EECS-2016-129.htmlGoogle Scholar
- Andrew Waterman, Yunsup Lee, David A. Patterson, and Krste Asanovic. 2014. The RISC-V Instruction Set Manual, Volume I: User-Level ISA, Version 2.0. Technical ReportUCB/EECS-2014-54. EECS Department, University of California, Berkeley. http://www2.eecs.berkeley.edu/Pubs/TechRpts/2014/EECS-2014-54.htmlGoogle ScholarCross Ref
- Chenyu Yan, Daniel Englender, Milos Prvulovic, Brian Rogers, and Yan Solihin. 2006. Improving Cost, Performance, and Security of Memory Encryption and Authentication. In Proceedings of the 33rd Annual International Symposium on Computer Architecture (ISCA '06). IEEE Computer Society, Washington, DC, USA, 179--190. Google ScholarDigital Library
Index Terms
- SMARTS: secure memory assurance of RISC-V trusted SoC
Recommendations
Designing a secure DRAM+NVM hybrid memory module
CF '19: Proceedings of the 16th ACM International Conference on Computing FrontiersNon-Volatile Memory (NVM) such as PCM has emerged as a potential alternative for main memory due to its high density and low leakage power. However, an NVM main-memory system faces three challenges when compared to Dynamic Random Access Memory (DRAM) - ...
A New Interpretation for the GHASH Authenticator of AES-GCM
Cyber Security, Cryptology, and Machine LearningAbstractAES-GCM authenticated encryption scheme has a significant role in modern secure communications. It combines AES CTR encryption with authentication that is based on a polynomial evaluation hash function (GHASH) computed in , where
Authentication Key Recovery on Galois/Counter Mode GCM
Proceedings of the 8th International Conference on Progress in Cryptology --- AFRICACRYPT 2016 - Volume 9646GCM is used in a vast amount of security protocols and is quickly becoming the de facto mode of operation for block ciphers due to its exceptional performance. In this paper we analyze the NIST standardized version SP 800-38D of GCM, and in particular ...
Comments