Affiliation:
1. Georgia Institute of Technology
2. North Carolina State University
Abstract
Protection from hardware attacks such as snoopers and mod chips has been receiving increasing attention in computer architecture. This paper presents a new combined memory encryption/authentication scheme. Our new split counters for counter-mode encryption simultaneously eliminate counter overflow problems and reduce per-block counter size, and we also dramatically improve authentication performance and security by using the Galois/Counter Mode of operation (GCM), which leverages counter-mode encryption to reduce authentication latency and overlap it with memory accesses. Our results indicate that the split-counter scheme has a negligible overhead even with a small (32KB) counter cache and using only eight counter bits per data block. The combined encryption/authentication scheme has an IPC overhead of 5% on average across SPEC CPU 2000 benchmarks, which is a significant improvement over the 20% overhead of existing encryption/authentication schemes.
Publisher
Association for Computing Machinery (ACM)
Cited by
134 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Counter-light Memory Encryption;2024 ACM/IEEE 51st Annual International Symposium on Computer Architecture (ISCA);2024-06-29
2. MetaLeak: Uncovering Side Channels in Secure Processor Architectures Exploiting Metadata;2024 ACM/IEEE 51st Annual International Symposium on Computer Architecture (ISCA);2024-06-29
3. Analyzing the Vulnerabilities of External SDRAM on System-on-Chip Field Programmable Gate Array Devices;IEEE Transactions on Very Large Scale Integration (VLSI) Systems;2024-06
4. A Midsummer Night’s Tree: Efficient and High Performance Secure SCM;Proceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 3;2024-04-27
5. EMAClave: An Efficient Memory Authentication for RISCV Enclaves;2024 Design, Automation & Test in Europe Conference & Exhibition (DATE);2024-03-25