Title:
Architecture Support for High Speed Protection of Memory Integrity and Confidentiality in Symmetric Multiprocessor Systems

Thumbnail Image
Files
git-cercs-04-22.pdf (274.51 KB)
Authors
Shi, Weidong
 Lee, Hsien-Hsin Sean
 Ghosh, Mrinmoy
 Lu, Chenghuai
 Zhang, Tao
Authors
Advisors
Advisors
Associated Organizations
Organizational Unit
Series
Collections
Research Publications
Supplementary to
Permanent Link
http://hdl.handle.net/1853/107
Abstract
Recently there is a growing interest in both the architecture and the security community to create a hardware based solution for authenticating system memory. As shown in the previous work, such silicon based memory authentication could become a vital component for creating future trusted computing environments and digital rights protection. Almost all the published work have focused on authenticating memory that is exclusively owned by one processing unit. However, in today's computing platforms, memory is often shared by multiple processing units which support shared system memory and snoop bus based memory coherence. Authenticating shared memory is a new challenge to memory protection. In this paper, we present a secure and fast architecture solution for authenticating shared memory. In terms of incorporating memory authentication into the processor pipeline, we proposed a new scheme called Authentication Speculative Execution. Unlike the previous approach for hiding or tolerating latency of memory authentication, our scheme does not trades security for performance. The novel ASE scheme is both secure to be combined with one-time-pad (OTP) based memory encryption and efficient to tolerate authentication latency. Results using modified rsim and splash2 benchmarks show only 5% overhead in performance on dual and quad processor platforms. Furthermore, ASE shows 80% performance advantage on average over conservative non-speculative execution based authentication. The scheme is of practical use for both symmetric multiprocessor systems and uni-processor systems where memory is shared by the main processor and other co-processors attached to the system bus.
Sponsor
Date Issued
2004-06-01
Extent
281102 bytes
Resource Type
Text
Resource Subtype
Technical Report
Rights Statement
Rights URI