Improving Cost, Performance, and Security of Memory Encryption and Authentication
Top Cited Papers
- 1 May 2006
- journal article
- Published by Association for Computing Machinery (ACM) in ACM SIGARCH Computer Architecture News
- Vol. 34 (2), 179-190
- https://doi.org/10.1145/1150019.1136502
Abstract
Protection from hardware attacks such as snoopers and mod chips has been receiving increasing attention in computer architecture. This paper presents a new combined memory encryption/authentication scheme. Our new split counters for counter-mode encryption simultaneously eliminate counter overflow problems and reduce per-block counter size, and we also dramatically improve authentication performance and security by using the Galois/Counter Mode of operation (GCM), which leverages counter-mode encryption to reduce authentication latency and overlap it with memory accesses. Our results indicate that the split-counter scheme has a negligible overhead even with a small (32KB) counter cache and using only eight counter bits per data block. The combined encryption/authentication scheme has an IPC overhead of 5% on average across SPEC CPU 2000 benchmarks, which is a significant improvement over the 20% overhead of existing encryption/authentication schemes.Keywords
This publication has 4 references indexed in Scilit:
- High Efficiency Counter Mode Security Architecture via Prediction and PrecomputationPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- SENSS: Security Enhancement to Symmetric Shared Memory MultiprocessorsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- The trusted PC: skin-deep securityComputer, 2002
- Architectural support for copy and tamper resistant softwarePublished by Association for Computing Machinery (ACM) ,2000