Advertisement

Journal in Computer Virology

, Volume 4, Issue 2, pp 101–113 | Cite as

Improving virus protection with an efficient secure architecture with memory encryption, integrity and information leakage protection

  • Guillaume DucEmail author
  • Ronan Keryell
SSTIC 2007 Best Academic Papers
  • 170 Downloads

Abstract

Malicious software and other attacks are a major concern in the computing ecosystem and there is a need to go beyond the answers based on untrusted software. Trusted and secure computing can add a new hardware dimension to software protection. Several secure computing hardware architectures using memory encryption and memory integrity checkers have been proposed during the past few years to provide applications with a tamper resistant environment. Some solutions, such as HIDE, have also been proposed to solve the problem of information leakage on the address bus. We propose the CRYPTOPAGE architecture which implements memory encryption, memory integrity protection checking and information leakage protection together with a low performance penalty (3% slowdown on average) by combining the Counter Mode of operation, local authentication values and MERKLE trees. It has also several other security features such as attestation, secure storage for applications and program identification. We present some applications of the CRYPTOPAGE architecture in the computer virology field as a proof of concept of improving security in presence of viruses compared to software only solutions.

Keywords

Smart Card Information Leakage Replay Attack Memory Encryption Secure Architecture 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Austin T., Larson E., Ernst D. (2002). SIMPLESCALAR: An infrastructure for computer system modeling. Computer 35(2): 59–67 CrossRefGoogle Scholar
  2. 2.
    Best, R.M.: Microprocessor for executing enciphered programs. Technical Report US4168396, US Patent, Sept 1979Google Scholar
  3. 3.
    Best, R.M.: Preventing software piracy with crypto-microprocessors. In: IEEE Spring CompCon’80, pp. 466–469. IEEE Computer Society, February 1980Google Scholar
  4. 4.
    Best, R.M.: Crypto microprocessor for executing enciphered programs. Technical Report US4278837, US Patent, July 1981Google Scholar
  5. 5.
    Best, R.M.: Crypto microprocessor that executes enciphered programs. Technical Report US4465901, US Patent, August 1984Google Scholar
  6. 6.
    Dallas Semiconductor. DS5002FP Secure Microprocessor Chip, July 2006. http://datasheets.maxim-ic.com/en/ds/DS5002FP.pdf
  7. 7.
    Duc, G.: CRYPTOPAGE—an architecture to run secure processes. Diplôme d’Études Approfondies, École Nationale Supérieure des Télécommunications de Bretagne, DEA de l’Université de Rennes 1, June 2004. http://enstb.org/~gduc/dea/rapport/rapport.pdf
  8. 8.
    Duc, G.: Support matériel, logiciel et cryptographique pour une exécution sécurisée de processus. Ph.D. thesis, École Nationale Supérieure des Télécommunications de Bretagne (2007). http://enstb.org/~gduc/these/these.pdf
  9. 9.
    Duc, G., Keryell, R.: Portage d’un systéme GNU/LINUX sur l’architecture sécurisée CRYPTOPAGE/x86. Technical report, ENST Bretagne, December 2004. http://info.enstb.org/projets/cryptopage/documents/techreport_200412.pdf
  10. 10.
    Duc, G., Keryell, R.: The concept of secure processes for LINUX on the CRYPTOPAGE/x86 secure architecture. Technical report, ENST Bretagne, April 2005. http://info.enstb.org/projets/cryptopage/documents/techreport_200504.pdf
  11. 11.
    Duc, G., Keryell, R.: Portage de l’architecture sécurisée CRYPTOPAGE sur un microprocesseur x86. In: Symposium en Architecture nouvelles de machines (SympA’2005), pp. 61–72, April 2005Google Scholar
  12. 12.
    Duc, G., Keryell, R.: CRYPTOPAGE: an efficient secure architecture with memory encryption, integrity and information leakage protection. In: Proceedings of the 22th Annual Computer Security Applications Conference (ACSAC’06), pp. 483–492. IEEE Computer Society, December 2006Google Scholar
  13. 13.
    Duc, G., Keryell, R.: CRYPTOPAGE/HIDE: une architecture efficace combinant chiffrement, intégrité mémoire et protection contre les fuites d’informations. In: Symposium en Architecture de Machines (SympA’2006), October 2006Google Scholar
  14. 14.
    Duc G., Keryell R., Lauradoux C. (2005). CRYPTOPAGE: Support matériel pour cryptoprocessus. Techn. Sci. Inform. 24: 667–701 CrossRefGoogle Scholar
  15. 15.
    Folding@home distributed computing, May 2007. http://folding.stanford.edu/
  16. 16.
    Gassend, B., Suh, G.E., Clarke, D., van Dijk, M., Devadas, S.: Caches and hash trees for efficient memory integrity verification. In: Proceedings of the 9th International Symposium on High- Performance Computer Architecture (HPCA’03), pp. 295–306, February 2003Google Scholar
  17. 17.
    Grid’5000, May 2007. http://www.grid5000.fr
  18. 18.
    Henning J.L. (2000). SPEC CPU2000: measuring CPU performance in the new millennium. IEEE Comput. 33(7): 28–35 Google Scholar
  19. 19.
    Huang, A.: Keeping secrets in hardware: the Microsoft XBox (TM) case study. Technical Report AI Memo 2002–2008, Massachusetts Institute of Technology, May 2002Google Scholar
  20. 20.
    IBM PCI cryptographic coprocessor, May 2007. http://www.03.ibm.com/security/cryptocards/pcicc/overview.shtml
  21. 21.
    Keryell, R.: CRYPTOPAGE-1: vers la fin du piratage informatique? In: Symposium d’Architecture (SympA’6), pp. 35–44, Besanton, June 2000Google Scholar
  22. 22.
    Kocher, P.C.: Timing attacks on implementations of DIFFIE-HELLMAN, RSA, DSS, and other systems. In: Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology (CRYPTO’96), vol. 1109, pp. 104–113. Springer, Heidelberg, August 1996Google Scholar
  23. 23.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology (CRYPTO’99), vol. 1666, pp. 388–397. Springer, Heidelberg, August 1999Google Scholar
  24. 24.
    Kuhn, M.: The TrustNo1 cryptoprocessor concept. Technical Report CS555, Purdue University, April 1997Google Scholar
  25. 25.
    Kuhn, M.G.: Cipher instruction search attack on the bus-encryption security microcontroller DS5002FP. In: IEEE Transaction on Computers, vol. 47, pp. 1153–1157. IEEE Computer Society, October 1998Google Scholar
  26. 26.
    Lauradoux, C., Keryell, R.: CRYPTOPAGE-2: un processeur sécurisé contre le rejeu. In: Symposium en Architecture et Adéquation Algorithme Architecture (SympAAA’2003), pp. 314–321, La Colle sur Loup, France, October 2003Google Scholar
  27. 27.
    Lie, D., Thekkath, C., Mitchell, M., Lincoln, P., Boneh, D., Mitchell, J., Horowitz, M.: Architectural support for copy and tamper resistant software. In: Proceedings of the Ninth International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS IX), pp. 168–177, October 2000Google Scholar
  28. 28.
    Lie, D., Trekkath, C.A., Horowitz, M.: Implementing an untrusted operating system on trusted hardware. In: Proceedings of the 9th ACM Symposium on Operating Systems Principles (SOSP’03), pp. 178–192, October 2003Google Scholar
  29. 29.
    Lie, D.J.: Architectural support for copy and tamper-resistant software. Ph.D. thesis, Stanford University (2004)Google Scholar
  30. 30.
    Microsoft Corporation. NGSCB: Trusted Computing Base and Software Authentication (2003). http://www.microsoft.com/resources/ngscb/documents/ngscb_tcb.doc
  31. 31.
    Microsoft Corporation. Security Model for the Next-Generation Secure Computing Base (2003). http://www.microsoft.com/resources/ngscb/documents/NGSCB_Security_Model.doc
  32. 32.
    NIST. Advanced Encryption Standard (AES). Federal Information Processing Standards Publication 197, November 2001Google Scholar
  33. 33.
    NIST. Recommendation for block cipher modes of operation. Special Publication 800-38A, December 2001Google Scholar
  34. 34.
    Smith, S.W.: Trusted Computing Platforms: Design and Applications. Springer, Heidelberg (2004)Google Scholar
  35. 35.
    Smith S.W., Weingart S. (1999). Building a high-performance, programmable secure coprocessor. Comput. Netw. 31(9): 831–860 CrossRefGoogle Scholar
  36. 36.
    Suh, G.E., Clarke, D., Gassend, B., van Dijk, M., Devadas, S.: AEGIS: Architecture for tamper-evident and tamper-resistant processing. In: Proceedings of the 17th International Conference on Supercomputing (ICS’03), pp. 160–171, June 2003Google Scholar
  37. 37.
    Suh, G.E., O’Donnell, C.W., Sachdev, I., Devadas, S.: Design and implementation of the AEGIS single-chip secure processor using physical random functions. In: Proceedings of the 32nd Annual International Symposium on Computer Architecture (ISCA’05), pp. 25–36. IEEE Computer Society, June 2005Google Scholar
  38. 38.
    Trusted Computing Group, February 2007. http://www.trustedcomputinggroup.org
  39. 39.
    Zhuang, X., Zhang, T., Pande, S.: HIDE: an infrastructure for efficiently protecting information leakage on the address bus. In: Proceedings of the 11th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS-XI), pp. 72–84. ACM Press, October 2004Google Scholar

Copyright information

© Springer-Verlag France 2007

Authors and Affiliations

  1. 1.ENST BretagneBrest Cedex 3France

Personalised recommendations