Skip to main content
SpringerLink
Log in

An Analysis of Secure Processor Architectures

  • Chapter
Book cover Transactions on Computational Science VII

Part of the book series: Lecture Notes in Computer Science ((TCOMPUTATSCIE,volume 5890))

Abstract

Security continues to be an increasingly important concern in the design of modern systems. Many systems may have security requirements such as protecting the integrity and confidentiality of data and code stored in the system, ensuring integrity of computations, or preventing the execution of unauthorized code. Making security guarantees has become even harder with the emergence of hardware attacks where the attacker has physical access to the system and can bypass any software security mechanisms employed. To this end, researchers have proposed Secure Processor architectures that provide protection against hardware attacks using platform features. In this paper, we analyze three of the currently proposed secure uniprocessor designs in terms of their security, complexity of hardware required and performance overheads: eXecute Only Memory (XOM), Counter mode encryption and Merkle tree based authentication, and Address Independent Seed Encryption and Bonsai Merkle Tree based authentication. We then provide a discussion on the issues in securing multiprocessor systems and survey one design each for Shared Memory Multiprocessors and Distributed Shared Memory Multiprocessors. Finally, we discuss future directions in Secure Processor research which have largely been ignored forming the weakest link in the security afforded by the proposed schemes, namely, Secure booting and Secure configuration. We identify potential issues which can serve to form the foundation of further research in secure processors.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Kumar, A.: Discovering Passwords in Memory (2004), http://www.infosec-writers.com/text_resources/

  2. americanxboxmodchips.com, http://www.americanxboxmodchips.com/

  3. http://www.modchip.com (2005)

  4. mod-chip.com, http://www.mod-chip.com/

  5. modchipoutlet.com, http://www.modchipoutlet.com/

  6. modchipstore.com, http://www.modchipstore.com/

  7. wii-modchips.com, http://www.wii-modchips.com/

  8. xbox-modchips.com, http://www.xbox-modchips.com/

  9. xbox-scene.com, http://www.xbox-scene.com/

  10. xboxhackz.com, http://www.xboxhackz.com/

  11. Gassend, B., Suh, G., Clarke, D., Dijk, M., Devadas, S.: Caches and Hash Trees for Efficient Memory Integrity Verification. In: Proc. of the 9th International Symposium on High Performance Computer Architecture (2003)

    Google Scholar 

  12. Gilmont, T., Legat, J.D., Quisquater, J.J.: Enhancing the Security in the Memory Management Unit. In: Proc. of the 25th EuroMicro Conference (1999)

    Google Scholar 

  13. Lie, D., Mitchell, J., Thekkath, C., Horowitz, M.: Specifying and Verifying Hardware for Tamper-Resistant Software. In: Proc. of the 2003 IEEE Symposium on Security and Privacy (2003)

    Google Scholar 

  14. Lie, D., Thekkath, C., Mitchell, M., Lincoln, P., Boneh, D., Mitchell, J., Horowitz, M.: Architectural Support for Copy and Tamper Resistant Software. In: Proc. of the 9th International Conference on Architectural Support for Programming Languages and Operating Systems (2000)

    Google Scholar 

  15. Rogers, B., Solihin, Y., Prvulovic, M.: Efficient Data Protection for Distributed Shared Memory Multiprocessors. In: Proc. of the 15th International Conference on Parallel Architectures and Compilation Techniques (2006)

    Google Scholar 

  16. Shi, W., Lee, H.H., Ghosh, M., Lu, C.: Architectural Support for High Speed Protection of Memory Integrity and Confidentiality in Multiprocessor Systems. In: Proc. of the 13th International Conference on Parallel Architectures and Compilation Techniques (2004)

    Google Scholar 

  17. Shi, W., Lee, H.H., Ghosh, M., Lu, C., Boldyreva, A.: High Efficiency Counter Mode Security Architecture via Prediction and Precomputation. In: Proc. of the 32nd International Symposium on Computer Architecture (2005)

    Google Scholar 

  18. Shi, W., Lee, H.H., Lu, C., Ghosh, M.: Towards the Issues in Architectural Support for Protection of Software Execution. In: Proc. of the Workshop on Architectural Support for Security and Anti-virus (2004)

    Google Scholar 

  19. Suh, G., Clarke, D., Gassend, B., van Dijk, M., Devadas, S.: AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing. In: Proc. of the 17th International Conference on Supercomputing (2003)

    Google Scholar 

  20. Suh, G., Clarke, D., Gassend, B., van Dijk, M., Devadas, S.: Efficient Memory Integrity Verification and Encryption for Secure Processor. In: Proc. of the 36th Annual International Symposium on Microarchitecture (2003)

    Google Scholar 

  21. Yan, C., Rogers, B., Englender, D., Solihin, Y., Prvulovic, M.: Improving Cost, Performance, and Security of Memory Encryption and Authentication. In: Proc. of the International Symposium on Computer Architecture (2006)

    Google Scholar 

  22. Yang, J., Zhang, Y., Gao, L.: Fast Secure Processor for Inhibiting Software Piracy and Tampering. In: Proc. of the 36th Annual International Symposium on Microarchitecture (2003)

    Google Scholar 

  23. Zhang, Y., Gao, L., Yang, J., Zhang, X., Gupta, R.: SENSS: Security Enhancement to Symmetric Shared Memory Multiprocessors. In: Proc. of the 11th International Symposium on High-Performance Computer Architecture (2005)

    Google Scholar 

  24. IBM: IBM Extends Enhanced Data Security to Consumer Electronics Products (April 2006), http://domino.research.ibm.com/comm/pr.nsf/pages/news.20060410_security.html

  25. Maxim/Dallas Semiconductor: DS5002FP Secure Microprocessor Chip, (2007), http://www.maxim-ic.com/quick_view2.cfm/qv_pk/2949 (last modification)

  26. Intel: Intel Trusted Execution Technology (May 2006), http://www.intel.com/technology/security/

  27. Rogers, B., Chhabra, S., Solihin, Y., Prvulovic, M.: Using Address Independent Seed Encryption and Bonsai Merkle Trees to Make Secure Processors OS- and Performance-Friendly. In: Proc. of the 36th Annual International Symposium on Microarchitecture (2007)

    Google Scholar 

  28. Huang, A.: Hacking the Xbox: An Introduction to Reverse Engineering. No Starch Press, San Francisco (2003)

    Google Scholar 

  29. Huang, A.B.: The Trusted PC: Skin-Deep Security. IEEE Computer 35(10), 103–105 (2002)

    Google Scholar 

  30. FIPS Publication 197: Specification for the Advanced Encryption Standard (AES). National Institute of Standards and Technology, Federal Information Processing Standards (2001)

    Google Scholar 

  31. FIPS Publication 180-1: Secure Hash Standard. National Institute of Standards and Technology, Federal Information Processing Standards (1995)

    Google Scholar 

  32. Renau, J., et al.: SESC (2004), http://sesc.sourceforge.net

  33. Krawczyk, H., Bellare, M., Caneti, R.: HMAC: Keyed-hashing for message authentication (1997), http://www.ietf.org/rfc/rfc2104.txt

  34. Kgil, T., Falk, L., Mudge, T.: ChipLock: Support for Secure Microarchitectures. In: Proc. of the Workshop on Architectural Support for Security and Anti-Virus (October 2004)

    Google Scholar 

  35. Standard Performance Evaluation Corporation (2004), http://www.spec.org

  36. Chhabra, S., Rogers, B., Solihin, Y., Prvulovic, M.: Making secure processors os- and performance-friendly. ACM Transactions on Architecture and Code Optimization 5(4), 1–35 (2009)

    Article  Google Scholar 

  37. Bartholomew, D.: On Demand Computing – IT On Tap? (June 2005), http://www.industryweek.com/ReadArticle.aspx?ArticleID=10303&SectionID=4

  38. PandaLabs: Quarterly Report PandaLabs (2008), http://pandalabs.pandasecurity.com

  39. Heasman, J.: Implementing and Detecting a PCI Rootkit (2006), http://www.ngssoftware.com/research/papers/Implementingi_And_Detecting_A_PCI_Rootkit.pdf

  40. Arbaugh, W., Farber, D.J., Smith, J.M.: A Secure and Reliable Bootstrap Architecture. In: Proc. 1997 IEEE Symposium on Security and Privacy (1997)

    Google Scholar 

  41. TCG: TCG PC Client Specific Implementation Specification For Conventional BIOS (April 2006), https://www.trustedcomputinggroup.org/sspecs/PCClient/TCG_PCClientImplementationforBIOS_1-20_100.pdf

  42. ARM: ARM TrustZone (2004), http://www.arm.com/products/esd/trustzone_home.html

Download references

Author information

Authors and Affiliations

  1. Dept. of Electrical and Computer Engineering, North Carolina State University, Raleigh, USA

    Siddhartha Chhabra & Yan Solihin

  2. Intel Labs, Intel Corporation, Oregon, USA

    Reshma Lal & Matthew Hoekstra

Authors
  1. Siddhartha Chhabra
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yan Solihin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Reshma Lal
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Matthew Hoekstra
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, University of Calgary, 2500 University Drive N.W., T2N 1N4, Calgary, AB, Canada

    Marina L. Gavrilova

  2. Exascala Ltd., Unit 9, 97 Rickman Drive, B15 2AL, Birmingham, UK

    C. J. Kenneth Tan

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Chhabra, S., Solihin, Y., Lal, R., Hoekstra, M. (2010). An Analysis of Secure Processor Architectures. In: Gavrilova, M.L., Tan, C.J.K. (eds) Transactions on Computational Science VII. Lecture Notes in Computer Science, vol 5890. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-11389-5_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-11389-5_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-11388-8

  • Online ISBN: 978-3-642-11389-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation