article

Towards the issues in architectural support for protection of software execution

Authors:

Hsien-Hsin S. Lee,

Chenghuai Lu, and

Mrinmoy GhoshAuthors Info & Claims

ACM SIGARCH Computer Architecture News, Volume 33, Issue 1

Pages 6 - 15

https://doi.org/10.1145/1055626.1055629

Published: 01 March 2005 Publication History

Abstract

Recently, there is a growing interest in the research community to employ tamper-resistant processors for software protection. Many of these proposed systems rely on a specially tailored secure processor to prevent 1) illegal software duplication, 2) unauthorized software modification, and 3) unauthorized software reverse engineering. Most of these works primarily focus on the feasibility demonstration and design details rather than trying to elucidate many fundamental issues that are either "elusive" or "confusing" to the architecture researchers. Furthermore, many proposed systems have been built on assumptions whose security implications have not been well studied or understood. Instead of proposing yet another new secure architecture model, in this paper, we will try to answer some of these fundamental questions with respect to using hardware-based cryptography for protecting software execution. Those issues include, 1) Is hardware cryptography necessary? 2) Is per-process single cryptography key enough to provide the flexibility, inter-operability, and compatibility required by today's complex software system? 3) Is OTP (one-time-pad) in combination with "lazy" authentication secure enough to protect software confidentiality? 4) Is there way to protect software integrity using less hardware resource? Finally, the paper defines the difference between off-line and on-line attacks and presents a very low overhead security enhancement technique that can improve protection on software integrity over on-line attacks by several magnitudes.

References

[1]

M-TREE: A Fast Secure Architecture for Protecting the Integrity and Privacy of Software. Submitted for publicationhttp://www.cc.gatech.edu/people/home/lulu/Mtree.pdf, 2004.]]

[2]

The Trusted Computing Platform Alliance. https://www.trustedcomputinggroup.org/home. 2003.]]

[3]

W. A. Arbaugh, D. J. Farber, and J. M. Smith. A secure and reliable bootstrap architecture. In Proceedings of the 1997 IEEE Symposium on Security and Privacy, page 65. IEEE Computer Society, 1997.]]

Digital Library

[4]

Compaq Computer. Alpha 21264 Microprocessor Hardware Reference Manual.]]

[5]

Federal Information Processing Standard Draft. Advanced Encryption Standard (AES). National Institute of Standards and Technology, 2001.]]

[6]

A. Huang. Keeping secrets in hardware the microsoft xbox case study. MIT AI Memo, 2002.]]

[7]

D. Lie, C. Thekkath, M. Mitchell, P. Lincoln, D. Boneh J. Mitchell, and M. Horowitz. Architectual support for copy and tamper resistant software. In Proceedings of the 9th Symposium on Architectural Support for Programming Languages and Operating Systems, 2000.]]

Digital Library

[8]

David Lie, Chandramohan A. Thekkath, and Mark Horowitz. Implementing an untrusted operating system on trusted hardware. In Proceedings of the 19th ACM Symposium on Operating Systems Principles, pages 178--192. ACM Press, October, 2003.]]

Digital Library

[9]

Matt Pritchard. How to Hurt the Hackers: The Scoop on Internet Cheating and How You Can Combat It. http://www.gamasutra.com/features/20000724/pritchard01.htm.]]

[10]

Weidong Shi, Hsien-Hsin S. Lee, Chenghuai Lu, and Mrinmoy Ghosh. High Speed Memory Centric Protection on Software Execution Using One-Time-Pad Prediction. Report GIT-CERCS-04-27, Geogia Institute of Technology, Atlanta, GA, July 2004.]]

[11]

E. Suh, B. Gassend, D. Clarke, M. Van Dijk, and S. Devadas. Caches and merkle trees for efficient memory authentication. In Proceedings of the Ninth Annual Symposium on High Performance Computer Architecture, February 2003.]]

Digital Library

[12]

E. G. Suh, D. Clarke, B. Gassend, M. van Dijk, and S. Devadas. Efficient Memory Integrity Verification and Encryption for Secure Processors. In Proceedings of the 36th Annual International Symposium on Microarchitecture, December, 2003.]]

Digital Library

[13]

E. G. Suh, D. Clarke, M. van Dijk, B. Gassend, and S. Devadas. AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing. In Proceedings of The Int'l Conference on Supercomputing, 2003.]]

Digital Library

[14]

T. Sander and C. Tschudin. Protecting mobile agents against malicious hosts. Mobile Agents and Security. LNCS, Feb, 1998.]]

Digital Library

[15]

Jun Yang, Youtao Zhang, and Lan Gao. Fast Secure Processor for Inhibiting Software Piracty and Tampering. In 36th Annual IEEE/ACM International Symposium on Microarchitecture, December, 2003.]]

Digital Library

[16]

Xiangyu Zhang and Rajiv Gupta. Hiding program slices for software security. In Proceedings of the 2003 Internal Conference on Code Generation and Optimization, pages 325--336, 2003.]]

Digital Library

Cited By

Na SKim JLee SHuh J(2024)Supporting Secure Multi-GPU Computing with Dynamic and Batched Metadata Management2024 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA57654.2024.00025(204-217)Online publication date: 2-Mar-2024
https://doi.org/10.1109/HPCA57654.2024.00025
Feng EDu DXia YChen H(2023)Efficient Distributed Secure Memory with Migratable Merkle Tree2023 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA56546.2023.10071130(347-360)Online publication date: Feb-2023
https://doi.org/10.1109/HPCA56546.2023.10071130
Szefer J(2018)Principles of Secure Processor Architecture DesignSynthesis Lectures on Computer Architecture10.2200/S00864ED1V01Y201807CAC04513:3(1-173)Online publication date: 18-Oct-2018
https://doi.org/10.2200/S00864ED1V01Y201807CAC045
Show More Cited By

Index Terms

Towards the issues in architectural support for protection of software execution
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Attacks and risk analysis for hardware supported software copy protection systems
DRM '04: Proceedings of the 4th ACM workshop on Digital rights management

<i>Recently, there is a growing interest in the research community to use tamper-resistant processors for software copy protection. Many of these tamper-resistant systems rely on a specially tailored secure processor to prevent, 1) illegal software ...
Read More
Cryptoanalysis of Two Signcryption Schemes
IAS '09: Proceedings of the 2009 Fifth International Conference on Information Assurance and Security - Volume 02

Certificateless PKC and self-certified PKC are two new public key systems. Theyremove the necessity of certificate to ensure the authentication of the user's public key in CB-PKC and also overcome the inherent key escrow problem in IB-PKC. Recently, ...
Read More
On the Security of PAS (Predicate-Based Authentication Service)
ACSAC '09: Proceedings of the 2009 Annual Computer Security Applications Conference

Recently a new human authentication scheme called PAS (predicate-based authentication service) was proposed, which does not require the assistance of any supplementary device. The main security claim of PAS is to resist passive adversaries who can ...
Read More

Comments

Information & Contributors

Information

Published In

cover image ACM SIGARCH Computer Architecture News

ACM SIGARCH Computer Architecture News Volume 33, Issue 1

Special issue: Workshop on architectural support for security and anti-virus (WASSA)

March 2005

159 pages

ISSN:0163-5964

DOI:10.1145/1055626

Issue’s Table of Contents

Copyright © 2005 Authors.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 March 2005

Published in SIGARCH Volume 33, Issue 1

Check for updates

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

19
Total Citations
View Citations
841
Total Downloads

Downloads (Last 12 months)4
Downloads (Last 6 weeks)0

Other Metrics

View Author Metrics

Citations

Cited By

Na SKim JLee SHuh J(2024)Supporting Secure Multi-GPU Computing with Dynamic and Batched Metadata Management2024 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA57654.2024.00025(204-217)Online publication date: 2-Mar-2024
https://doi.org/10.1109/HPCA57654.2024.00025
Feng EDu DXia YChen H(2023)Efficient Distributed Secure Memory with Migratable Merkle Tree2023 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA56546.2023.10071130(347-360)Online publication date: Feb-2023
https://doi.org/10.1109/HPCA56546.2023.10071130
Szefer J(2018)Principles of Secure Processor Architecture DesignSynthesis Lectures on Computer Architecture10.2200/S00864ED1V01Y201807CAC04513:3(1-173)Online publication date: 18-Oct-2018
https://doi.org/10.2200/S00864ED1V01Y201807CAC045
Lee JKim THuh J(2016)Reducing the Memory Bandwidth Overheads of Hardware Security Support for Multi-Core ProcessorsIEEE Transactions on Computers10.1109/TC.2016.253821865:11(3384-3397)Online publication date: 1-Nov-2016
https://dl.acm.org/doi/10.1109/TC.2016.2538218
YOON SLEE SPARK JKIM J(2015)Instruction-level Real-time Secure Processor Using an Error Correction CodeAdvances in Electrical and Computer Engineering10.4316/AECE.2015.0300215:3(13-16)Online publication date: 2015
https://doi.org/10.4316/AECE.2015.03002
Tripathi SYadav RRanvijay Jana R(2013)Resource Management in Real Time Distributed System with Security ConstraintsDevelopment of Distributed Systems from Design to Application and Maintenance10.4018/978-1-4666-2647-8.ch014(230-251)Online publication date: 2013
https://doi.org/10.4018/978-1-4666-2647-8.ch014
Tripathi SYadav RRanvijay Jana R(2011)Resource Management in Real Time Distributed System with Security ConstraintsInternational Journal of Distributed Systems and Technologies10.4018/jdst.20110401032:2(38-58)Online publication date: 1-Apr-2011
https://dl.acm.org/doi/10.4018/jdst.2011040103
Hong DBathen LLim SDutt N(2011)DynaPoMPProceedings of the Workshop on Embedded Systems Security10.1145/2072274.2072279(1-10)Online publication date: 9-Oct-2011
https://dl.acm.org/doi/10.1145/2072274.2072279
Yang JGao LZhang YChrobak MLee H(2010)A low-cost memory remapping scheme for address bus protectionJournal of Parallel and Distributed Computing10.1016/j.jpdc.2009.11.00870:5(443-457)Online publication date: 1-May-2010
https://dl.acm.org/doi/10.1016/j.jpdc.2009.11.008
Chhabra SSolihin Y(2010)Green Secure Processors: Towards Power-Efficient Secure Processor DesignTransactions on Computational Science X10.1007/978-3-642-17499-5_13(329-351)Online publication date: 2010
https://doi.org/10.1007/978-3-642-17499-5_13
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents