Added Redundancy Explicit Authentication at the Block Level for Parallelized Encryption and Integrity Checking on Processor-Memory Buses - LIRMM - Laboratoire d’Informatique, de Robotique et de Microélectronique de Montpellier
Other Publications Year : 2007

Added Redundancy Explicit Authentication at the Block Level for Parallelized Encryption and Integrity Checking on Processor-Memory Buses

Abstract

The bus between the System on Chip (SoC) and the external memory is one of the weakest points of computing systems because an adversary can easily probe this bus in order to read private data, to retrieve software code (data confidentiality concern) or to inject data (data integrity concern). The conventional way to provide data confidentiality and integrity is to implement a dedicated hardware engine for each security service. Being secured, this approach prevents parallelizability of the underlying computations. In this paper, we introduce the concept of Added Redundancy Explicit Authentication (AREA) at the block level and we describe a Parallelized Encryption and Integrity Checking Engine (PE-ICE) based on this concept. PE-ICE has been designed to provide an effective solution to ensure both security services while allowing for full parallelization on processor read and write operations and optimizing the hardware resources. Compared to standard encryption which provides only confidentiality, we show that PE-ICE additionally guarantees code and data integrity for less than 4% of run-time performance overhead and at no additional hardware cost.
Fichier principal
Vignette du fichier
TR_Elbaz_Torres.pdf (749.56 Ko) Télécharger le fichier
Loading...

Dates and versions

lirmm-00171028 , version 1 (11-09-2007)

Identifiers

  • HAL Id : lirmm-00171028 , version 1

Cite

Reouven Elbaz, Lionel Torres, Gilles Sassatelli. Added Redundancy Explicit Authentication at the Block Level for Parallelized Encryption and Integrity Checking on Processor-Memory Buses. 2007. ⟨lirmm-00171028⟩
174 View
452 Download

Share

More