Optimal parameter selection for efficient memory integrity verification using Merkle hash trees

Author

Williams, Dan ; Sirer, Emin Gün

Author_Institution

Dept. of Comput. Sci., Cornell Univ., Ithaca, NY, USA

fYear

2004

Firstpage

383

Lastpage

388

Abstract

A secure, tamperproof execution environment is critical for trustworthy network computing. Newly emerging hardware, such as those developed as part of the TCPA and Palladium initiatives, enables operating systems to implement such an environment through Merkle hash trees. We examine the selection of optimal parameters, namely blocksize and tree depth, for Merkle hash trees based on the size of the memory region to be protected and the number of memory updates between updates of the hash tree. We analytically derive an expression for the cost of updating the hash tree, show that there is an optimal blocksize for the leaves of a Merkle tree for a given file size and update interval that minimizes the cost of update operations, and describe a general method by which the parameters of such a tree can be determined optimally.

Keywords

cryptography; data integrity; file organisation; network operating systems; tree data structures; Merkle hash trees; Palladium initiatives; TCPA initiatives; file size; memory integrity verification; memory size; memory updates; operating systems; optimal blocksize; optimal parameter selection; secure tamperproof execution environment; tree depth; trustworthy network computing; Computer networks; Cost function; Cryptography; Data structures; Hardware; Intelligent networks; Operating systems; Palladium; Peer to peer computing; Secure storage;

fLanguage

English

Publisher

ieee

Conference_Titel

Network Computing and Applications, 2004. (NCA 2004). Proceedings. Third IEEE International Symposium on

Print_ISBN

0-7695-2242-4

Type

conf

DOI

10.1109/NCA.2004.1347805

Filename

1347805