Title :
Improving Cost, Performance, and Security of Memory Encryption and Authentication
Author :
Yan, Chenyu ; Rogers, Brian ; Englender, Daniel ; Solihin, Yan ; Prvulovic, Milos
Author_Institution :
Coll. of Comput., Georgia Inst. of Technol.
Abstract :
Protection from hardware attacks such as snoopers and mod chips has been receiving increasing attention in computer architecture. This paper presents a new combined memory encryption/authentication scheme. Our new split counters for counter-mode encryption simultaneously eliminate counter overflow problems and reduce per-block counter size, and we also dramatically improve authentication performance and security by using the Galois/counter mode of operation (GCM), which leverages counter-mode encryption to reduce authentication latency and overlap it with memory accesses. Our results indicate that the split-counter scheme has a negligible overhead even with a small (32KB) counter cache and using only eight counter bits per data block. The combined encryption/authentication scheme has an IPC overhead of 5% on average across SPEC CPU 2000 benchmarks, which is a significant improvement over the 20% overhead of existing encryption/authentication schemes
Keywords :
Galois fields; cache storage; cryptography; memory architecture; message authentication; Galois counter mode of operation; IPC overhead; SPEC CPU 2000 benchmarks; authentication latency; computer architecture; counter-mode encryption; memory accesses; memory encryption; mod chips; snoopers; split counters; Authentication; Computer architecture; Costs; Counting circuits; Cryptography; Data security; Delay; Hardware; Information security; Protection;
Conference_Titel :
Computer Architecture, 2006. ISCA '06. 33rd International Symposium on
Conference_Location :
Boston, MA
Print_ISBN :
0-7695-2608-X
DOI :
10.1109/ISCA.2006.22
