Efficiently Protect Memory through an Independent Counter Channel

The challenge of building secure memory is to realize highly efficient memory encryption and authentication without compromising security. For such purpose, each off-chip memory chunk, as well as its integrity code, is encrypted through OTP cipher. The encryption pads used by OTP cipher are deduced from unique counters, and the storage of counters is verified by hash tree. As counters cannot be tampered, memory chunks can then be properly decrypted and authenticated. To achieve satisfied performance, the essential architecture support is to deploy an independent channel connecting to the storage space of counters. It can remove hash tree verification latency and quicken the process of OTP pad generation, as it makes parallel counters fetching/checking with memory accessing. Further performance optimizations profit from two special buffers. One buffer stores those frequently used counter to feed pad generation engine quickly, and another enables asynchronous verification of hash tree to smooth checking requirement. Related approach and system realization are elaborated, as well as testing results. Theoretical analysis and experimental simulation show that it is a practical and available way to protect confidentiality and integrity of memory.