Operating system controlled processor-memory bus encryption

Xi Chen*, Robert P. Dick, Alok Choudhary

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

21 Scopus citations

Abstract

Unencrypted data appearing on the processor- memory bus can result in security violations, e.g., allowing attackers to gather keys to financial accounts and personal data. Although on-chip bus encryption hardware can solve this problem, it requires hardware redesign or increases processor cost. Application redesign to prevent sensitive data from appearing on the processor - memory bus is extremely difficult. We propose and evaluate a processor - memory bus encryption technique for embedded systems that requires no changes to applications or hardware. This technique exploits cache locking or scratchpad memory, features present in many embedded processors, permitting the operating system (OS) virtual memory infrastructure to automatically encrypt data belonging to protected processes as they are written to off-chip memory. Pages belonging to unprotected processes are stored unencrypted to prevent performance and energy consumption penalties. We evaluate the proposed bus encryption technique using full system simulation. Experimental results indicate that it is possible to prevent the working data sets of processes from appearing on the processor - memory bus in plaintext, without using dedicated hardware and without changing applications. The OS based technique results in 1.37× slowdown for protected processes for processors with 512KB of L2 cache and 1.78× slowdown for processors with 256KB of L2 cache. There are negligible performance penalties for unprotected processes.

Original languageEnglish (US)
Title of host publicationDesign, Automation and Test in Europe, DATE 2008
Pages1154-1159
Number of pages6
DOIs
StatePublished - 2008
EventDesign, Automation and Test in Europe, DATE 2008 - Munich, Germany
Duration: Mar 10 2008Mar 14 2008

Publication series

NameProceedings -Design, Automation and Test in Europe, DATE
ISSN (Print)1530-1591

Other

OtherDesign, Automation and Test in Europe, DATE 2008
Country/TerritoryGermany
CityMunich
Period3/10/083/14/08

ASJC Scopus subject areas

  • General Engineering

Fingerprint

Dive into the research topics of 'Operating system controlled processor-memory bus encryption'. Together they form a unique fingerprint.

Cite this