TEC-Tree: A Low Cost, Parallelizable Tree for Efficient Defense against Memory Replay Attacks

Source:

Proc. Workshop on Cryptographic Hardware and Embedded Systems (CHES 2007), Vienna, Austria, p.289-302 (2007)

Abstract:

Replay attacks are often the most costly attacks to thwart when dealing with off-chip memory integrity. With a trusted System-on-Chip, the existing countermeasures against replay require a large amount of on-chip memory to provide tamper-proof storage for metadata such as hash values or nonces. Tree-based strategies can be deployed to reduce this unacceptable overhead; for example, the well-known Merkle tree technique decreases this overhead to a single hash value. However, it comes at the cost of performance-killing characteristics for embedded systems ? e.g. non-parallelizable hash computations on tree updates. In this paper, we propose an alternative solution: the Tamper-Evident Counter Tree (TEC-Tree). It allows for tamper-evident off-chip storage of the nonces involved in a replay countermeasure; TEC-Tree parallelizes the computations involved in both the authentication and tree update processes. Moreover, because our tree relies on block encryption, it provides data confidentiality at no extra cost. TEC-Tree is a deployable solution for memory integrity, with low performance hit and hardware cost.

Notes:

Lecture Notes in Computer Science (LNCS) Volume 4727

AttachmentSize
elbaz_ches07.pdf318.37 KB