Memory integrity protection has been a longstanding issue in trusted system design. Most viruses and malware attack the system by modifying data that they are not authorized to access. With the development of the Internet, viruses and malware spread much faster than ever before. In this setting, protecting the memory becomes increasingly important. However, it is a hard problem to protect the dynamic memory. The data in the memory changes from time to time so that the schemes have to be fast enough to provide real-time protection while in the same time the schemes have to use slow crytographical functions to keep the security level. In this thesis, we propose a new fast authentication scheme for memory. As in previous proposals the scheme uses a Merkle tree to guarantee dynamic protection of memory. We use the universal hash function family NH for speed and couple it with an AES encryption in order to achieve a high level of security. The proposed scheme is much faster compared to similar schemes achieved by cryptographic hash functions such as SHA-1 due to the finer grain incremental hashing ability provided by NH. With a modified version of the proposed scheme, the system can access the data in memory without checking the integrity all the time and still keeps the same security level. This feature is mainly due to the incremental nature of NH. Moreover, we show that combining with caches and parallelism, we can achieve fast and simple software implementation.

Creator

• Hu, Yin

Contributors

• Lou, Wenjing
• Fisler, Kathryn
• Sunar, Berk

Degree

• MS

Unit

• Electrical & Computer Engineering

Publisher

• Worcester Polytechnic Institute

Language

• English

Identifier

• etd-043009-183003

Keyword

• Memory Authentication
• Integrity Protection

Advisor

• Sunar, Berk

Committee

• Lou, Wenjing
• Fisler, Kathryn

Defense date

• 2009-04-24

Year

• 2009

Date created

• 2009-04-30

Resource type

• Thesis

Rights statement

• In Copyright

Last modified

• 2023-09-20