Title page for ETD etd-043009-183003

Document Type thesis

Author Name Hu, Yin

Email Address hhyy_best at wpi.edu

URN etd-043009-183003

Title An Efficient Scheme to Provide Real-time Memory Integrity Protection

Degree MS

Department Electrical & Computer Engineering

Advisors
Berk Sunar, Advisor
Wenjing Lou, Committee Member
Kathryn Fisler, Committee Member
Fred J. Looft, Department Head

Keywords
Integrity Protection
Memory Authentication

Date of Presentation/Defense 2009-04-24

Availability unrestricted

Abstract
Memory integrity protection has been a longstanding issue in trusted system design. Most viruses and malware attack the system by modifying data that they are not authorized to access. With the development of the Internet, viruses and malware spread much faster than ever before. In this setting, protecting the memory becomes increasingly important. However, it is a hard problem to protect the dynamic memory. The data in the memory changes from time to time so that the schemes have to be fast enough to provide real-time protection while in the same time the schemes have to use slow crytographical functions to keep the security level.

In this thesis, we propose a new fast authentication scheme for memory. As in previous proposals the scheme uses a Merkle tree to guarantee dynamic protection of memory. We use the universal hash function family NH for speed and couple it with an AES encryption in order to achieve a high level of security. The proposed scheme is much faster compared to similar schemes achieved by cryptographic hash functions such as SHA-1 due to the finer grain incremental hashing ability provided by NH. With a modified version of the proposed scheme, the system can access the data in memory without checking the integrity all the time and still keeps the same security level. This feature is mainly due to the incremental nature of NH. Moreover, we show that combining with caches and parallelism, we can achieve fast and simple software implementation.

Files
YHu.pdf

Browse by Author | Browse by Department | Search all available ETDs

Questions? Email etd-questions@wpi.edu
Maintained by webmaster@wpi.edu

Document Type	thesis
Author Name	Hu, Yin
Email Address	hhyy_best at wpi.edu
URN	etd-043009-183003
Title	An Efficient Scheme to Provide Real-time Memory Integrity Protection
Degree	MS
Department	Electrical & Computer Engineering
Advisors	Berk Sunar, Advisor Wenjing Lou, Committee Member Kathryn Fisler, Committee Member Fred J. Looft, Department Head
Keywords	Integrity Protection Memory Authentication
Date of Presentation/Defense	2009-04-24
Availability	unrestricted
Abstract Memory integrity protection has been a longstanding issue in trusted system design. Most viruses and malware attack the system by modifying data that they are not authorized to access. With the development of the Internet, viruses and malware spread much faster than ever before. In this setting, protecting the memory becomes increasingly important. However, it is a hard problem to protect the dynamic memory. The data in the memory changes from time to time so that the schemes have to be fast enough to provide real-time protection while in the same time the schemes have to use slow crytographical functions to keep the security level. In this thesis, we propose a new fast authentication scheme for memory. As in previous proposals the scheme uses a Merkle tree to guarantee dynamic protection of memory. We use the universal hash function family NH for speed and couple it with an AES encryption in order to achieve a high level of security. The proposed scheme is much faster compared to similar schemes achieved by cryptographic hash functions such as SHA-1 due to the finer grain incremental hashing ability provided by NH. With a modified version of the proposed scheme, the system can access the data in memory without checking the integrity all the time and still keeps the same security level. This feature is mainly due to the incremental nature of NH. Moreover, we show that combining with caches and parallelism, we can achieve fast and simple software implementation.
Files	YHu.pdf