Generalized external interaction with tamper-resistant hardware with bounded information leakage
Author(s)Yu, Xiangyao; Ren, Ling; Devadas, Srinivas; Fletcher, Christopher Wardlaw; van Dijk, Marten
MetadataShow full item record
This paper investigates secure ways to interact with tamper-resistant hardware leaking a strictly bounded amount of information. Architectural support for the interaction mechanisms is studied and performance implications are evaluated. The interaction mechanisms are built on top of a recently-proposed secure processor Ascend[ascend-stc12]. Ascend is chosen because unlike other tamper-resistant hardware systems, Ascend completely obfuscates pin traffic through the use of Oblivious RAM (ORAM) and periodic ORAM accesses. However, the original Ascend proposal, with the exception of main memory, can only communicate with the outside world at the beginning or end of program execution; no intermediate information transfer is allowed. Our system, Stream-Ascend, is an extension of Ascend that enables intermediate interaction with the outside world. Stream-Ascend significantly improves the generality and efficiency of Ascend in supporting many applications that fit into a streaming model, while maintaining the same security level.Simulation results show that with smart scheduling algorithms, the performance overhead of Stream-Ascend relative to an insecure and idealized baseline processor is only 24.5%, 0.7%, and 3.9% for a set of streaming benchmarks in a large dataset processing application. Stream-Ascend is able to achieve a very high security level with small overheads for a large class of applications.
DepartmentMassachusetts Institute of Technology. Department of Electrical Engineering and Computer Science
Proceedings of the 2013 ACM workshop on Cloud computing security workshop (CCSW '13)
Association for Computing Machinery (ACM)
Yu, Xiangyao, Christopher W. Fletcher, Ling Ren, Marten van Dijk, and Srinivas Devadas. “Generalized External Interaction with Tamper-Resistant Hardware with Bounded Information Leakage.” Proceedings of the 2013 ACM Workshop on Cloud Computing Security Workshop - CCSW ’13 (2013).
Author's final manuscript