{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:33:33Z","timestamp":1750307613387,"version":"3.41.0"},"reference-count":42,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2009,3,1]],"date-time":"2009-03-01T00:00:00Z","timestamp":1235865600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000143","name":"Division of Computing and Communication Foundations","doi-asserted-by":"publisher","award":["CCF-0347425CCF-0447783CCF-0541080"],"award-info":[{"award-number":["CCF-0347425CCF-0447783CCF-0541080"]}],"id":[{"id":"10.13039\/100000143","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Archit. Code Optim."],"published-print":{"date-parts":[[2009,3]]},"abstract":"<jats:p>In today's digital world, computer security issues have become increasingly important. In particular, researchers have proposed designs for secure processors that utilize hardware-based memory encryption and integrity verification to protect the privacy and integrity of computation even from sophisticated physical attacks. However, currently proposed schemes remain hampered by problems that make them impractical for use in today's computer systems: lack of virtual memory and Inter-Process Communication support as well as excessive storage and performance overheads. In this article, we propose (1) address independent seed encryption (AISE), a counter-mode-based memory encryption scheme using a novel seed composition, and (2) bonsai Merkle trees (BMT), a novel Merkle tree-based memory integrity verification technique, to eliminate these system and performance issues associated with prior counter-mode memory encryption and Merkle tree integrity verification schemes. We present both a qualitative discussion and a quantitative analysis to illustrate the advantages of our techniques over previously proposed approaches in terms of complexity, feasibility, performance, and storage. Our results show that AISE+BMT reduces the overhead of prior memory encryption and integrity verification schemes from 12% to 2% on average for single-threaded benchmarks on uniprocessor systems, and from 15% to 4% for coscheduled benchmarks on multicore systems while eliminating critical system-level problems.<\/jats:p>","DOI":"10.1145\/1498690.1498691","type":"journal-article","created":{"date-parts":[[2009,4,6]],"date-time":"2009-04-06T16:34:22Z","timestamp":1239035662000},"page":"1-35","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":15,"title":["Making secure processors OS- and performance-friendly"],"prefix":"10.1145","volume":"5","author":[{"given":"Siddhartha","family":"Chhabra","sequence":"first","affiliation":[{"name":"North Carolina State University, Raleigh, NC"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Brian","family":"Rogers","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yan","family":"Solihin","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Milos","family":"Prvulovic","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2009,3,23]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1168857.1168860"},{"key":"e_1_2_1_2_1","unstructured":"AMD. 2005. AMD64 Virtualization Codenamed Pacifica Technology: Secure Virtual Machine Architecture Reference Manual.  AMD. 2005. AMD64 Virtualization Codenamed Pacifica Technology: Secure Virtual Machine Architecture Reference Manual."},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945462"},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/339647.339696"},{"volume-title":"Secure Hash Standard","author":"Publication","key":"e_1_2_1_5_1","unstructured":"FIPS Publication 180-1. 1995. Secure Hash Standard . National Institute of Standards and Technology , Federal Information Processing Standards. FIPS Publication 180-1. 1995. Secure Hash Standard. National Institute of Standards and Technology, Federal Information Processing Standards."},{"volume-title":"Specification for the Advanced Encryption Standard (AES)","author":"Publication","key":"e_1_2_1_6_1","unstructured":"FIPS Publication 197. 2001. Specification for the Advanced Encryption Standard (AES) . National Institute of Standards and Technology , Federal Information Processing Standards. FIPS Publication 197. 2001. Specification for the Advanced Encryption Standard (AES). National Institute of Standards and Technology, Federal Information Processing Standards."},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1152154.1152169"},{"key":"e_1_2_1_8_1","unstructured":"Garfinkel T. Rosenblum M. and Boneh D. 2003. Flexible OS support and applications for trusted computing.  Garfinkel T. Rosenblum M. and Boneh D. 2003. Flexible OS support and applications for trusted computing."},{"volume-title":"Proceedings of the 9th International Symposium on High Performance Computer Architecture. IEEE Computer Society","author":"Gassend B.","key":"e_1_2_1_9_1","unstructured":"Gassend , B. , Suh , G. E. , Clarke , D. , van Dijk , M. , and Devadas , S . 2003. Caches and hash trees for efficient memory integrity verification . In Proceedings of the 9th International Symposium on High Performance Computer Architecture. IEEE Computer Society , Los Alamitos, CA, 295. Gassend, B., Suh, G. E., Clarke, D., van Dijk, M., and Devadas, S. 2003. Caches and hash trees for efficient memory integrity verification. In Proceedings of the 9th International Symposium on High Performance Computer Architecture. IEEE Computer Society, Los Alamitos, CA, 295."},{"volume-title":"Proceedings of the 25th EuroMicro Conference. IEEE Computer Society","author":"Gilmont T.","key":"e_1_2_1_10_1","unstructured":"Gilmont , T. , Legat , J.-D. , and Quisquater , J . -J. 1999. Enhancing security in the memory management unit . In Proceedings of the 25th EuroMicro Conference. IEEE Computer Society , Los Alamitos, CA, 449--456. Gilmont, T., Legat, J.-D., and Quisquater, J.-J. 1999. Enhancing security in the memory management unit. In Proceedings of the 25th EuroMicro Conference. IEEE Computer Society, Los Alamitos, CA, 449--456."},{"key":"e_1_2_1_11_1","volume-title":"Proceedings of the 3rd Symposium on Operating Systems Design and Implementation. USENIX Association","author":"Hand S. M.","year":"1999","unstructured":"Hand , S. M. 1999 . Self-paging in the Nemesis operating system . In Proceedings of the 3rd Symposium on Operating Systems Design and Implementation. USENIX Association , Berkeley, CA, 73--86. Hand, S. M. 1999. Self-paging in the Nemesis operating system. In Proceedings of the 3rd Symposium on Operating Systems Design and Implementation. USENIX Association, Berkeley, CA, 73--86."},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2002.1039525"},{"volume-title":"Hacking the Xbox: An Introduction to Reverse Engineering","author":"Huang A.","key":"e_1_2_1_13_1","unstructured":"Huang , A. 2003. Hacking the Xbox: An Introduction to Reverse Engineering . No Starch Press, San Francisco, CA . Huang, A. 2003. Hacking the Xbox: An Introduction to Reverse Engineering. No Starch Press, San Francisco, CA."},{"key":"e_1_2_1_14_1","unstructured":"IBM. 2006. IBM Extends Enhanced Data Security to Consumer Electronics Products.  IBM. 2006. IBM Extends Enhanced Data Security to Consumer Electronics Products."},{"key":"e_1_2_1_15_1","unstructured":"Intel Corporation. 2005. Intel Virtualization Technology Specifications for the IA-32 Intel Architecture.  Intel Corporation. 2005. Intel Virtualization Technology Specifications for the IA-32 Intel Architecture."},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1055626.1055644"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC2104"},{"key":"e_1_2_1_18_1","unstructured":"Kumar A. 2004. Discovering passwords in memory. White Paper Paladion Networks Mumbai India.  Kumar A. 2004. Discovering passwords in memory. White Paper Paladion Networks Mumbai India."},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10766-007-0033-6"},{"volume-title":"Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society","author":"Lie D.","key":"e_1_2_1_20_1","unstructured":"Lie , D. , Mitchell , J. , Thekkath , C. A. , and Horowitz , M . 2003. Specifying and verifying hardware for tamper-resistant software . In Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society , Washington, DC, 166. Lie, D., Mitchell, J., Thekkath, C. A., and Horowitz, M. 2003. Specifying and verifying hardware for tamper-resistant software. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society, Washington, DC, 166."},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/378993.379237"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1250662.1250670"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/248208.237140"},{"key":"e_1_2_1_24_1","unstructured":"Renau J. Tuck J. Ceze L. Strauss K. and Torellas J. 2004. SESC. http:\/\/sesc.sourceforge.net.  Renau J. Tuck J. Ceze L. Strauss K. and Torellas J. 2004. SESC. http:\/\/sesc.sourceforge.net."},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO.2007.44"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1152154.1152170"},{"key":"e_1_2_1_27_1","unstructured":"Semiconductor M. 2007 (last modification). DS5002FP Secure Microprocessor Chip.  Semiconductor M. 2007 (last modification). DS5002FP Secure Microprocessor Chip."},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO.2006.11"},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.5555\/1025127.1026002"},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1080695.1069972"},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/1055626.1055629"},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.5555\/1148882.1148884"},{"key":"e_1_2_1_33_1","unstructured":"Standard Performance Evaluation Corporation. 2004. http:\/\/www.spec.org.  Standard Performance Evaluation Corporation. 2004. http:\/\/www.spec.org."},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/782814.782838"},{"volume-title":"Proceedings of the 36th International Symposium on Microarchitecture. IEEE Computer Society","author":"Suh G. E.","key":"e_1_2_1_35_1","unstructured":"Suh , G. E. , Clarke , D. , Gassend , B. , van Dijk , M. , and Devadas , S . 2003b. Efficient memory integrity verification and encryption for secure processors . In Proceedings of the 36th International Symposium on Microarchitecture. IEEE Computer Society , Los Alamitos, CA, 339. Suh, G. E., Clarke, D., Gassend, B., van Dijk, M., and Devadas, S. 2003b. Efficient memory integrity verification and encryption for secure processors. In Proceedings of the 36th International Symposium on Microarchitecture. IEEE Computer Society, Los Alamitos, CA, 339."},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/844128.844146"},{"volume-title":"Proceedings of the UNENIX Annual Technical Conference.","author":"Whitaker A.","key":"e_1_2_1_37_1","unstructured":"Whitaker , A. , Shaw , M. , and Gribble , S. D . 2002. Denali: Lightweight virtual machines for distributed and networked applications . In Proceedings of the UNENIX Annual Technical Conference. Whitaker, A., Shaw, M., and Gribble, S. D. 2002. Denali: Lightweight virtual machines for distributed and networked applications. In Proceedings of the UNENIX Annual Technical Conference."},{"key":"e_1_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/1150019.1136502"},{"volume-title":"Proceedings of the 36th Annual International Symposium on Microarchitecture. IEEE Computer Society","author":"Yang J.","key":"e_1_2_1_39_1","unstructured":"Yang , J. , Zhang , Y. , and Gao , L . 2003. Fast secure processor for inhibiting software piracy and tampering . In Proceedings of the 36th Annual International Symposium on Microarchitecture. IEEE Computer Society , Washington, DC, 351. Yang, J., Zhang, Y., and Gao, L. 2003. Fast secure processor for inhibiting software piracy and tampering. In Proceedings of the 36th Annual International Symposium on Microarchitecture. IEEE Computer Society, Washington, DC, 351."},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA.2005.31"},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/1023833.1023873"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/1037949.1024403"}],"container-title":["ACM Transactions on Architecture and Code Optimization"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1498690.1498691","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1498690.1498691","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T12:45:43Z","timestamp":1750250743000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1498690.1498691"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009,3]]},"references-count":42,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2009,3]]}},"alternative-id":["10.1145\/1498690.1498691"],"URL":"https:\/\/doi.org\/10.1145\/1498690.1498691","relation":{},"ISSN":["1544-3566","1544-3973"],"issn-type":[{"type":"print","value":"1544-3566"},{"type":"electronic","value":"1544-3973"}],"subject":[],"published":{"date-parts":[[2009,3]]},"assertion":[{"value":"2008-03-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2008-09-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2009-03-23","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}