iCETD: An improved tag generation design for memory data authentication in embedded processor systems
作者: Tao Liu , Hui Guo , Sri Parameswaran , Sharon X. Hu
DOI: 10.1016/J.VLSI.2016.10.006
关键词: Set (abstract data type) 、 Authentication 、 Space (commercial competition) 、 Adversary 、 Value (computer science) 、 Data integrity 、 Flexibility (engineering) 、 Embedded system 、 Vulnerability (computing) 、 Computer science
摘要: Abstract Security becomes increasingly important in computing systems. Data integrity is of utmost importance. One way to protect data attaching an identifying tag individual data. The authenticity the can then be checked against its tag. If altered by adversary, related invalid and attack will detected. work presented this paper studies existing design (CETD) for authenticating memory embedded processor systems, where that are stored or transferred over bus tampered. Compared other designs, offers flexibility trading-off between implementation cost size (hence level security); effective counter with random values (namely fake used replace valid random). However, we find vulnerable when not randomly selected. For some data, their tags distributed full value space but rather limited a much reduced set values. When those were chosen as value, alteration would likely go undetected. In article, analytically investigate problem propose low enhancement ensure full-range distribution each hence effectively removing vulnerability original design.
sci-hub.se 参考文章(26)
V. Shmatikov, H. Comon, Is it possible to decide whether a cryptographic protocol is secure or not Journal of telecommunications and information technology. pp. 5- 15 ,(2002)
David A. McGrew, John Viega, The Security and Performance of the Galois/Counter Mode (GCM) of Operation Progress in Cryptology - INDOCRYPT 2004. pp. 343- 355 ,(2004) , 10.1007/978-3-540-30556-9_27
Rudolf Lidl, Harald Niederreiter, Introduction to finite fields and their applications The Mathematical Gazette. ,vol. 72, pp. 335- ,(1986) , 10.1017/CBO9781139172769
Tetsu Iwata, Kaoru Kurosawa, OMAC: One-Key CBC MAC Fast Software Encryption. pp. 129- 153 ,(2003) , 10.1007/978-3-540-39887-5_11
Virgil D. Gligor, Pompiliu Donescu, Fast Encryption and Authentication: XCBC Encryption and XECB Authentication Modes fast software encryption. pp. 92- 108 ,(2001) , 10.1007/3-540-45473-X_8
John Black, Phillip Rogaway, A Block-Cipher Mode of Operation for Parallelizable Message Authentication international cryptology conference. pp. 384- 397 ,(2002) , 10.1007/3-540-46035-7_25
Moses Liskov, Ronald L. Rivest, David Wagner, Tweakable Block Ciphers Advances in Cryptology — CRYPTO 2002. ,vol. 2442, pp. 31- 46 ,(2002) , 10.1007/3-540-45708-9_3
Mihir Bellare, Chanathip Namprempre, Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm international conference on the theory and application of cryptology and information security. pp. 531- 545 ,(2000) , 10.1007/3-540-44448-3_41
Reouven Elbaz, Lionel Torres, Gilles Sassatelli, Pierre Guillemin, Michel Bardouillet, Albert Martinez, Block-level added redundancy explicit authentication for parallelized encryption and integrity checking of processor-memory transactions trans. computational science. ,vol. 10, pp. 231- 260 ,(2010) , 10.1007/978-3-642-17499-5_10
Kaoru Kurosawa, Tetsu Iwata, TMAC: Two-Key CBC MAC Topics in Cryptology — CT-RSA 2003. pp. 33- 49 ,(2003) , 10.1007/3-540-36563-X_3