Secure processor architectures enable new sets of applications such as commercial grid computing, software copy protection and secure mobile agents by providing secure computing environments that are immune to both physical and software attacks. Despite a number of secure processor designs have been proposed, they typically made trade-offs between security and efﬁciency. This article proposes a new secure processor architecture called M-TREE, which offers a signiﬁcant performance gain while without compromising security. The MTREE architecture uses a novel hierarchical Message Authentication Code Tree (MACTree) for protecting applications’ integrity at a minimal performance overhead. M-TREE also introduces a new one-time-pad class encryption mechanism that accelerates security computation over the existing block cipher-based schemes with high security guarantee. Based on the results of our performance simulation, the performance overhead of the M-TREE integrity check mechanism is as small as 14% in the worst case, a substantial improvement over the 60% slowdown reported by previously proposed techniques. Meanwhile, the overhead of M-TREE encryption scheme is approximately 30%, compared to 50% of using block cipher encryption. In overall, our M-TREE architecture can provide a tamper-resistant and tamper-evident computing environment with low-performance impact, thereby offering a transparent and practical security computing platform.
Keywords for this software
References in zbMATH (referenced in 12 articles , 1 standard article )
Showing results 1 to 12 of 12.
- Garavel, Hubert; Lang, Frédéric; Mateescu, Radu; Serwe, Wendelin: CADP 2010: a toolbox for the construction and analysis of distributed processes (2011)
- Lang, Frédéric; Salaün, Gwen; Hérilier, Rémi; Kramer, Jeff; Magee, Jeff: Translating FSP into LOTOS and networks of automata (2010)
- Garavel, Hubert; Salaün, Gwen; Serwe, Wendelin: On the semantics of communicating hardware processes and their translation into LOTOS for the verification of asynchronous circuits with CADP (2009)
- Jiang, Tao; Feng, Yucai; Li, Guohui; Zhu, Hong: A reverse nearest neighbor search algorithm in metric space (2009)
- Skopal, Tomáš; Lokoč, Jakub: New dynamic construction techniques for M-tree (2009)
- Arslan, Serdar; Yazici, Adnan: An efficient image retrieval system using ordered weighted aggregation (2008)
- Salaün, Gwen; Kramer, Jeff; Lang, Frédéric; Magee, Jeff: Translating FSP into LOTOS and networks of automata (2007)
- Joubert, Christophe; Mateescu, Radu: Distributed on-the-fly model checking and test case generation (2006)
- Lu, Chenghuai; Zhang, Tao; Shi, Weidong; Lee, Hsien-Hsin S.: M-TREE: a high efficiency security architecture for protecting integrity and privacy of software (2006)
- Ruxanda, Maria Magdalena: Combining color and shape features for efficient indexing and image retrieval (2006)
- Bergamini, Damien; Descoubes, Nicolas; Joubert, Christophe; Mateescu, Radu: BISIMULATOR: A modular tool for on-the-fly equivalence checking (2005)
- Salaün, Gwen; Serwe, Wendelin: Translating hardware process algebras into standard process algebras: Illustration with CHP and LOTOS (2005)