Abstract
Due to the cost, power requirements and capacity, data are mainly stored off-chip rather than on-chip in embedded systems. The data exchanged between the processor and off-chip memory might be sensitive, security and efficiency of off-chip memory is a major concern in embedded systems. However, existing protection solutions often require significant overhead to achieve adequate protection. This paper proposes a security management method which can guarantee stronger data confidentiality and integrity with a reduced overhead in area, memory footprint, and performance cost. To reduce on-chip memory consumption and latency cost, protection scheduling and storage strategy are carefully studied, then our security management architecture is formed. Afterwards, confidentiality and integrity modules are designed respectively. Data confidentiality is protected through a Binary Additive Stream Cipher-AES-Time Stamp based on circuit and addresses scrambling network of Benes, and data integrity is safeguarded through an integrity checking module based on SHA3-TAH and MSet-XOR-Hash tree. Hardware implementation is designed and synthesized in a 0.18 µm process. The experiment area is about 1.1 mm2 while frequency reaches 563 MHz. The attack complexity is more than 2224 while additional storage consumption is limited in about 26.6%.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Andrea T, Holger H (2015) Polynomial time decision algorithms for probabilistic automata. Inf Comput 224:134–171
Damla Y, Heba Y (2018) Power analysis based side-channel attack on visible light communication [online]. Phys Commun. https://doi.org/10.1016/j.phycom.2018.04.013
Duan L, Hongxin ZH, Qiang L et al (2015) Electromagnetic side-channel attack based on PSO directed acyclic graph SVM. J China Univ Posts Telecommun 22(5):10–15
Elbaz R, Torres L, Sassatelli G et al (2006) A parallelized way to provide data encryption and integrity checking on a processor-memory bus. In: Proceedings of the 43rd annual design automation conference. ACM, pp 506–509
Elbaz R, Champagne D, Lee RB et al (2007) Tec-tree: a low-cost, parallelizable tree for efficient defense against memory replay attacks. In: Cryptographic hardware and embedded systems-CHES 2007. Springer, Berlin Heidelberg, pp 289–302
Faheem U, Matthew E, Rajiv R (2018) Data exfiltration: A review of external attack vectors and countermeasures. J Netw Comput Appl 101:18–54
Fangyong H (2005) Research on key techniques of memory system data confidentiality and integrity protection. National University of Defense Technology, Changsha
Hailong ZH, Yongbin ZH (2016) How many interesting points should be used in a template attack. J Syst Softw 120:105–113
Hojoon L, Minsu K, Yunheung P et al (2018) A dynamic per-context verification of kernel address integrity from external monitors [online]. Comput Secur. https://doi.org/10.1016/j.cose.2018.02.013
Hong A, Xuebin CH (2018) Research on embedded access control security system and face recognition system [J]. Measurement 123:309–322
Hu Y, Sunar B (2010) An improved memory integrity protection scheme. Trust and trustworthy computing. Springer, Berlin, pp 273–281
Jaime AB, Leonel PT, Rolf Fredi M et al (2016) An embedded system approach for energy monitoring and analysis in industrial processes. Energy 115:811–819
Jie L, Jianliang ZH (2018) Paula Whitlock. Efficient deterministic and non-deterministic pseudorandom number generation. Math Comput Simul 143:114–124
Kemal B, Devrim U, Nadir A et al (2014) Mobile authentication secure against man-in-the-middle attacks. Procedia Comput Sci 34:323–329
Liang Y, Lichen SH, Junyan ZH et al (2018) Heterogeneous information network model for equipment standard system. Phys A 490:935–943
Lie D, Thekkath CA, Horowitz M (2003) Implementing an untrusted operating system on trusted hardware. In ACM SIGOPS operating systems review, ACM, pp 178–192
Mădălin N, Salvador M (2017) Defending cache memory against cold-boot attacks boosted by power or EM radiation analysis. Microelectron J 62:85–98
Mohsen J, Fathollah B (2015) Improving the reliability of the Benes network for use in large-scale systems. Microelectron Reliab 55(3–4):679–695
Monali M, Krishna A (2017) Modeling and analyses of IP spoofing attack in 6LoWPAN network. Comput Secur 70:95–110
Musa A, Gonzalez V, Barragan D, Ambient J (2018) A new strategy to optimize the sensors placement in wireless sensor networks [online]. J Ambient Intell Hum Comput. https://doi.org/10.1007/s12652-018-0868-2
Riccardo MG, Ferrari, André MH, Teixeira (2017) Detection and isolation of replay attacks through sensor watermarking. IFAC Pap OnLine 50(1):7363–7368
Ryan H, George L (2018) Detecting semantic social engineering attacks with the weakest link: Implementation and empirical evaluation of a human-as-a-security-sensor framework. Comput Secur 76:101–127
Santos JCM, Fei Y (2013) Leveraging speculative architectures for runtime program validation. ACM Trans Embedd Comput Syst 13(1):3
Schraml R, Hofbauer H, Petutschnigg A et al (2015) Tree log identification based on digital cross-section images of log ends using fingerprint and iris recognition methods. In: International conference on computer analysis of images and patterns, CAIP 2015, pp 752–765
Shubhabrata S, Jörn WJ (2017) Aegis: reliable application execution over the mobile cloud. Procedia Comput Sci 109:482–489
Susil KB, Vashek M (2018) Investigating results and performance of search and construction algorithms for word-based LFSRs, σ-LFSRs. Discret Appl Math 243:90–98
Xiaojun ZH, Amine ASA, Abbes A et al (2017) ECG encryption and identification based security solution on the Zynq SoC for connected health systems. J Parallel Distrib Comput 106:143–152
Xingyuan W, Xiaoqiang ZH, Xiangjun W et al (2018) Image encryption algorithm based on multiple mixed hash functions and cyclic shift. Opt Lasers Eng 107:370–379
Xiongwei F, Kenli L, Wangdong Y et al (2016) A secure and efficient file protecting system based on SHA3 and parallel AES. Parallel Comput 52:106–132
Yuan G, Hong A, Zenghui F et al (2018) Mobile network security and privacy in WSN. Procedia Comput Sci 129:324–330
Yun RQ, Viktor KP (2016) Compact hash tables for decision-trees. Parallel Comput 54:121–127
Zhe L, Hwajeong S, Chien-Ning CH et al (2018) Secure GCM implementation on AVR. Discret Appl Math 21:58–66
Zhongyun H, Shuang Y, Yicong ZH (2018) Medical image encryption using high-speed scrambling and pixel adaptive diffusion. Signal Process 144:134–144
Acknowledgements
The authors thank all the reviewers and editors for their valuable comments and works. This paper is supported by the National Natural Science Foundation of China (no. 61772550).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Su, Y., Shen, JW. & Zhang, MQ. A high security and efficiency protection of confidentiality and integrity for off-chip memory. J Ambient Intell Human Comput 10, 2633–2643 (2019). https://doi.org/10.1007/s12652-018-0939-4
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-018-0939-4