The Reduced Address Space (RAS) for application memory authentication

David Champagne, Reouven Elbaz, Ruby B. Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Scopus citations

Abstract

Memory authentication is the ability to detect unauthorized modification of memory. Existing solutions for memory authentication are based on tree structures computed over either the Physical Address Space (PAS tree) or the Virtual Address Space (VAS tree). We show that the PAS tree is vulnerable to branch splicing attacks when providing memory authentication to an application running on a potentially compromised operating system. We also explain why the VAS tree generates initialization and memory overheads so large as to make it impractical, especially on 64-bit address spaces. To enable secure and efficient application memory authentication, we present a novel Reduced Address Space (RAS) containing only those pages that are useful to a protected application at any point in time. We introduce the Tree Management Unit (TMU) to manage the RAS tree, a dynamically expanding memory integrity tree computed over the RAS. The TMU is scalable, enabling tree schemes to scale up to cover 64-bit address spaces. It dramatically reduces the overheads of application memory authentication without weakening the security properties or degrading runtime performance. For SPEC 2000 benchmarks, the TMU speeds up tree initialization and reduces memory overheads by three orders of magnitude on average.

Original languageEnglish (US)
Title of host publicationInformation Security - 11th International Conference, ISC 2008, Proceedings
Pages47-63
Number of pages17
DOIs
StatePublished - Nov 28 2008
Event11th International Conference on Information Security, ISC 2008 - Taipei, Taiwan, Province of China
Duration: Sep 15 2008Sep 18 2008

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume5222 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other11th International Conference on Information Security, ISC 2008
CountryTaiwan, Province of China
CityTaipei
Period9/15/089/18/08

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Keywords

  • Integrity tree
  • Memory authentication
  • Secure computing architecture

Fingerprint Dive into the research topics of 'The Reduced Address Space (RAS) for application memory authentication'. Together they form a unique fingerprint.

  • Cite this

    Champagne, D., Elbaz, R., & Lee, R. B. (2008). The Reduced Address Space (RAS) for application memory authentication. In Information Security - 11th International Conference, ISC 2008, Proceedings (pp. 47-63). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5222 LNCS). https://doi.org/10.1007/978-3-540-85886-7_4