TY - GEN
T1 - The Reduced Address Space (RAS) for application memory authentication
AU - Champagne, David
AU - Elbaz, Reouven
AU - Lee, Ruby B.
PY - 2008
Y1 - 2008
N2 - Memory authentication is the ability to detect unauthorized modification of memory. Existing solutions for memory authentication are based on tree structures computed over either the Physical Address Space (PAS tree) or the Virtual Address Space (VAS tree). We show that the PAS tree is vulnerable to branch splicing attacks when providing memory authentication to an application running on a potentially compromised operating system. We also explain why the VAS tree generates initialization and memory overheads so large as to make it impractical, especially on 64-bit address spaces. To enable secure and efficient application memory authentication, we present a novel Reduced Address Space (RAS) containing only those pages that are useful to a protected application at any point in time. We introduce the Tree Management Unit (TMU) to manage the RAS tree, a dynamically expanding memory integrity tree computed over the RAS. The TMU is scalable, enabling tree schemes to scale up to cover 64-bit address spaces. It dramatically reduces the overheads of application memory authentication without weakening the security properties or degrading runtime performance. For SPEC 2000 benchmarks, the TMU speeds up tree initialization and reduces memory overheads by three orders of magnitude on average.
AB - Memory authentication is the ability to detect unauthorized modification of memory. Existing solutions for memory authentication are based on tree structures computed over either the Physical Address Space (PAS tree) or the Virtual Address Space (VAS tree). We show that the PAS tree is vulnerable to branch splicing attacks when providing memory authentication to an application running on a potentially compromised operating system. We also explain why the VAS tree generates initialization and memory overheads so large as to make it impractical, especially on 64-bit address spaces. To enable secure and efficient application memory authentication, we present a novel Reduced Address Space (RAS) containing only those pages that are useful to a protected application at any point in time. We introduce the Tree Management Unit (TMU) to manage the RAS tree, a dynamically expanding memory integrity tree computed over the RAS. The TMU is scalable, enabling tree schemes to scale up to cover 64-bit address spaces. It dramatically reduces the overheads of application memory authentication without weakening the security properties or degrading runtime performance. For SPEC 2000 benchmarks, the TMU speeds up tree initialization and reduces memory overheads by three orders of magnitude on average.
KW - Integrity tree
KW - Memory authentication
KW - Secure computing architecture
UR - http://www.scopus.com/inward/record.url?scp=56649109659&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=56649109659&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-85886-7_4
DO - 10.1007/978-3-540-85886-7_4
M3 - Conference contribution
AN - SCOPUS:56649109659
SN - 3540858849
SN - 9783540858843
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 47
EP - 63
BT - Information Security - 11th International Conference, ISC 2008, Proceedings
T2 - 11th International Conference on Information Security, ISC 2008
Y2 - 15 September 2008 through 18 September 2008
ER -