The Missing Difference Problem, and Its Applications to Counter Mode Encryption.

counter mode Missing difference problem Cryptanalysis Conclusion Conclusion We defined the missing difference problem and improved the algorithms to solve it in particular for some cases: Case Previous ... Introduction The counter mode Missing difference problem Cryptanalysis Conclusion Missing difference problem Main Idea Collect many keystream blocks K i ∈ A and encryptions of secret block c j = K j ...

doi:10.1007/978-3-319-78375-8_24 fatcat:o7swexh2bzd2he5mee5i57iohi

security by using the Galois/Counter Mode of operation (GCM), which leverages counter-mode encryption to reduce authentication latency and overlap it with memory accesses. ... Our new split counters for counter-mode encryption simultaneously eliminate counter overflow problems and reduce per-block counter size, and we also dramatically improve authentication performance and ... Reencryption of a relatively small encryption page is quick enough to avoid problems with real-time and interactive applications. ...

doi:10.1145/1150019.1136502 fatcat:iytzzx6us5fv5fibckk27strvi

memory integrity verification technique, to eliminate these system and performance issues associated with prior counter-mode memory encryption and Merkle Tree integrity verification schemes. ... Our results show that AISE+BMT reduces the overhead of prior memory encryption and integrity verification schemes from 12% to 2% on average, while eliminating critical system-level problems. ... The performance of counter-mode encryption depends on whether the seed of a code/data block that misses in the cache is available at the time the cache miss is determined. ...

doi:10.1109/micro.2007.16 dblp:conf/micro/RogersCPS07 fatcat:qxiadelsg5dkzpji35tgql7f7e

memory integrity verification technique, to eliminate these system and performance issues associated with prior counter-mode memory encryption and Merkle Tree integrity verification schemes. ... Our results show that AISE+BMT reduces the overhead of prior memory encryption and integrity verification schemes from 12% to 2% on average, while eliminating critical system-level problems. ... The performance of counter-mode encryption depends on whether the seed of a code/data block that misses in the cache is available at the time the cache miss is determined. ...

doi:10.1109/micro.2007.4408255 fatcat:glnpa7ifhjfvbecicr7e3jbgje

For counter mode encrypted memory, MAC speculation can also significantly reduce the authentication overhead. ... hardware to address the issue of latency for memory decryption and authentication. ... Section 2 briefly discusses different modes of memory encryption and their applications in memory protection. Section 3 present ciphertext speculation. ...

doi:10.1145/1242531.1242539 dblp:conf/cf/ShiL07 fatcat:z54jp3wr3nbs3ckzxyptwcdyme

memory integrity verification technique, to eliminate these system and performance issues associated with prior counter-mode memory encryption and Merkle Tree integrity verification schemes. ... In this paper, we propose 1) Address Independent Seed Encryption (AISE), a counter-mode based memory encryption scheme using a novel seed composition, and 2) Bonsai Merkle Trees (BMT), a novel Merkle Tree-based ... The performance of counter-mode encryption depends on whether the seed of a code/data block that misses in the cache is available at the time the cache miss is determined. ...

doi:10.1145/1498690.1498691 fatcat:btyvqqoplvaxfk3mg2njsh4ipy

Then we propose and evaluate techniques to provide efficient encryption and authentication of the data in DSM systems. ... This work is the first to examine the issues involved in protecting secrecy and integrity of data in DSM systems. ... The authors would like to thank all of the anonymous reviewers for their helpful comments. ...

doi:10.1145/1152154.1152170 dblp:conf/IEEEpact/RogersPS06 fatcat:ga56vnbj2bbhllhvogqv7f7uzi

To improve the performance, each node uses a small local memory to cache the data. These architectures introduce several problems when memory encryption and integrity verification are implemented. ... Memorycentric architecture, allows multiple computing nodes to connect to a huge shared memory pool and access it directly. ... The views, opinions and/or findings expressed are those of the author and should not be interpreted as representing the official views or policies of the Department of Defense or the U.S. Government. ...

doi:10.4108/eai.13-7-2018.165516 fatcat:e2kgfdfd5bhsrelfxnuw4axmsm

DOAJ

In this paper, we present a novel technique to hide the latency overhead of decrypting counter mode encrypted memory by predicting the sequence number and pre-computing the encryption pad that we call ... Encrypting data in unprotected memory has gained much interest lately for digital rights protection and security reasons. Counter Mode is a well-known encryption scheme. ... The rest of the paper is organized as follows. Section 2 discusses the concept of counter mode in general and its application to secure processor design. ...

doi:10.1145/1080695.1069972 fatcat:aq3zsbsehzajrfk7bzolmd2rqm

Then this processor will encrypt, sign, and communicate the data to the requesting processor which will decrypt and authenticate the data again, all using processor-to-processor protection mechanisms. ... In this work we propose a new and efficient memory encryption and authentication solution for protecting the confidentiality and integrity of data in a DSM system. ... The various designs differ in the encryption modes used and the latency-hiding techniques employed. ...

doi:10.1109/hpca.2008.4658636 dblp:conf/hpca/RogersYCPS08 fatcat:hiv72zl6xfgr5hm7qdkixrpriq

Since the CTR mode requires additional storage for the nonce, we classify write-intensive cache blocks and apply our CTR mode to the write-intensive blocks and apply the ECB mode for the rest of the blocks ... By modifying the CTR mode in AES block cipher, we let the keystream updated in a short period and reuse the keystream to achieve flip reduction while maintaining security against physical attacks. ... Conflicts of Interest: The authors declare no conflict of interest. ...

doi:10.3390/electronics9081304 fatcat:h724lolcxzbbrjpdlqdaob4ubu

DOAJ

This work presents the design, implementation, and performance analysis of a fast, flexible hardware Encryption Management Unit (EMU) for such architectures. ... The advantage of the SecSoft architecture is increased software protection without alteration to the fundamental interaction of software, operating systems, and developer tools. ... The requested words are finally returned back to the CPU. 2) Counter Mode Decryption Unit: Counter mode block encryption and decryption operates by taking a nonrepeating value, encrypting it using a ...

doi:10.1109/hicss.2006.114 dblp:conf/hicss/MaharACEG06 fatcat:hdkl3phj5jcf3ivujhe3fm65oe

on average) by combining the Counter Mode of operation, local authentication values and Merkle trees. • E K (D): the result of the encryption of the data block D with the symmetric key K; ... Several secure computing hardware architectures using memory encryption and memory integrity checkers have been proposed during the past few years to provide applications with a tamper resistant environment ... The authors wish to thank Jacques Stern for his valuable comments on this project, Sylvain Guilley and Renaud Pacalet for their insightful discussions in the GET-TCP project. ...

doi:10.1109/acsac.2006.21 dblp:conf/acsac/DucK06 fatcat:f4mt32yzfnfi7fecobzlqitsj4

As an initial effort to address this problem, we formulate the security support in RTESs as a QoS optimization problem. ... In these systems, it is essential to meet deadlines, for example, to avoid a power outage or loss of a life. ... We use different keys for encryption and authentication, since the rule of thumb is to use separate keys for different applications [13] . ...

doi:10.1145/1279711.1279718 fatcat:fnipigwsxjhezcx6ycwwoxxici

It uses the Counter Mode for encryption, therefore counters are encrypted for an exclusive-OR with the plaintext. ... We are presenting an implementation of the Galois/Counter Mode (GCM) for the Advanced Encryption Standard (AES) in IPsec in this paper. ... In terms of the encryption mode the Counter mode (CTR) of operation is preferred for high-speed connections as it can be implemented in hardware and allows pipelining and parallelism in software [8] . ...

doi:10.1007/978-3-642-24712-5_16 fatcat:qtigvjwwufhufnuxw6vdxlutey

The Missing Difference Problem, and Its Applications to Counter Mode Encryption [chapter]

Preserved Fulltext

Improving Cost, Performance, and Security of Memory Encryption and Authentication

Preserved Fulltext

Using Address Independent Seed Encryption and Bonsai Merkle Trees to Make Secure Processors OS- and Performance-Friendly

Preserved Fulltext

Using Address Independent Seed Encryption and Bonsai Merkle Trees to Make Secure Processors OS- and Performance-Friendly

Preserved Fulltext

Accelerating memory decryption and authentication with frequent value prediction

Preserved Fulltext

Making secure processors OS- and performance-friendly

Preserved Fulltext

Efficient data protection for distributed shared memory multiprocessors

Preserved Fulltext

Caching Techniques for Security Metadata in Integrity-Protected Fabric-Attached Memories

Preserved Fulltext

High Efficiency Counter Mode Security Architecture via Prediction and Precomputation

Preserved Fulltext

Single-level integrity and confidentiality protection for distributed shared memory multiprocessors

Preserved Fulltext

NVM-Shelf: Secure Hybrid Encryption with Less Flip for Non-Volatile Memory

Preserved Fulltext

Design and Characterization of a Hardware Encryption Management Unit for Secure Computing Platforms

Preserved Fulltext

CryptoPage: An Efficient Secure Architecture with Memory Encryption, Integrity and Information Leakage Protection

Preserved Fulltext

Towards security and QoS optimization in real-time embedded systems

Preserved Fulltext

GPU-Assisted AES Encryption Using GCM [chapter]

Preserved Fulltext