Single-level integrity and confidentiality protection for distributed shared memory multiprocessors

Brian Rogers, Chenyu Yan, Siddhartha Chhabra, Milos Prvulovic, Yan Solihin
<span title="">2008</span> <i title="IEEE"> <a target="_blank" rel="noopener" href="" style="color: black;">High-Performance Computer Architecture</a> </i> &nbsp;
Multiprocessor computer systems are currently widely used in commercial settings to run critical applications. These applications often operate on sensitive data such as customer records, credit card numbers, and financial data. As a result, these systems are the frequent targets of attacks because of the potentially significant gain an attacker could obtain from stealing or tampering with such data. This provides strong motivation to protect the confidentiality and integrity of data in
more &raquo; ... al multiprocessor systems through architectural support. Architectural support is able to protect against software-based attacks, and is necessary to protect against hardware-based attacks. In this work, we propose architectural mechanisms to ensure data confidentiality and integrity in Distributed Shared Memory multiprocessors which utilize a point-topoint based interconnection network. Our approach improves upon previous work in this area, mainly in the fact that our approach reduces performance overheads by significantly reducing the amount of cryptographic operations required. Evaluation results show that our approach can protect data confidentiality and integrity in a 16processor DSM system with an average overhead of 1.6% and a maximum of only 7% across all SPLASH-2 applications. * This work is supported in part by the National Science Foundation through grants CCF-0347425, CCF-0447783, and CCF-0541080. these systems create a financial incentive for attackers to perform corporate espionage or other malicious intents. Additionally, physical or hardware attacks on DSM systems may be performed more easily than on uniprocessor systems because there are interconnect wires that are more exposed. For example, to snoop processor-to-memory communication in a uniprocessor system, attackers must tamper with the motherboard of the system. While in a DSM system, attackers can snoop the interconnect wires that are exposed at the back of the server racks using snooping devices similar in principle to a keyboard logger, without much disruption to the system. This lack of disruption is important for attackers since attacks can be performed quickly and without leaving traces. The possibility of hardware attacks may prompt customers to demand that DSM utility computing systems be equipped with secure hardware features that make them resistant even to hardware attacks. Utility computing providers that offer these features have an important competitive advantage compared to those who do not. Hence, we believe that data security in DSM systems will become an increasingly important issue in the future. To the best of our knowledge, only two protection schemes have been proposed to address the data protection problem in multiprocessor systems with non-bus based interconnects [12, 19] . The main drawbacks of the scheme proposed in [12] are that very large onchip storage overheads are required (e.g. a 512KB cache structure). It is also vulnerable to replay attacks against data integrity, especially if attackers can drop messages. The scheme proposed in [19] , as with our approach, is designed specifically for DSM systems. This scheme differentiates between processor-to-memory communication and processor-to-processor communication across the interconnect, protecting each with a separate security mechanism. For example, a remote data request may result in one processor fetching, decrypting, and authenticating data from its local memory using processor-to-memory protection mechanisms. Then this processor will encrypt, sign, and communicate the data to the requesting processor which will decrypt and authenticate the data again, all using processor-to-processor protection mechanisms. Because inter-node communication involves two separate security mechanisms, we refer to this approach as a two-level approach. Such a two-level approach results in a number of inefficiencies. First, the latency-hiding techniques of both protection mechanisms must simultaneously succeed for the cryptographic latencies to be completely hidden. This may be difficult to achieve in practice, and thus cryptographic latencies may be exposed frequently. Second, this results in a large number of cryptographic operations, which can increase cryptographic latencies because of contention due to excessive utilization of the hardware cryptographic engines. Finally, authentication-related operations (e.g. MAC generations and verifications) are directly in the critical path of remote data requests because the authentication by one mechanism should be completed before passing data to the next mechanism. Overall, this type of approach is inherently performance inefficient. However, because fundamentally processor-to-processor communication seems best suited to a communication based protection scheme (e.g. associating a MAC value with each message), while processor-memory communication seems best suited to a storage based protection scheme (e.g. a Merkle Tree covering memory), it is difficult to provide a single, unified scheme that is able to protect all types of data communication in a DSM system efficiently. Contributions. In this work we propose a new and efficient memory encryption and authentication solution for protecting the confidentiality and integrity of data in a DSM system. Our solution requires modest on-chip storage overheads and removes the ineffi-
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="">doi:10.1109/hpca.2008.4658636</a> <a target="_blank" rel="external noopener" href="">dblp:conf/hpca/RogersYCPS08</a> <a target="_blank" rel="external noopener" href="">fatcat:hiv72zl6xfgr5hm7qdkixrpriq</a> </span>
<a target="_blank" rel="noopener" href="" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href=""> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> </button> </a>