| Currently with the rise of new information technology such as cloud computing,information security has been paid more and more attention. As a main component to store data in the computer system, the safety of memory is very important. The key to ensure the memory safe is to protect the confidentiality and integrity of data. Confidentiality protection makes sure the data will not to be intercepted. Integrity protection will prevent data from being tampered illegally.This paper introduces all kinds of physical attacks to the memory,then describes the memory confidentiality and integrity protection technology in detail,and mainly introduces the hash tree integrity verification mechanism. The confidentiality protection brings a small o performance overhead of the system, while integrity verification has become the key of memory protection.Based on analysis the existed integrity verification mechanisms,this paper presents memory integrity protection mechanism based on the write counter WCIP to solve the huge performance overhead and other shortcomings of hash tree. Write counter is used to record the number of write operation of data blocks, and it is stored in on-chip cache. Some data blocks in external memory may have an according write counter, then the data, address and write counter are connected to be computed for message authentication code in order to resist replay attack. At the same time, construct a hash tree on the data blocks without write counter to protect their integrity. The experiment is performed with the SimpleScalar simulator. And then we evaluate the performance of the mechanism.In order to further improve the performance of WCIP, it is optimized from two aspects.In WCIP, in order to prevent replay attacks when write counter overflow occurs, data block has been allocated a private key, which occupies large storage space. Therefore,the data blocks are allocated a shared global key to save space. In addition, when write counter cache space is full, it will replace the write counter. Based on the analysis the characteristics of the write counter,this paper proposed a cache replacement algorithm to further improve the performance of the system. Finally we performed the experiment to evaluate the performance. |
PDF Full Text Request