NC STATE UNIVERSITY

§GeorgiaTech

Improving Cost,

Chenyu Yan, Brian Rogers§, Daniel Englender, Yan Solihin§, Milos

Prvulovic

Performance, and Security ofMemory Encryption and

Authentication

2

Secure Architecture

• Copy and Tamper Resistant environment• Existing schemes: >20% performance

overhead

Crypto Engine

Processor Core

Cache

Trusted DomainTrusted Domain

UnTrusted DomainUnTrusted DomainMain Memory

(Encrypted Data & Auth Tag)

Secu

re

Pro

cess

or

??

3

Contributions

• Split counters

– Smaller counters (better caching, less space overhead)

– Reduce re-encryption work, off critical path

• Use Galois/Counter Mode (GCM)

– Overlap most authentication work with memory latency

– Provide precise authentication w/ little perf. overhead

• Improved security

– Solve pitfall in counter mode encryption

4

Outline

BackgroundSplit Counter Mode Encryption

• Counter Mode Encryption

• Split Counters

Memory Authentication with GCMA Security Pitfall and SolutionEvaluationConclusion

5

Counter Mode Encryption

• One-time Pad (Vernam Cipher)cipher = plain XOR random pad

plain = cipher XOR random pad

• OTP has been proven to be unbreakable when properly deployed– Truly random and used only once

• A common and effective construction: pseudo-random number generation by AES

pad = AESencryptk(seed)

6

Counter Mode Encryption (Cont.)

AES

Main Memory

Data CacheCounterCache

CounterCache Miss

Init. Vector Address Counter

128 bit

Seed

Spatial Uniqueness Temporal UniquenessApp/Process Uniqueness

7

Split Counters

• Counter size dilemma– Large counters: avoid counter overflow and re-encryption – Small counters: counter hit rate↑, space overhead↓

• Counter = Major Counter | Minor Counter– Major Counter

• Shared by all data blocks in an encryption page• Does not overflow for millennia (64 bit)

– Minor Counter• Per-block counter for recording individual counter growth• Overflow needs to re-encrypt the page, not the whole

application

• Stored together in a counter cache line

Major Counter ▪▪▪ ▪▪▪

Minor Counters (7bit x 64)

64byte counter cache line

64bitEncryption Page (64 blocks)

▪▪▪ ▪▪▪

8

Outline

Background

Split Counter Mode Encryption

Memory Authentication with GCM

A Security Pitfall and Solution

Evaluation

Conclusion

9

Galois Counter Mode

• Authenticated Encryption Mode

– McGrew and Viega, 2005

• Counter mode encryption coupled with pad-

based authentication

• Can be pipelined and parallelized

– Pre-compute pad

– When ciphertext arrives, MAC quickly generated

10

Authenticated Encryption/Decryption

AESK AESKAESK

Plaintext 1 Plaintext 2

Ciphertext 1 Ciphertext 2

Auth Tag

multH multH

H = AESencryptK(0)

AIV|Addr1|Counter EIV|Addr2|CounterEIV|Addr1|Counter128 bit 128 bit 128 bit

128 bit 128 bit

128 bit 128 bit

128 bit

GHASH

11

Outline

BackgroundSplit Counter Mode EncryptionMemory Authentication with GCMA Security Pitfall and Solution

• Counter Replay Attack

• Protect Counter Integrity

EvaluationConclusion

12

Counter Replay Attack

• Data confidentiality doesn’t require counter secrecy– Counters are stored unencrypted in memory

• Unauthorized modification to counters in memory– Leads to counter replays which undermine the one-time

premise

Data Cache Memory

Counter Cache

Information

… …

124

Ciphertext

125

PAD 125

125

WB

13

Protect Counter Integrity

• Data and Counter Merkle Tree

. . . . . .

. . . . . . . . . . . .

. . . . . .

. . . . . .

Inte

rmed

iate

Has

h

. . . . . .

. . . . .

. . . . . . .

Has

h

Has

h

Has

h

Has

h

Has

h

Has

h

Data

HashRoot

DirectCounter

14

Outline

Background

Split Counter Mode Encryption

Memory Authentication with GCM

Data and Counter Integrity Issues

Evaluation

Conclusion

15

Counter Mode Encryption Performance• Improvement over 64-bit monolithic counters due

to– More counters fit in same-size counter cache– Less bandwidth to fetch smaller counters

• Split counters: 1% perf. overhead w/ 32kB cache– Includes overhead of page re-encryptions

0.90

0.95

1.00

128KB 64KB 32KB 16KB

No

rma

lize

d I

PC

split mono

Counter Cache Size

16

GCM Authentication Performance• GCM authentication performs well even

under the highest security requirement • SHA-1 authentication degrades

performance dramatically with higher security requirement

0.6

0.7

0.8

0.9

1.0

Lazy Commit Safe

No

rma

lize

d I

PC

GCM SHA

Security

17

Overall Performance

• 5% performance overhead for memory encryption and authentication with GCM and split counters

0.0

0.2

0.4

0.6

0.8

1.0

am

mp

applu

apsi art

equake

mesa

mgri

d

swim

wupw

ise

bzi

p2

craft

y

eon

gap

gcc

gzi

p

mcf

pars

er

perl

bm

k

twolf

vort

ex

vpr

avg

No

rma

lize

d IP

C

GCM+Split SHA+Mono

18

Conclusions

• Split counters– Improve counter caching– Reduce counter storage overhead– Remove re-encryption glitches, allow

optimization• GCM

– Large reduction of authentication overheads– Complements counter-mode encryption

naturally• Protect counter integrity to keep data safe

– Negligible performance impact• Reduce perf. overhead from 20% to 5%

19

Questions

Email: cyan@cc.gatech.edu

NC STATE UNIVERSITY

§GeorgiaTech