|
Architectural Support for Copy and Tamper Resistant Software
by Dr. Patrick Lincoln, D. Lie, C. Thekkath, M. Mitchell, D. Boneh, J. Mitchell & M. Horowitz.
From Architectural Support for Programming Languages and Operating Systems (ASPLOS-IX). Cambridge, MA. November, 2000.
Abstract
Although there have been attempts to develop code transformation that
yield tamper-resistant software, no reliable software-only methods are
known. This paper studies the hardware implementation of a form of
execute-only memory (XOM) that allows instructions stored in memory to be
executed but not otherwise manipulated. To support XOM code we use a
machine that support internal compartments --- a process in one
compartment cannot read data from another compartment. All data that
leaves the machine is encrypted, since we a assume external memory is not
secure. The design of this machine poses some interesting trade-offs
between security, efficiency, and flexibility. We explore some of the
potential security issues as one pushes the machine to be come more
efficient and flexible. Although security carries a performance penalty,
our analysis indicates that it is possible to create a normal
multi-tasking machine where nearly all applications can be run in XOM
mode. While a virtual XOM machine in possible, the underlying hardware
needs to support a unique private key, private memory, and traps on cache
misses. For efficient operation, hardware assist to provide fast symmetric
ciphers is also required.
BibTEX Entry
@inproceedings{LincolnXOM2000,
AUTHOR = {{D.} Lie and {C.} Thekkath and {P.} Lincoln and {M.} Mitchell and {D.} Boneh and {J.} Mitchell and {M.} Horowitz},
TITLE = {Architectural Support for Copy and Tamper Resistant Software},
BOOKTITLE = {Architectural Support for Programming Languages and Operating Systems (ASPLOS-IX)},
YEAR = {2000},
ADDRESS = {Cambridge, {MA}},
MONTH = {November},
URL = {http://www.csl.sri.com/papers/lincolnxom2000/}
}
Files
|
|