Secure processor architecture enables tamper-proof protec- tion on software that addresses many dificult security prob- lems such as reverse-engineering prevention, trusted com- puting, secure mobile agents by providing a secure comput- ing environment that is resistant to both physical tamper- ing and software exploits. Two essential features offered by a secure processor are software encryption for protect- ing software privacy and integrity verification for prevent- ing tampering of the protected software. Despite a number of secure processor designs have been proposed, the delicate relationship between privacy and integrity protection in the context of modern out-of-order processor design is not well understood. This paper aims to remedy this research deficiency by evaluatingdifferent designs that integrate soft- ware decryption and integrity verification into an out-of- order pipeline. Our paper provides an in-depth analysis of the security and performance trade-offs, implications of sev- eral designs in the context of memory fetch side-channel ex- ploits. Among the evaluated spectrum of design alternatives are (1) authentication-then-issue, (2) authentication-then- commit, (3) authentication-then-write, (4) authentication- then-fetch, and (5) authentication-then-commit + address obfuscation. Performance of various designs was evaluated using a cycle based processor model and SPEC 2000 bench- mark suite.
展开▼
