Hongjun He

Novel Physically-Embedded Data Encryption for Embedded Device

Data encryption is the most important way to provide security in hostile environment. Nearly all of the existing data encryption techniques require a lot of arithmetic and logical computations, which makes their deployment in embedded devices very difficult. To realize firm data encryption without much computation, a novel scheme of physically-embedded data encryption is proposed in this paper. The physically-embedded data encryption extracts the unique and unclonable values that are possessed by the physical device intrinsically, and produces the secret from these values to accomplish the process of data encryption. Because it does not execute arithmetic and logical operations, it is very appropriate to embedded devices with restricted computing resources and computing abilities. At the same time, it provides high assurance of data protection due to the distinct properties of physical effects. One specific design of physically-embedded data encryption is given in this paper, and real physical instantiation of such design is tested. The experiment results show its validity and feasibility. Hence, the proposed physically-embedded data encryption should become a promising substitution of existing encryption techniques for embedded devices.

Secure Disk with Authenticated Encryption and IV Verification

To protect hard disk data confidentiality and integrity, AEIVV associates one unique IV with each disk sector; then, it applies authenticated encryption of AES-CCM to the protected sector and constructs hash tree upon IV storage. Through assuring IV to be trusted or un-tampered, data can be protected firmly. To make it an available way for disk protection, various optimizing measures are applied to quicken the running speed. With the emphasis of reducing extra latencies caused by protection, IV/MAC storage is allocated using interlaced layout to decrease seek time of disk I/O, IV checking penalty is reduced by buffering the frequently used hash tree nodes and IV/MAC values. Related approaches are elaborated, as well as experimental results. It shows that AEIVV is a practical and available way to build secure disk.

Incremental hash tree for disk authentication

Hash tree is a secure way to authenticate stored data. However, it is difficult to maintain a consistent state between the authentication result and data, which is necessary for permanent data storage of disk. Incremental node updating is proposed to solve such problem, it synchronizes data modification and authentication result with low cost. The reason is that the path from leaf node to root node of the tree can be very short, and each step on the path can be finished quickly as no sibling nodes are required. Thus, it greatly reduce additional disk I/O for authentication synchronization. Together with a low cost logging mechanism implemented by NVRAM, system can make fast recovery to still keep the required consistency after any failures. Related approach is elaborated, as well as testing results. Theoretical analysis and experimental simulations show that it is a practical and available way for mass data storage authentication.

Performance and Consistency Improvements of Hash Tree Based Disk Storage Protection

Hash tree based disk storage integrity protection suffers from performance penalty and possible losing of consistency. FI-Tree deploys a fixed-structure tree and applies incremental-hash to tree node updating to solve the difficulties of performance and consistency. The biggest advantage of FI-Tree comes from that: to allow tree nodes to be cached to optimize performance, it can maintain consistency between the tree and the protected data with low cost at the same time. Basing on FI-Tree, TNSD constructs an instance of secure disk. TNSD associates one nonce with each data block to be protected, and applies FI-Tree to ensure the nonce to be un-tampered. In such way, data protection can be fulfilled with resistance against any attacks. Related approaches are elaborated, as well as testing results. Theoretical analysis and experimental simulation show that it is a practical and available way to build secure disk.

Bus and memory protection through chain-generated and tree-verified IV for multiprocessors systems

Protecting information against malicious disclosure and tampering is crucial to secure/trusted computing. This paper proposes a method to protect the off-chip data in symmetric shared memory multiprocessors systems. Existing techniques have flaws in either security or performance, which are mainly due to their management of cipher parameter and their deployment of hash tree. The proposed method provides data encryption and authentication through constructing a pair of (data, MAC, IV) for each data block to be protected, which can ensure data unbroken so far as the cryptographic parameter of IV is un-tampered. To solve the problem of IV management, IV is generated through chaining all the history data transferred on the system bus in time sequence; to solve the problem of hash tree deployment, it restricts hash tree into MCH and forwards IV to the processor through a safe channel. As for security, it can resist any attacks, including the intractable message-drop attack on bus and replay attack on memory. As for performance, it connects bus protection with memory protection smoothly by removing any additional data re-encryption/re-authentication from the data path, and it also eliminates additional message traffic caused by synchronizing a hash tree authentication result among processors. The experiment simulations inspect its specific realization, and the performance results show that it is an efficient way to achieve data protection for a shared memory multiprocessor system.

Static, Dynamic and Incremental MAC Combined Approach for Storage Integrity Protection

Storage systems are more distributed and more subject to attacks. One basic security requirement is to authenticate the stored data. This paper describes SDI-MAC, a static, dynamic and incremental MAC combined approach to guarantee end-to-end data integrity to clients in distributed data storage environment. SDI-MAC associates two different integrity codes to different granularities of the stored data, applies incremental conversion between the two different kinds of integrity codes, and enhances the ability of MAC based data authentication to resist against replay attack. At last, SDI-MAC can make balance among performance, cost and security. Related approach and system implementation are elaborated, as well as testing results. Theoretical analysis and experimental simulations show that it is a practical and available way to realize data authentication of network storage system.

Inter-Chip Authentication through I/O Character

Providing resistance against hardware attacks is important to ensure trusted or secure computing. Approach of inter-chip authentication is proposed, which can be applied to detect malicious tamper to chips/components equipped on the circuit board. The proposed approach is to utilize the I/O physical timing characters to obtain a specified fingerprint for each specified chip on the board, and to check the validity of the chip by matching its fingerprint for later usage. To obtain the required fingerprint, an inner sampling logic is set after the I/O pins to get the timing characters reflected on the lines connected between the master chip and the slave chip to be verified. From the sampling result, the physical character associated with the slave chip is extracted and compared with the valid one. Because tampers will influence the physical character to distort the fingerprint, it has the abilities to detect tamper behaviors like chip replacement and faked signal injection. A logic analyzer and 8051-MCU based evaluation system is constructed. The test result shows that it can effectively identify the valid chip from the faked ones. Hence, the proposed approach can be deployed into the circuit board to protect the chips equipped on the board against hardware attacks.

Access control through self-existent mechanism

This paper proposes a security paradigm named self-existent mechanism of access control. The most distinct character is that it runs absolutely independent from program executing environment, even without cooperation of OS. That is to say, it has a unique structure to assure that computing is controlled under a secure mechanism that cannot be penetrated by software like virus, Trojan and other malicious programs. This paper explains its principle, and describes how to accomplish such control over general computers. Also, this paper gives advice to the design of microprocessor to make this control mechanism to work better.

Efficient Encryption-Authentication of Shared Bus-Memory in SMP System

To build secure SMP system with resistance against physical attacks, the essential requirements is to make data encryption and data authentication for both the shared bus and the shared memory. Analysis of such problem educes that it must combine the counter mode encryption with the hash tree based authentication, and such combination must inosculate with the architecture characters of SMP system to decrease additional burdens. Protecting method mainly consists of: (1) associate each data with its MAC and IV to form a (data, MAC, IV) pair, and the un-tampered IV can ensure data to be un-broken; (2) generate IV through tracing the shared bus sequence number, to complete bus data protection; (3) check the stored IV by hash tree, to realize memory data protection; (4) build the entire hash tree into MCH, to eliminate synchronization of tree root among processors; (5) spread tree root authentication result from MCH to processors through the safeguard IV-channel, to connect bus protection and memory protection smoothly to avoid introducing any additional data re-encryption/re-authentication on data path. Other optimizing measures are also applied. Simulations inspect this method, and prove that it is an efficient way to construct SMP data protection system.

Hash Tree Based Integrity Protection Appropriate for Disk

Optimized hash tree based approach is proposed here to provide disk integrity protection with fine performance and consistency. By constructing a hash tree on the protected space and creating hash tree leaf nodes from disk sectors directly, it can provide integrity with characteristics like online checking, any data protection, unified low-level mechanism and resistance against any attacks. To make performance and cost acceptable, it defines hash sub-trees corresponding to the frequently accessed disk regions as hot-access-windows to quicken integrity checking processes. At the same time, its regularity is convenient for maintaining consistency required by disk storage. Related mode and approach are elaborated, as well as testing results. Theoretical analysis and experimental simulation show that it is a practical and available way to protect disk data against tampering.