Architectural support for high speed protection of memory integrity and confidentiality in multiprocessor systems

Recently there is a growing effort in both the architecture and the security community to create a hardware solution for authenticating system memory. As shown in the previous work, hardware-based memory authentication becomes a vital component for creating future trusted computing environments and digital rights protection. Almost all these prior work have focused on authenticating memory exclusively owned by a single processing element. However, in today´s computing platforms, memory is often shared by multiple processing elements that support a shared system memory with a snooping cache coherence protocol. Authenticating shared memory is a new challenge to memory protection. In this paper, we present a secure and fast architecture for authenticating shared memory. In terms of incorporating memory authentication into the processor pipeline, we propose a new scheme called authentication speculative execution. Unlike the prior approaches, our scheme does not compromise security for performance. The novel ASE scheme is not only secure as it is combined with a onetime-pad (OTP) based memory encryption but also efficient to tolerate authentication latency by executing unauthenticated instructions speculatively. Results using modified RSIM running SPLASH2 benchmark show only 5% overhead in performance on dual and quad processor platforms. Furthermore, ASE shows 80% better performance on average over conservative nonspeculative execution based authentication schemes. The scheme is of practical use for both multiprocessor systems and uni-processor systems where memory is shared by one main processor and other co-processors on the system bus.