ORCID

0000-0003-3213-4639

Keywords

Bonsai Merkle Tree, Integrity, Secure-Memory, FPGA, Dataflow, Authentication

Abstract

The use of secure-memory has been crucial for embedded and heterogeneous computing systems, especially in the light of emerging memory adversaries. The state-of-the-art hardware platforms targeting different sectors such as Internet-of-Things (IoT) and cloud computing require strong protection against memory exploits through different side-channel attacks. Such a tamper-resistant memory system comprises different security techniques such as encryption and integrity protection. Generally, the integrity protection against the adversarial attacks in secure-memory platforms relies on integrity trees such as the Bonsai Merkle Tree (BMT). However, the highly-recursive authentication and update algorithms associated with such tree structures are challenging to implement in heterogeneous systems with domain-specific acceleration (such as FPGA) for secure-memory. In the scope of this dissertation, we talk about four research works that highlight novel algorithmic, microarchitectural and logic design techniques for high-performance integrity authentication processes in secure-memory platforms. The first work focuses on hardware-efficient verification of the memory integrity with lazy-update BMT on an FPGA-based secure embedded system. It proposes an innovative partitioned parallel cache structure that leverages the unique reconfigurable capability of modern FPGA devices and successfully circumvents the hardware implementation challenges due to the recursiveness in lazy-update methods. The second work, HMT, is a hardware-friendly BMT algorithm that enables the verification and update processes to function independently. The HMT algorithm is hardware-targeted, parallel and it relaxes the update depending on BMT cache hit but makes the update conditions more flexible compared to lazy update. The third work, OMT, devises a run-time adaptive and unified BMT framework that can protect both volatile and non-volatile memory systems with optimal performance. Finally, CTR+ introduces a novel metadata access scheme to ensure significant BMT overhead reduction through speculative verification and concurrent secure computation.

Completion Date

2025

Semester

Spring

Committee Chair

Lin, Mingjie

Degree

Doctor of Philosophy (Ph.D.)

College

College of Engineering and Computer Science

Department

Department of Electrical & Computer Engineering

Identifier

DP0029392

Document Type

Dissertation/Thesis

Campus Location

Orlando (Main) Campus

Download

Share

COinS