%0 Conference Paper
%B Proc. Workshop on Cryptographic Hardware and Embedded Systems (CHES 2007)
%D 2007
%T TEC-Tree: A Low Cost, Parallelizable Tree for Efficient Defense against Memory Replay Attacks
%A Elbaz, Reouven
%A Champagne, David
%A Lee, Ruby
%A Torres, Lionel
%A Sassatelli, Gilles
%A Guillemin, Pierre
%C Vienna, Austria
%P 289-302
%X Replay attacks are often the most costly attacks to thwart when dealing with off-chip memory integrity. With a trusted System-on-Chip, the   existing countermeasures against replay require a large amount of on-chip memory to provide tamper-proof storage for metadata such as hash values or nonces. Tree-based strategies can be deployed to reduce this unacceptable overhead; for example, the well-known Merkle tree technique decreases this overhead to a single hash value. However, it comes at the cost of performance-killing characteristics for embedded systems ? e.g. non-parallelizable hash computations on tree updates. In this paper, we propose an alternative solution: the Tamper-Evident Counter Tree (TEC-Tree). It allows for tamper-evident off-chip storage of the nonces involved in a replay countermeasure; TEC-Tree parallelizes the computations involved in both the authentication and tree update processes. Moreover, because our tree relies on block encryption, it provides data confidentiality at no extra cost. TEC-Tree is a deployable solution for memory integrity, with low performance hit and hardware cost.
%Z Lecture Notes in Computer Science (LNCS) Volume 4727
%8 September 2007