Bonsai Merkle Tree Streams: Bulk Memory Verification Unit for Trusted Program Verification System

Rios, Richard J

01 December 2024

Today, all modern computing systems are undoubtedly vulnerable to numerous types of attacks that could be targeted toward any layer of the system from dedicated hardware to highly abstracted software. Unfortunately, many devices and systems naturally contain inadequately protected components or software modules that un- dermine their security as a whole. Additionally, security is heavily variable system to system, and has a huge dependence on adequate implementation and ongoing support from device and software manufacturers. To address these various security issues in a very general way, TrustGuard, a containment security system utilizing an external device called the Sentry that would verify the activity of the host machine and control all incoming/outgoing communication accordingly, was created. To do this, Trust- Guard uses cryptographic memory protection schemes, a small trusted hardware and software base, and recomputation and checking of application behavior running on the host machine at an instruction-by-instruction granularity before allowing exter- nal communication to occur. Currently, however, the TrustGuard system only allows for one 8-byte chunk to be sent or received externally at one time, limiting overall throughput, and heavily polluting the main system caches in the case of large data transfers. To combat this limitation, This thesis proposes a system to allow for ef- ficient communication of large batches of data at once. In particular, it does so by using a small dedicated cache and efficient tree traversal techniques to asynchronously verify large chunks of program memory in stream-like fashion. This thesis primarily serves to provide a design, proof-of-concept, and collection of important information that will help future students implement such a system.

security

trustguard

merkle tree

memory integrity

Computer and Systems Architecture

Digital Communications and Networking

Hardware Systems

A Federation Of Sentries: Secure And Efficient Trusted Hardware Element Communication

Ward, Blake A

01 June 2024

Previous work introduced TrustGuard, a design for a containment architecture that allows only the result of the correct execution of approved software to be outputted. A containment architecture prevents results from malicious hardware or software from being communicated externally. At the core of TrustGuard is a trusted, pluggable device that sits on the path between an untrusted processor and the outside world. This device, called the Sentry, is responsible for validating the correctness of all communication before it leaves the system. This thesis seeks to leverage the correctness guarantees that the Sentry provides to enable efficient secure communication between two systems each protected by their own Sentry. This thesis reviews the literature for methods of enabling secure communication between two computer-Sentry pairs. It categorizes the pieces of the solution into three sections: attestation, establishing a tunnel, and communicating securely. Attestation in this context provides evidence of identity. It proposes a new configurable design for a secure network architecture, which includes a new version of the Sentry with a hardware accelerator for secure symmetric encryption, ring oscillator-based physically unclonable functions, and random number generators for attestation and key generation. These design elements are then evaluated based on how they might affect the overall system in terms of resource constraints, performance impacts, and scalability.

TrustGuard

Hardware Security

Network Security

PUF

Computer Architecture

Computer and Systems Architecture