Author(s)

Hui Lin, Gyungho Lee

.

Trusted computing allows attesting remote system’s trustworthiness based on the software stack whose integrity has been measured. However, attacker can corrupt system as well as measurement operation. As a result, nearly all integrity measurement mechanism suffers from the fact that what is measured may not be same as what is executed. To solve this problem, a novel integrity measurement called dynamic instruction trace measurement (DiT) is proposed. For DiT, processor’s instruction cache is modified to stores back instructions to memory. Consequently, it is designed as a assistance to existing integrity measurement by including dynamic instructions trace. We have simulated DiT in a full-fledged system emulator with level-1 cache modified. It can successfully update records at the moment the attestation is required. Overhead in terms of circuit area, power consumption, and access time, is less than 3% for most criterions. And system only introduces less than 2% performance overhead in average.

Integrity Measurement, Remote Attestation, Software Vulnerability, Trusted Computing

H. Lin and G. Lee, "Micro-Architecture Support for Integrity Measurement on Dynamic Instruction Trace," Journal of Information Security, Vol. 1 No. 1, 2010, pp. 1-10. doi: 10.4236/jis.2010.11001.