M-TREE: A high efficiency security architecture for protecting integrity and privacy of software

Secure processor architectures enable new sets of applications such as commercial grid computing, software copy protection and secure mobile agents by providing secure computing environments that are immune to both physical and software attacks. Despite a number of secure processor designs have been proposed, they typically made trade-offs between security and efficiency. This article proposes a new secure processor architecture called M-TREE, which offers a significant performance gain while without compromising security. The M-TREE architecture uses a novel hierarchical Message Authentication Code Tree (MACTree) for protecting applications’ integrity at a minimal performance overhead. M-TREE also introduces a new one-time-pad class encryption mechanism that accelerates security computation over the existing block cipher-based schemes with high security guarantee. Based on the results of our performance simulations the performance overhead of the M-TREE integrity check mechanism is as small as 14% in the worst case, a substantial improvement over the 60% slowdown reported by previously proposed techniques. Meanwhile, the overhead of M-TREE encryption scheme is approximately 30%, compared to 50% of using block cipher encryption. In overall, our M-TREE architecture can provide a tamper-resistant and tamper-evident computing environment with low-performance impact, thereby offering a transparent and practical security computing platform.