Based on the memory-protection method of Length discrepancy counter
Technical field
What the present invention relates to is a kind of computer safety protective method, specifically a kind of memory-protection method based on Length discrepancy counter.
Background technology
Data confidentiality refers to and stops assailant to the illegal acquisition of data and understanding, and data integrity refers to antagonism opponent active attack, and prevent information from being distorted by unwarranted, they are the important research contents in Security Architecture and storage security field.
Protected data confidentiality is mainly by encryption, and encryption method is mainly divided into symmetric key cryptography and asymmetric-key encryption method.The former encryption and decryption use identical secret key; The latter's encryption and decryption use different secret key, i.e. side's PKI, side's private key.Symmetric key cryptography is divided into stream encryption and block encryption, stream encryption take position as the base unit encrypted, by key stream and expressly by turn XOR (XOR) obtain ciphertext, typical stream encryption method is numbering directory (OTP, the one-time pad) encryption of one-time pad; The latter is encrypted in units of data block, the pattern of canonical blocks enciphered method has electronic code book (ECB, electronic codebook), cryptographic block chain (CBC, Cipher Block Chaining) sum counter pattern (counter mode) encryption etc.Counter mode encryption is that the counter generation counter safeguarded by CPU carrys out encrypted data chunk, with AES (Advanced EncryptionStandard) for the ciphering process of crypto engine is: when new generation or Update Table block, counter+1, by its with data block address etc. information carry out AES encryption with the symmetric key of maintaining secrecy in CPU after being connected, generate the pad of encryption, obtain ciphertext by after capable for pad and cache XOR again, finally ciphertext and counter are kept in internal memory; From internal memory, take out counter during deciphering and and the information such as data block address is connected, with CPU private spoon, AES encryption is carried out again to it, starts from interior access ciphertext simultaneously, when AES encryption with get after ciphertext all completes, pad and ciphertext XOR is obtained the capable plaintext of cache.The mode directly to data encryption such as relative ECB and CBC, counter mode encryption can hide decryption latency, is the main stream approach of encrypting at present, applies wider, but the method requires that each data block has unique counter value, and this wants the primary memory space of at substantial.The mechanism of some protected storage integralities also applies counter mode encryption.
Summary of the invention
The object of the present invention is to provide and a kind ofly reduce the main memory expense of preserving required for counter, reduce the memory-protection method based on Length discrepancy counter of the possibility of spilling simultaneously.
The object of the present invention is achieved like this:
Carry out data encryption based on counter mode encryption, carry out the length of dynamic conditioning counter according to internal storage access frequency, when memory block access frequency height, increase counter length; When memory block access frequency is low, reduce counter length; Realize the storage protection mechanism based on Length discrepancy counter, have three main process: initialization, data block read-write and data page migration;
(1) initialization
In internal memory, mark off hot-zone and non-thermal region, what hot-zone was preserved is the data block and corresponding counter that access frequency is high; Non-thermal region preserves the low block of access frequency and corresponding counter; For each page in internal memory arranges a local counters, when the block in page often writes one time, corresponding counter adds 1;
(2) data block read-write
Data block read-write will carry out encryption and decryption, and encryption mode is based on counter mode encryption; When the new cache produced is capable write back internal memory time, non-thermal region be write; When amended data block is write back internal memory, write the district of its reading, that is: read from non-thermal region, then write non-thermal region, read from hot-zone, then write hot-zone;
(3) data page migration
Data page migrates into hot-zone and to move out non-thermal region two processes, safeguard within a processor a structure add up each page write back frequency, and the threshold value of moving into is set, threshold value be artificial setting write back frequency; When page in non-thermal region write back frequency reach threshold value time, move into; When space, hot-zone is full, the page will being selected to write back frequency minimum in hot-zone before moving into is moved out.
The counter length of described hot-zone is long, and the counter length of described non-thermal region is short, and hot-zone and non-thermal region have different keys.
The principal feature of method of the present invention is as follows:
(1) expense storing counter is less.Because although counter is longer in hot-zone, hot-zone accounts for that the whole ratio of memory headroom of will protecting is very little, and most of space is non-thermal region, and counter is wherein shorter, and therefore the main memory expense of counter is less generally.
(2) number of times of counter spilling is less.The block higher because of access frequency is all moved to hot-zone, and by local access's characteristic of program, within certain period, most access concentrates on hot-zone, and the counter nominal growth of hot-zone is very fast, but counter length long enough, be not easy to overflow; Data block access times simultaneously outside hot-zone are less, and the counter of non-thermal region increases comparatively slow, though therefore short being also not easy of counter is overflowed.
Accompanying drawing explanation
Fig. 1 is Length discrepancy counter protection mechanism structural drawing;
Fig. 2 Length discrepancy counter protection mechanism is moved into process;
Fig. 3 Length discrepancy counter protection mechanism is moved out process.
Embodiment
Composition graphs 1.Figure middle and upper part is processor, it is confidence region, can prevent software and hardware from attacking, have the parts such as processor core, L2-cache, crypto engine and counter in processor, figure bottom is internal memory, it is suspected region, may be subject to hardware attack, and it comprises non-thermal region and hot-zone, there is multiple page (Page) in each district, page has multiple ciphertext blocks (EB) and Counter Value (ctr or ctr '), and hot-zone takes up space little, and ctr is long; Non-thermal region takes up space greatly, and ctr is short.
Composition graphs 2.The Counter Value (ctr) of page and correspondence is read from non-thermal region; By non-thermal region secret key, counter mode deciphering is carried out to page and obtain Plaintext block; The counter (C) of hot-zone generates refresh counter value (ctr ') to Plaintext block each in page; By the encryption seed of hot-zone secret key, ctr ' and addr composition, counter mode encryption is carried out to Plaintext block; Page will be encrypted and ctr ' is mapped to hot-zone.
Composition graphs 3.The Counter Value (ctr ') of page and correspondence is read from hot-zone; By hot-zone secret key, counter mode deciphering is carried out to page and obtain Plaintext block; The counter of non-thermal region (C ') refresh counter value (ctr) is generated to Plaintext block each in page; By the encryption seed of non-thermal region secret key, ctr and addr composition, counter mode encryption is carried out to Plaintext block; Encryption page and ctr are mapped to non-thermal region.