The Community for Technology Leaders
2005 IEEE Symposium on Security and Privacy (S&P'05) (2005)
Oakland, California
May 8, 2005 to May 11, 2005
ISSN: 1081-6011
ISBN: 0-7695-2339-0
pp: 139-153
Dwaine Clarke , Massachusetts Institute of Technology, Cambridge, MA
G. Edward Suh , Massachusetts Institute of Technology, Cambridge, MA
Blaise Gassend , Massachusetts Institute of Technology, Cambridge, MA
Ajay Sudan , Massachusetts Institute of Technology, Cambridge, MA
Marten van Dijk , Massachusetts Institute of Technology, Cambridge, MA
Srinivas Devadas , Massachusetts Institute of Technology, Cambridge, MA
ABSTRACT
We present an adaptive tree-log scheme to improve the performance of checking the integrity of arbitrarily-large untrusted data, when using only a small fixed-sized trusted state. Currently, hash trees are used to check the data. In many systems that use hash trees, programs perform many data operations before performing a critical operation that exports a result outside of the program's execution environment. The adaptive tree-log scheme we present uses this observation to harness the power of the constant runtime bandwidth overhead of a log-based scheme. For all programs, the adaptive tree-log scheme's bandwidth overhead is guaranteed to never be worse than a parameterizable worst case bound. Furthermore, for all programs, as the average number of times the program accesses data between critical operations increases, the adaptive tree-log scheme's bandwidth overhead moves from a logarithmic to a constant bandwidth overhead.
INDEX TERMS
null
CITATION

S. Devadas, A. Sudan, D. Clarke, B. Gassend, M. v. Dijk and G. E. Suh, "Towards Constant Bandwidth Overhead Integrity Checking of Untrusted Data," 2005 IEEE Symposium on Security and Privacy (S&P'05)(SP), Oakland, California, 2005, pp. 139-153.
doi:10.1109/SP.2005.24
80 ms
(Ver 3.1 (10032016))