ECP: Coprocessor Architecture to Protect Program Logic Consistency

IF 1.7 4区计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Journal of Software-Evolution and Process Pub Date : 2025-04-23 DOI:10.1002/smr.70023

Yang Gao, Siqi Lu, Yongjuan Wang, Haopeng Fan, Qingdi Han, Jingsheng Li

{"title":"ECP: Coprocessor Architecture to Protect Program Logic Consistency","authors":"Yang Gao, Siqi Lu, Yongjuan Wang, Haopeng Fan, Qingdi Han, Jingsheng Li","doi":"10.1002/smr.70023","DOIUrl":null,"url":null,"abstract":"<div>\n \n <p>Contemporary program protection methods focus on safeguarding either program generation, storage, or execution; however, no unified protection strategy exists for ensuring the security of a full program lifecycle. In this study, we combine the static security of program generation with the dynamic security of process execution and propose a novel program logic consistency security property. An encryption core processing (ECP) architecture is presented that provides coprocessor solutions to protect the program logic consistency at the granularity of instructions and data flows. The new authenticated encryption mode in the architecture uses the offset value of the program's instructions and data in relation to the segment-based address as its encryption parameters. Lightweight cryptographic primitives are adopted to ensure that the hardware burden added by the ECP is limited, especially under <span></span><math>\n <semantics>\n <mrow>\n <mo>×</mo>\n </mrow>\n <annotation>$$ \\times $$</annotation>\n </semantics></math>64 architectures. We prove that the proposed scheme in the ECP architecture satisfies indistinguishability under chosen plaintext attack and demonstrate the effectiveness of the architecture against various attacks. Additionally, a theoretical performance analysis is provided for estimating the overhead introduced by the ECP architecture.</p>\n </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 4","pages":""},"PeriodicalIF":1.7000,"publicationDate":"2025-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Software-Evolution and Process","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/smr.70023","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 0

Abstract

Contemporary program protection methods focus on safeguarding either program generation, storage, or execution; however, no unified protection strategy exists for ensuring the security of a full program lifecycle. In this study, we combine the static security of program generation with the dynamic security of process execution and propose a novel program logic consistency security property. An encryption core processing (ECP) architecture is presented that provides coprocessor solutions to protect the program logic consistency at the granularity of instructions and data flows. The new authenticated encryption mode in the architecture uses the offset value of the program's instructions and data in relation to the segment-based address as its encryption parameters. Lightweight cryptographic primitives are adopted to ensure that the hardware burden added by the ECP is limited, especially under $\times$ 64 architectures. We prove that the proposed scheme in the ECP architecture satisfies indistinguishability under chosen plaintext attack and demonstrate the effectiveness of the architecture against various attacks. Additionally, a theoretical performance analysis is provided for estimating the overhead introduced by the ECP architecture.

Abstract Image

查看原文本刊更多论文

保护程序逻辑一致性的协处理器架构

当代程序保护方法侧重于保护程序的生成、存储或执行；然而，没有统一的保护策略来确保整个程序生命周期的安全性。本文将程序生成的静态安全性与进程执行的动态安全性相结合，提出了一种新的程序逻辑一致性安全特性。提出了一种加密核心处理（ECP）体系结构，提供了协处理器解决方案，以保护指令和数据流粒度上的程序逻辑一致性。该体系结构中新的身份验证加密模式使用程序指令和数据相对于基于段的地址的偏移值作为其加密参数。采用轻量级加密原语来确保ECP增加的硬件负担是有限的，特别是在x $$ \times $$ 64体系结构下。我们证明了该方案在ECP体系结构中满足选择明文攻击下的不可区分性，并证明了该体系结构对各种攻击的有效性。此外，对ECP体系结构引入的开销进行了理论性能分析。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Software-Evolution and Process COMPUTER SCIENCE, SOFTWARE ENGINEERING-

自引率

10.00%

发文量

109