Paper 2015/831

M-MAP: Multi-Factor Memory Authentication for Secure Embedded Processors

Syed Kamran Haider, Masab Ahmad, Farrukh Hijaz, Astha Patni, Ethan Johnson, Matthew Seita, Omer Khan, and Marten van Dijk


The challenges faced in securing embedded computing systems against multifaceted memory safety vulnerabilities have prompted great interest in the development of memory safety countermeasures. These countermeasures either provide protection only against their corresponding type of vulnerabilities, or incur substantial architectural modifications and overheads in order to provide complete safety, which makes them infeasible for embedded systems. In this paper, we propose M-MAP: a comprehensive system based on multi-factor memory authentication for complete memory safety, inspired by everyday user authentication factors. We examine certain crucial theoretical and practical implications of composing memory integrity verification and bounds checking protection schemes in a comprehensive system. Based on these implications, we implement M-MAP with hardware based memory integrity verification and software based bounds checking to achieve a balance between hardware modifications and performance. We demonstrate that M-MAP implemented on top of a lightweight out-of-order processor delivers complete memory safety with only $32\%$ performance overhead on average, and incurs minimal hardware modifications and area overhead.

Note: This is an extended version of the M-MAP paper published as a poster paper in IEEE International Conference on Computer Design, 2015.

Available format(s)
Publication info
Published elsewhere. Major revision. IEEE International Conference on Computer Design, 2015
Secure ProcessorMemory SafetyAuthenticationMemory IntegrityBounds Checking
Contact author(s)
syed haider @ engr uconn edu
2015-08-26: received
Short URL
Creative Commons Attribution


      author = {Syed Kamran Haider and Masab Ahmad and Farrukh Hijaz and Astha Patni and Ethan Johnson and Matthew Seita and Omer Khan and Marten van Dijk},
      title = {M-MAP: Multi-Factor Memory Authentication for Secure Embedded Processors},
      howpublished = {Cryptology ePrint Archive, Paper 2015/831},
      year = {2015},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.