Merkle tree is a widely used tree structure for authentication of data/metadata in a secure computing system. Recent state-of-the art secure systems use a smaller-sized MT, namely Bonsai Merkle Tree (BMT) to protect the metadata such as encryption counters. Common BMT algorithms were designed for traditional Von Neumann architectures with a software-centric implementation in mind, hence they use a lot of recursions and are often sequential in nature. However, the modern heterogeneous computing platforms employing Field-Programmable Gate Array (FPGA) devices require concurrency-focused algorithms to fully utilize the versatility and parallel nature of such systems. Our goal for this work is to introduce HMT, a hardware-friendly BMT algorithm that enables the verification and update processes to function independently and provides the benefits of relaxed update while being comparable to eager update in terms of update complexity. The methodology of HMT contributes both novel algorithm revisions and innovative hardware techniques to implementing BMT. We introduce a hybrid BMT algorithm that is hardware-targeted, parallel and relaxes the update depending on BMT cache hit but makes the update conditions more flexible compared to lazy update to save additional write-backs. Deploying this new algorithm, we have designed a new BMT controller with a dataflow architecture, speculative buffers and parallel write-back engines that allows for multiple concurrent relaxed authentication. Our empirical performance measurements have demonstrated that HMT can achieve up to 7x improvement in bandwidth and 4.5x reduction in latency over baseline in subsystem level tests. In a real secure-memory system on a Xilinx U200 accelerator FPGA, HMT exhibits up to 14\% faster execution in standard benchmarks compared to state-of-the art BMT solution on FPGA.

翻译：默克尔树是安全计算系统中广泛用于数据/元数据认证的树结构。当前最先进的安全系统采用更小规模的默克尔树——即盆景默克尔树（BMT）——来保护加密计数器等元数据。通用BMT算法是为传统冯·诺依曼架构设计的，其实现以软件为中心，因此大量使用递归且本质上是顺序执行的。然而，采用现场可编程门阵列（FPGA）设备的现代异构计算平台需要以并发为核心的算法，以充分利用此类系统的灵活性与并行特性。本研究的目标是提出HMT——一种硬件友好的BMT算法，它使验证与更新过程能够独立运行，在保持与急切更新相近的更新复杂度的同时，提供放松更新的优势。HMT的方法论在算法层面贡献了新颖的修订方案，在硬件层面引入了创新的技术实现BMT。我们提出了一种面向硬件的混合BMT算法，该算法具有并行特性，并根据BMT缓存命中情况放松更新条件，同时使更新条件相比惰性更新更为灵活以节省额外写回操作。基于这一新算法，我们设计了具有数据流架构、推测缓冲区和并行写回引擎的新型BMT控制器，支持多个并发的放松认证。实验性能测量表明，HMT在子系统级测试中可实现高达7倍的带宽提升和4.5倍的延迟降低。在基于Xilinx U200加速器FPGA的真实安全内存系统中，HMT在标准基准测试中的执行速度相比当前最先进的FPGA BMT方案提升高达14%。