Niccolò Izzo, Alessandro Barenghi, L. Breveglieri, Gerardo Pelosi, P. Amato
{"title":"A secure and authenticated host-to-memory communication interface","authors":"Niccolò Izzo, Alessandro Barenghi, L. Breveglieri, Gerardo Pelosi, P. Amato","doi":"10.1145/3310273.3323401","DOIUrl":null,"url":null,"abstract":"Emerging non-volatile memories (NVMs) have the potential to change the memory-storage hierarchy in computing devices, and even to replace DRAM as main memories. In fact NVMs, beside offering byte-addressability and data persistence, promise better scalability and higher capacity than DRAM. However, from a security point of view, the persistent nature of emerging memories provides a larger time window to exfiltrate data from a device with respect to current DRAM-based main memories, and NVMs have in general lower write endurance than DRAM, thus requiring wear-out conscious encryption schemes. In this work we propose an architectural solution to secure non-volatile emerging memories, providing confidentiality, integrity and authenticity to the entire set of data, addresses and commands. Our solution relies on securing and authenticating the entire information transport between the host controller and the memory, enabling the storage of cleartext data inside the NVM. Such an approach allows to retain the advantage of differential write strategies without forsaking security. We validate our proposed architecture through the simulation of a set of software benchmarks on an embedded architecture, employing the gem5 trace-based architectural simulator.","PeriodicalId":431860,"journal":{"name":"Proceedings of the 16th ACM International Conference on Computing Frontiers","volume":"516 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-04-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 16th ACM International Conference on Computing Frontiers","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3310273.3323401","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
Emerging non-volatile memories (NVMs) have the potential to change the memory-storage hierarchy in computing devices, and even to replace DRAM as main memories. In fact NVMs, beside offering byte-addressability and data persistence, promise better scalability and higher capacity than DRAM. However, from a security point of view, the persistent nature of emerging memories provides a larger time window to exfiltrate data from a device with respect to current DRAM-based main memories, and NVMs have in general lower write endurance than DRAM, thus requiring wear-out conscious encryption schemes. In this work we propose an architectural solution to secure non-volatile emerging memories, providing confidentiality, integrity and authenticity to the entire set of data, addresses and commands. Our solution relies on securing and authenticating the entire information transport between the host controller and the memory, enabling the storage of cleartext data inside the NVM. Such an approach allows to retain the advantage of differential write strategies without forsaking security. We validate our proposed architecture through the simulation of a set of software benchmarks on an embedded architecture, employing the gem5 trace-based architectural simulator.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
