Architectural Support for Mitigating Row Hammering in DRAM Memories

Kim, Dae-Hyun; Nair, Prashant J.; Qureshi, Moinuddin K.

doi:10.1109/lca.2014.2332177

Cited by 98 publications

(68 citation statements)

References 6 publications

(10 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Thus, stronger ECC is very likely required to correct RowHammer errors, which comes at the cost of additional energy, performance, cost, and DRAM capacity overheads. 4 Alternatively, the sixth solution described above, i.e., accurately identifying a row as a hammered row requires keeping track of access counters for a large number of rows in the memory controller [120], potentially leading to very large hardware area and power consumption, and performance, overheads.…”

Section: B Defenses Against Rowhammermentioning

confidence: 99%

RowHammer: A Retrospective

Mutlu

Kim

2020

IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst.

154

129

View full text Add to dashboard Cite

This retrospective paper describes the RowHammer problem in Dynamic Random Access Memory (DRAM), which was initially introduced by Kim et al. at the ISCA 2014 conference [133]. RowHammer is a prime (and perhaps the first) example of how a circuit-level failure mechanism can cause a practical and widespread system security vulnerability. It is the phenomenon that repeatedly accessing a row in a modern DRAM chip causes bit flips in physically-adjacent rows at consistently predictable bit locations. RowHammer is caused by a hardware failure mechanism called DRAM disturbance errors, which is a manifestation of circuit-level cell-to-cell interference in a scaled memory technology.Researchers from Google Project Zero demonstrated in 2015 that this hardware failure mechanism can be effectively exploited by user-level programs to gain kernel privileges on real systems. Many other follow-up works demonstrated other practical attacks exploiting RowHammer. In this article, we comprehensively survey the scientific literature on RowHammer-based attacks as well as mitigation techniques to prevent RowHammer. We also discuss what other related vulnerabilities may be lurking in DRAM and other types of memories, e.g., NAND flash memory or Phase Change Memory, that can potentially threaten the foundations of secure systems, as the memory technologies scale to higher densities. We conclude by describing and advocating a principled approach to memory reliability and security research that can enable us to better anticipate and prevent such vulnerabilities.

show abstract

Section: B Defenses Against Rowhammermentioning

confidence: 99%

RowHammer: A Retrospective

Mutlu

Kim

2020

IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst.

154

129

View full text Add to dashboard Cite

show abstract

“…The underlying principle of side channel attack is that side channel information such as power consumption, electromagnetic leaks, timing information, or even sound can provide extra sources of information about secrets in cryptographic systems, for example, cryptographic keys, partial state information, full or partial plain texts, which can be exploited to break the cryptographic systems. General classes of side channel attack include timing analysis [31], power analysis [32], electromagnetic analysis [33], fault analysis [34], acoustic cryptanalysis [35], data remanence analysis [36], and row hammer analysis attacks [37].…”

Section: Side Channel Attack Considerationsmentioning

confidence: 99%

Under Quantum Computer Attack: Is Rainbow a Replacement of RSA and Elliptic Curves on Hardware?

2018

Security and Communication Networks

View full text Add to dashboard Cite

Among cryptographic systems, multivariate signature is one of the most popular candidates since it has the potential to resist quantum computer attacks. Rainbow belongs to the multivariate signature, which can be viewed as a multilayer unbalanced OilVinegar system. In this paper, we present techniques to exploit Rainbow signature on hardware meeting the requirements of efficient high-performance applications. We propose a general architecture for efficient hardware implementations of Rainbow and enhance our design in three directions. First, we present a fast inversion based on binary trees. Second, we present an efficient multiplication based on compact construction in composite fields. Third, we present a parallel solving system of linear equations based on GaussJordan elimination. Via further other minor optimizations and by integrating the major improvement above, we implement our design in composite fields on standard cell CMOS Application Specific Integrated Circuits (ASICs). The experimental results show that our implementation takes 4.9 us and 242 clock cycles to generate a Rainbow signature with the frequency of 50 MHz. Comparison results show that our design is more efficient than the RSA and ECC implementations.

show abstract

“…There are two main hardware approaches to mitigate wordline crosstalk in DRAM. The first relies on a random number generator [24,25] in the memory controller to probabilistically refresh accessed rows [26]. Although the idea behind this approach is simple, it results in an early refresh of rows that can be potentially affected by crosstalk [15], as well as unnecessary row refreshing in the absence of hot rows.…”

Section: Introductionmentioning

confidence: 99%

“…However, having one counter per row induces a significant area and power overhead to the memory system. To prevent this high cost, row activation counters can be stored in a reserved area of the main memory and a dedicated on-chip countercache can be used to minimize the performance penalty of retrieving counter values from main memory [26].…”

Section: Introductionmentioning

confidence: 99%

“…A hardware approach to alleviate wordline crosstalk is for each DRAM access to refresh the victim rows adjacent to the accessed row based on a probability function [26]. In this probabilistic approach, called PRA (Probabilistic Row Activation), the memory controller uses a Pseudo-Random Number Generator with a given probability (α) to determine when the memory controller should issue a refresh signal to refresh the two rows adjacent to the accessed row.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation