STASH: SecuriTy Architecture for Smart Hybrid Memories

Swami, Shivam; Rakshit, Joydeep; Mohanram, Kartik

doi:10.1109/dac.2018.8465885

Cited by 2 publications

(1 citation statement)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…All off-chip devices, including main memory and memory bus, are considered vulnerable to both passive (snooping) and active (tampering) attacks. These assumptions are essential to secure processor architecture [9], [15], [48], [50], [53], [56], [57].…”

Section: Background and Related Work A Threat Modelmentioning

confidence: 99%

Streamlining Integrity Tree Updates for Secure Persistent Non-Volatile Memory

Freij¹,

Yuan²,

Zhou³

et al. 2020

Preprint

View full text Add to dashboard Cite

Emerging non-volatile main memory (NVMM) is rapidly being integrated into computer systems. However, NVMM is vulnerable to potential data remanence and replay attacks.Established security models including split counter mode encryption and Bonsai Merkle tree (BMT) authentication have been introduced against such data integrity attacks. However, these security methods are not readily compatible with NVMM. Recent works on secure NVMM pointed out the need for data and its metadata, including the counter, the message authentication code (MAC), and the BMT to be persisted atomically. However, memory persistency models have been overlooked for secure NVMM, which is essential for crash recoverability.In this work, we analyze the invariants that need to be ensured in order to support crash recovery for secure NVMM. We highlight that prior research has substantially under-estimated the cost of BMT persistence and propose several optimization techniques to reduce the overhead of atomically persisting updates to BMTs. The optimizations proposed explore the use of pipelining, out-of-order writes, and update coalescing while conforming to strict or epoch persistency models respectively. We evaluate our work and show that our proposed optimizations significantly reduce the performance overhead of secure NVMM with crash recoverability.

show abstract