Securing Data Where It Makes Sense: In-Memory Encryption

Tolga YALÇIN (Northern Arizona University, School of Informatics, Computing, and Cyber Systems, Flagstaff, AZ, USA)
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE
1 0
Yıl: 2020 Cilt: 9 Sayı: 2 Sayfa Aralığı: 126 - 139 Metin Dili: İngilizce İndeks Tarihi: 24-11-2020

Securing Data Where It Makes Sense: In-Memory Encryption

Öz:
Memory encryption has been an active research area in the recent decade. While the initial focus was on securingdata in pervasive applications, recent efforts by Intel and AMD has brought memory encryption to general purpose processors aswell. This has been mainly due to new threat models which necessitated securing real-time OS data inside RAM. The existingapproaches use dedicated crypto engines that act as a buffer between the memory and the processor. In this study, we propose anovel approach where we combine a new paradigm in computing, in-memory processing, and cryptography to secure data insidethe memory. We propose an in-memory encryption engine capable of utilizing processing capabilities of dynamic random accessmemories. We demonstrate the viability and efficiency of our proposal by implementing NSA cipher SIMON on our engine andshow that encryption of a 1 Gb DRAM module can be completed in under 20 ms.
Anahtar Kelime:

Belge Türü: Makale Makale Türü: Araştırma Makalesi Erişim Türü: Erişime Açık
  • [1] A. Rubini and J. Corbet. Linux device drivers (nutshell handbooks), 1998.
  • [2] D. Gruss, et al. Page cache attacks. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pages 167–180, 2019.
  • [3] D. Farmer and W. Venema. Forensic discovery. Addison-Wesley Professional, 2009.
  • [4] J. A. Halderman, et al. Lest we remember: cold-boot attacks on encryption keys. Communications of the ACM, 52(5):91–98, 2009.
  • [5] R. Carbone, et al. An in-depth analysis of the cold boot attack. DRDC Valcartier, Defence Research and Development, Canada, Tech. Rep, 2011.
  • [6] A. Matrosov, E. Rodionov and S. Bratus. Rootkits and bootkits: reversing modern malware and next generation threats. No Starch Press, 2019.
  • [7] F. McKeen, et. al. Intel® software guard extensions (intel® sgx) support for dynamic memory management inside an enclave. In Proceedings of the Hardware and Architectural Support for Security and Privacy 2016, pages 1–9. 2016.
  • [8] D. Kaplan. {AMD} x86 memory encryption technologies. 2016.
  • [9] V. Rijmen and J. Daemen. Advanced encryption standard. Proceedings of Federal Information Processing Standards Publications, National Institute of Standards and Technology, pages 19–22, 2001.
  • [10] V. Seshadri, et al.Ambit: In-memory accelerator for bulk bitwise operations using commodity dram technology. In 2017 50th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO), pages 273–287. IEEE, 2017.
  • [11] R. Beaulieu, et al.and Louis Wingers. The simon and speck lightweight block ciphers. In Proceedings of the 52nd Annual Design Automation Conference, pages 1–6, 2015.
  • [12] B. Jacob, D. Wang and S. Ng. Memory systems: cache, DRAM, disk. Morgan Kaufmann, 2010.
  • [13] K. Itoh. VLSI memory chip design, volume 5. Springer Science & Business Media, 2013.
  • [14] V. Seshadri. Simple dram and virtual memory abstractions to enable highly efficient memory systems. arXiv preprint arXiv:1605.06483, 2016.
  • [15] V. Seshadri, et al. Rowclone: fast and energy-efficient in-dram bulk data copy and initialization. In Proceedings of the 46th Annual IEEE/ACM International Symposium on Microarchitecture, pages 185–197, 2013.
  • [16] J. Hennessy and D. Patterson. Computer architecture: a quantitative approach. Elsevier, 2011.
  • [17] S. Mangard, E. Oswald and T. Popp. Power analysis attacks: Revealing the secrets of smart cards, volume 31. Springer Science & Business Media, 2008.
  • [18] N. Pramstaller, S. Mangard, S. Dominikus and J. Wolkerstorfer. Efficient aes implementations on asics and fpgas. In International Conference on Advanced Encryption Standard, pages 98–112. Springer, 2004.
  • [19] M. Xie, et al.Securing emerging nonvolatile main memory with fast and energy-efficient aes in-memory implementation. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 26(11):2443–2455, 2018.
  • [20] S. Angizi, Z. He and D. Fan. Pima-logic: a novel processingin-memory architecture for highly flexible and energy-efficient logic computation. In Proceedings of the 55th Annual Design Automation Conference, pages 1–6, 2018.
  • [21] S. Angizi, Z. He, A. Awad and D. Fan. Mrima: an mram-based in-memory accelerator. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 2019.
  • [22] A. Lee and K.-L. Wang. Full memory encryption with magnetoelectric in-memory computing. In 2019 International Symposium on VLSI Technology, Systems and Application (VLSI-TSA), pages 1–2. IEEE, 2019.
  • [23] X. Huang. Construction on embedded real-time operating system of computer. In 2015 2nd International Conference on Electrical, Computer Engineering and Electronics. Atlantis Press, 2015.
  • [24] M. R. Albrecht, et al. Block ciphers–focus on the linear layer (feat. pride). In Annual Cryptology Conference, pages 57–76. Springer, 2014.
APA Yalcin T (2020). Securing Data Where It Makes Sense: In-Memory Encryption. , 126 - 139.
Chicago Yalcin Tolga Securing Data Where It Makes Sense: In-Memory Encryption. (2020): 126 - 139.
MLA Yalcin Tolga Securing Data Where It Makes Sense: In-Memory Encryption. , 2020, ss.126 - 139.
AMA Yalcin T Securing Data Where It Makes Sense: In-Memory Encryption. . 2020; 126 - 139.
Vancouver Yalcin T Securing Data Where It Makes Sense: In-Memory Encryption. . 2020; 126 - 139.
IEEE Yalcin T "Securing Data Where It Makes Sense: In-Memory Encryption." , ss.126 - 139, 2020.
ISNAD Yalcin, Tolga. "Securing Data Where It Makes Sense: In-Memory Encryption". (2020), 126-139.
APA Yalcin T (2020). Securing Data Where It Makes Sense: In-Memory Encryption. INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE, 9(2), 126 - 139.
Chicago Yalcin Tolga Securing Data Where It Makes Sense: In-Memory Encryption. INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE 9, no.2 (2020): 126 - 139.
MLA Yalcin Tolga Securing Data Where It Makes Sense: In-Memory Encryption. INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE, vol.9, no.2, 2020, ss.126 - 139.
AMA Yalcin T Securing Data Where It Makes Sense: In-Memory Encryption. INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE. 2020; 9(2): 126 - 139.
Vancouver Yalcin T Securing Data Where It Makes Sense: In-Memory Encryption. INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE. 2020; 9(2): 126 - 139.
IEEE Yalcin T "Securing Data Where It Makes Sense: In-Memory Encryption." INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE, 9, ss.126 - 139, 2020.
ISNAD Yalcin, Tolga. "Securing Data Where It Makes Sense: In-Memory Encryption". INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE 9/2 (2020), 126-139.
Sayfa Oluşturulma Tarihi
17-04-2024 17:20

İLETİŞİM

TÜBİTAK ULAKBİM TR Dizin

Yüzüncüyıl, İşçi Blokları Mahallesi

Muhsin Yazıcıoğlu Caddesi No:51/C

06530 Çankaya / ANKARA +90 (312) 298 92 00

trdizin@tubitak.gov.tr

TÜBİTAK ULAKBİM Ulusal Akademik Ağ ve Bilgi Merkezi Cahit Arf Bilgi Merkezi © Tüm Hakları Saklıdır. Gizlilik Politikası Kullanım Şartları