Inspection-Resistant Memory Architectures

The ability to safely keep a secret in memory is central to the vast majority of security schemes, but storing and erasing these secrets is a difficult problem in the face of an attacker who can obtain unrestricted physical access to the underlying hardware. Depending on the memory technology, the very act of storing a 1 instead of a 0 can have physical side effects measurable even after the power has been cut. These effects can't be hidden easily, and if the secret stored on chip is of sufficient value, an attacker might go to extraordinary means to learn even a few bits of that information. The architecture has an interesting role to play here. Just as one uses architectural techniques to detect and correct errors, so too can one create efficient methods to hide critical bits from physical inspection. The authors present a first step toward this goal by focusing on a backbone of any hardware system: on-chip memory. They examine the relationship between security, area, and efficiency in these architectures and quantitatively examine the resulting systems through cryptographic analysis and microarchitectural impact. In the end, they find an efficient scheme in which, even if an adversary is able to inspect the value of a stored bit with a probabilistic error of only 5 percent, the system will be able to prevent that adversary from learning any information about the original uncoded bits with 99.9999999999 percent probability.

[1]  J. Lien,et al.  Degradations due to hole trapping in flash memory cells , 1989, IEEE Electron Device Letters.

[2]  Vinod Vaikuntanathan,et al.  Inspection resistant memory: Architectural support for security from physical examination , 2012, 2012 39th Annual International Symposium on Computer Architecture (ISCA).

[3]  Guilherme Ottoni,et al.  RIFLE: An Architectural Framework for User-Centric Information-Flow Security , 2004, 37th International Symposium on Microarchitecture (MICRO-37'04).

[4]  Onur Mutlu,et al.  Top Picks [Guest editors' introduction] , 2011, IEEE Micro.

[5]  Frederic T. Chong,et al.  Crafting a usable microkernel, processor, and I/O system with strict and provable information flow security , 2011, 2011 38th Annual International Symposium on Computer Architecture (ISCA).

[6]  Wolfgang Rosenstiel,et al.  New Algorithms, Architectures and Applications for Reconfigurable Computing , 2005 .

[7]  Guru Venkataramani,et al.  FlexiTaint: A programmable accelerator for dynamic taint propagation , 2008, 2008 IEEE 14th International Symposium on High Performance Computer Architecture.

[8]  Ruby B. Lee,et al.  New cache designs for thwarting software cache-based side channel attacks , 2007, ISCA '07.

[9]  Ruby B. Lee,et al.  A novel cache architecture with enhanced performance and security , 2008, 2008 41st IEEE/ACM International Symposium on Microarchitecture.

[10]  David Zhang,et al.  Secure program execution via dynamic information flow tracking , 2004, ASPLOS XI.

[11]  Christoforos E. Kozyrakis,et al.  Raksha: a flexible information flow architecture for software security , 2007, ISCA '07.

[12]  Vijayalakshmi Srinivasan,et al.  Scalable high performance main memory system using phase-change memory technology , 2009, ISCA '09.

[13]  B. Eitan,et al.  Analysis and modeling of floating-gate EEPROM cells , 1986, IEEE Transactions on Electron Devices.

[14]  M. Shatzkes,et al.  Characteristic length and time in electromigration , 1993 .

[15]  Olatunji Ruwase,et al.  Parallelizing dynamic information flow tracking , 2008, SPAA '08.

[16]  Josep Torrellas,et al.  The BubbleWrap many-core: Popping cores for sequential acceleration , 2009, 2009 42nd Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).

[17]  Josep Torrellas,et al.  Facelift: Hiding and slowing down aging in multicores , 2008, 2008 41st IEEE/ACM International Symposium on Microarchitecture.