Securing Data Where It Makes Sense: In-Memory Encryption

Tolga Yalcin

Securing Data Where It Makes Sense: In-Memory Encryption

Abstract

Memory encryption has been an active research area in the recent decade. While the initial focus was on securing data in pervasive applications, recent efforts by Intel and AMD has brought memory encryption to general purpose processors as well. This has been mainly due to new threat models which necessitated securing real-time OS data inside RAM. The existing approaches use dedicated crypto engines that act as a buffer between the memory and the processor. In this study, we propose a novel approach where we combine a new paradigm in computing, in-memory processing, and cryptography to secure data inside the memory. We propose an in-memory encryption engine capable of utilizing processing capabilities of dynamic random access memories. We demonstrate the viability and efficiency of our proposal by implementing NSA cipher SIMON on our engine and show that encryption of a 1~Gb DRAM module can be completed in under 20~ms.

Keywords

In-memory processing, DDR, memory, encryption, SIMON

References

[1] A. Rubini and J. Corbet. Linux device drivers (nutshell handbooks), 1998.
[2] D. Gruss, et al. Page cache attacks. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pages 167–180, 2019.
[3] D. Farmer and W. Venema. Forensic discovery. Addison-Wesley Professional, 2009.
[4] J. A. Halderman, et al. Lest we remember: cold-boot attacks on encryption keys. Communications of the ACM, 52(5):91–98, 2009.
[5] R. Carbone, et al. An in-depth analysis of the cold boot attack. DRDC Valcartier, Defence Research and Development, Canada, Tech. Rep, 2011.
[6] A. Matrosov, E. Rodionov and S. Bratus. Rootkits and bootkits: reversing modern malware and next generation threats. No Starch Press, 2019.
[7] F. McKeen, et. al. Intel® software guard extensions (intel® sgx) support for dynamic memory management inside an enclave. In Proceedings of the Hardware and Architectural Support for Security and Privacy 2016, pages 1–9. 2016.
[8] D. Kaplan. {AMD} x86 memory encryption technologies. 2016.

[9] V. Rijmen and J. Daemen. Advanced encryption standard. Proceedings of Federal Information Processing Standards Publications, National Institute of Standards and Technology, pages 19–22, 2001.
[10] V. Seshadri, et al.Ambit: In-memory accelerator for bulk bitwise operations using commodity dram technology. In 2017 50th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO), pages 273–287. IEEE, 2017.
[11] R. Beaulieu, et al.and Louis Wingers. The simon and speck lightweight block ciphers. In Proceedings of the 52nd Annual Design Automation Conference, pages 1–6, 2015.
[12] B. Jacob, D. Wang and S. Ng. Memory systems: cache, DRAM, disk. Morgan Kaufmann, 2010.
[13] K. Itoh. VLSI memory chip design, volume 5. Springer Science & Business Media, 2013.
[14] V. Seshadri. Simple dram and virtual memory abstractions to enable highly efficient memory systems. arXiv preprint arXiv:1605.06483, 2016.
[15] V. Seshadri, et al. Rowclone: fast and energy-efficient in-dram bulk data copy and initialization. In Proceedings of the 46th Annual IEEE/ACM International Symposium on Microarchitecture, pages 185–197, 2013.
[16] J. Hennessy and D. Patterson. Computer architecture: a quantitative approach. Elsevier, 2011.
[17] S. Mangard, E. Oswald and T. Popp. Power analysis attacks: Revealing the secrets of smart cards, volume 31. Springer Science & Business Media, 2008.
[18] N. Pramstaller, S. Mangard, S. Dominikus and J. Wolkerstorfer. Efficient aes implementations on asics and fpgas. In International Conference on Advanced Encryption Standard, pages 98–112. Springer, 2004.
[19] M. Xie, et al.Securing emerging nonvolatile main memory with fast and energy-efficient aes in-memory implementation. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 26(11):2443–2455, 2018.
[20] S. Angizi, Z. He and D. Fan. Pima-logic: a novel processingin-memory architecture for highly flexible and energy-efficient logic computation. In Proceedings of the 55th Annual Design Automation Conference, pages 1–6, 2018.
[21] S. Angizi, Z. He, A. Awad and D. Fan. Mrima: an mram-based in-memory accelerator. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 2019.
[22] A. Lee and K.-L. Wang. Full memory encryption with magnetoelectric in-memory computing. In 2019 International Symposium on VLSI Technology, Systems and Application (VLSI-TSA), pages 1–2. IEEE, 2019.
[23] X. Huang. Construction on embedded real-time operating system of computer. In 2015 2nd International Conference on Electrical, Computer Engineering and Electronics. Atlantis Press, 2015.
[24] M. R. Albrecht, et al. Block ciphers–focus on the linear layer (feat. pride). In Annual Cryptology Conference, pages 57–76. Springer, 2014.

Details

Primary Language

English

Subjects

-

Journal Section

-

Authors

Tolga Yalcin This is me

Publication Date

June 1, 2020

Submission Date

-

Acceptance Date

-

Published in Issue

Year 2020 Volume: 9 Number: 2

IZ

https://izlik.org/JA46NC96LS

Cite

RIS / Bibtex

APA

Yalcin, T. (2020). Securing Data Where It Makes Sense: In-Memory Encryption. International Journal of Information Security Science, 9(2), 126-139. https://izlik.org/JA46NC96LS

AMA

1.Yalcin T. Securing Data Where It Makes Sense: In-Memory Encryption. IJISS. 2020;9(2):126-139. https://izlik.org/JA46NC96LS

Chicago

Yalcin, Tolga. 2020. “Securing Data Where It Makes Sense: In-Memory Encryption”. International Journal of Information Security Science 9 (2): 126-39. https://izlik.org/JA46NC96LS.

EndNote

Yalcin T (June 1, 2020) Securing Data Where It Makes Sense: In-Memory Encryption. International Journal of Information Security Science 9 2 126–139.

IEEE

[1]T. Yalcin, “Securing Data Where It Makes Sense: In-Memory Encryption”, IJISS, vol. 9, no. 2, pp. 126–139, June 2020, [Online]. Available: https://izlik.org/JA46NC96LS

ISNAD

Yalcin, Tolga. “Securing Data Where It Makes Sense: In-Memory Encryption”. International Journal of Information Security Science 9/2 (June 1, 2020): 126-139. https://izlik.org/JA46NC96LS.

JAMA

1.Yalcin T. Securing Data Where It Makes Sense: In-Memory Encryption. IJISS. 2020;9:126–139.

MLA

Yalcin, Tolga. “Securing Data Where It Makes Sense: In-Memory Encryption”. International Journal of Information Security Science, vol. 9, no. 2, June 2020, pp. 126-39, https://izlik.org/JA46NC96LS.

Vancouver

1.Tolga Yalcin. Securing Data Where It Makes Sense: In-Memory Encryption. IJISS [Internet]. 2020 Jun. 1;9(2):126-39. Available from: https://izlik.org/JA46NC96LS