Defending against attacks on main memory persistence

William Enck, Kevin Butler, Thomas Richardson, Patrick Drew McDaniel, Adam Davison Smith

Research output: Contribution to journalConference article

18 Citations (Scopus)

Abstract

Main memory contains transient information for all resident applications. However, if memory chip contents survives power-off, e.g., via freezing DRAM chips, sensitive data such as passwords and keys can be extracted. Main memory persistence will soon be the norm as recent advancements in MRAM and FeRAM position non-volatile memory technologies for widespread deployment in laptop, desktop, and embedded system main memory. Unfortunately, the same properties that provide energy efficiency, tolerance against power failure, and "instant-on" power-up also subject systems to offline memory scanning. In this paper, we propose a Memory Encryption Control Unit (MECU) that provides memory confidentiality during system suspend and across reboots. The MECU encrypts all memory transfers between the processor-local level 2 cache and main memory to ensure plaintext data is never written to the persistent medium. The MECU design is outlined and performance and security trade-offs considered. We evaluate a MECU-enhanced architecture using the SimpleScalar hardware simulation framework on several hardware benchmarks. This analysis shows the majority of memory accesses are delayed by less than 1 ns, with higher access latencies (caused by resume state reconstruction) subsiding within 0.25 seconds of a system resume. In effect, the MECU provides zero-cost steady state memory confidentiality for non-volatile main memory.

Original languageEnglish (US)
Article number4721545
Pages (from-to)65-74
Number of pages10
JournalProceedings - Annual Computer Security Applications Conference, ACSAC
DOIs
StatePublished - Dec 1 2008
Event24th Annual Computer Security Applications Conference, ACSAC 2008 - Anaheim, CA, United States
Duration: Dec 8 2008Dec 12 2008

Fingerprint

Data storage equipment
Cryptography
Computer hardware
Computer systems
Dynamic random access storage
Embedded systems
Freezing
Energy efficiency
Scanning

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Software
  • Safety, Risk, Reliability and Quality

Cite this

Enck, William ; Butler, Kevin ; Richardson, Thomas ; McDaniel, Patrick Drew ; Smith, Adam Davison. / Defending against attacks on main memory persistence. In: Proceedings - Annual Computer Security Applications Conference, ACSAC. 2008 ; pp. 65-74.
@article{34fd528440b24c2f999c6923394fcedf,
title = "Defending against attacks on main memory persistence",
abstract = "Main memory contains transient information for all resident applications. However, if memory chip contents survives power-off, e.g., via freezing DRAM chips, sensitive data such as passwords and keys can be extracted. Main memory persistence will soon be the norm as recent advancements in MRAM and FeRAM position non-volatile memory technologies for widespread deployment in laptop, desktop, and embedded system main memory. Unfortunately, the same properties that provide energy efficiency, tolerance against power failure, and {"}instant-on{"} power-up also subject systems to offline memory scanning. In this paper, we propose a Memory Encryption Control Unit (MECU) that provides memory confidentiality during system suspend and across reboots. The MECU encrypts all memory transfers between the processor-local level 2 cache and main memory to ensure plaintext data is never written to the persistent medium. The MECU design is outlined and performance and security trade-offs considered. We evaluate a MECU-enhanced architecture using the SimpleScalar hardware simulation framework on several hardware benchmarks. This analysis shows the majority of memory accesses are delayed by less than 1 ns, with higher access latencies (caused by resume state reconstruction) subsiding within 0.25 seconds of a system resume. In effect, the MECU provides zero-cost steady state memory confidentiality for non-volatile main memory.",
author = "William Enck and Kevin Butler and Thomas Richardson and McDaniel, {Patrick Drew} and Smith, {Adam Davison}",
year = "2008",
month = "12",
day = "1",
doi = "10.1109/ACSAC.2008.45",
language = "English (US)",
pages = "65--74",
journal = "Proceedings - Annual Computer Security Applications Conference, ACSAC",
issn = "1063-9527",

}

Defending against attacks on main memory persistence. / Enck, William; Butler, Kevin; Richardson, Thomas; McDaniel, Patrick Drew; Smith, Adam Davison.

In: Proceedings - Annual Computer Security Applications Conference, ACSAC, 01.12.2008, p. 65-74.

Research output: Contribution to journalConference article

TY - JOUR

T1 - Defending against attacks on main memory persistence

AU - Enck, William

AU - Butler, Kevin

AU - Richardson, Thomas

AU - McDaniel, Patrick Drew

AU - Smith, Adam Davison

PY - 2008/12/1

Y1 - 2008/12/1

N2 - Main memory contains transient information for all resident applications. However, if memory chip contents survives power-off, e.g., via freezing DRAM chips, sensitive data such as passwords and keys can be extracted. Main memory persistence will soon be the norm as recent advancements in MRAM and FeRAM position non-volatile memory technologies for widespread deployment in laptop, desktop, and embedded system main memory. Unfortunately, the same properties that provide energy efficiency, tolerance against power failure, and "instant-on" power-up also subject systems to offline memory scanning. In this paper, we propose a Memory Encryption Control Unit (MECU) that provides memory confidentiality during system suspend and across reboots. The MECU encrypts all memory transfers between the processor-local level 2 cache and main memory to ensure plaintext data is never written to the persistent medium. The MECU design is outlined and performance and security trade-offs considered. We evaluate a MECU-enhanced architecture using the SimpleScalar hardware simulation framework on several hardware benchmarks. This analysis shows the majority of memory accesses are delayed by less than 1 ns, with higher access latencies (caused by resume state reconstruction) subsiding within 0.25 seconds of a system resume. In effect, the MECU provides zero-cost steady state memory confidentiality for non-volatile main memory.

AB - Main memory contains transient information for all resident applications. However, if memory chip contents survives power-off, e.g., via freezing DRAM chips, sensitive data such as passwords and keys can be extracted. Main memory persistence will soon be the norm as recent advancements in MRAM and FeRAM position non-volatile memory technologies for widespread deployment in laptop, desktop, and embedded system main memory. Unfortunately, the same properties that provide energy efficiency, tolerance against power failure, and "instant-on" power-up also subject systems to offline memory scanning. In this paper, we propose a Memory Encryption Control Unit (MECU) that provides memory confidentiality during system suspend and across reboots. The MECU encrypts all memory transfers between the processor-local level 2 cache and main memory to ensure plaintext data is never written to the persistent medium. The MECU design is outlined and performance and security trade-offs considered. We evaluate a MECU-enhanced architecture using the SimpleScalar hardware simulation framework on several hardware benchmarks. This analysis shows the majority of memory accesses are delayed by less than 1 ns, with higher access latencies (caused by resume state reconstruction) subsiding within 0.25 seconds of a system resume. In effect, the MECU provides zero-cost steady state memory confidentiality for non-volatile main memory.

UR - http://www.scopus.com/inward/record.url?scp=60749127781&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=60749127781&partnerID=8YFLogxK

U2 - 10.1109/ACSAC.2008.45

DO - 10.1109/ACSAC.2008.45

M3 - Conference article

SP - 65

EP - 74

JO - Proceedings - Annual Computer Security Applications Conference, ACSAC

JF - Proceedings - Annual Computer Security Applications Conference, ACSAC

SN - 1063-9527

M1 - 4721545

ER -