SecDDR: Enabling Low-Cost Secure Memories by Protecting the DDR Interface

The security goals of cloud providers and users include memory confidentiality and integrity, which requires implementing Replay-Attack protection (RAP). RAP can be achieved using integrity trees or mutually authenticated channels. Integrity trees incur significant performance overheads and are impractical for protecting large memories. Mutually authenticated channels have been proposed only for packetized memory interfaces that address only a very small niche domain and require fundamental changes to memory system architecture. We propose SecDDR, a low-cost RAP that targets direct-attached memories, like DDRx. SecDDR avoids memory-side data authentication, and thus, only adds a small amount of logic to memory components and does not change the underlying DDR protocol, making it practical for widespread adoption. In contrast to prior mutual authentication proposals, which require trusting the entire memory module, SecDDR targets untrusted modules by placing its limited security logic on the DRAM die (or package) of the ECC chip. Our evaluation shows that SecDDR performs within 1% of an encryption-only memory without RAP and that SecDDR provides 18.8% and 7.8% average performance improvements (up to 190.4% and 24.8%) relative to a 64-ary integrity tree and an authenticated channel, respectively

Practical integrity protection mechanisms for large-scale memory systems

Trusting the data center and remote computing infrastructure is crucial for the users to move their code and data to the cloud and enable future distributed applications. To this end, secure processors protect the confidentiality and integrity of off-chip data. While recent products offer memory encryption at a low cost, existing integrity protection mechanisms impose significant overheads in terms of performance and power. In my dissertation, I study three aspects to lower these overheads and improve the scalability of integrity protection for future large-scale memories. First, I introduce SafeGuard, a low-cost integrity protection scheme that provides integrity protection with error correction for existing ECC memories. Then, I introduce SecDDR, a novel approach for replay attack protection that scales to any memory capacity without incurring the overheads of conventional protection schemes. Finally, I study different DRAM-aware data and metadata organizations to lower the cost of integrity protection for non-ECC modules.Electrical and Computer Engineerin