Researchers develop hardware encryption for new memory technology

Posted by David Gomez

Security concerns usually get in the way of adopting new non-volatile main memory (NVMM) technology. Researchers at North Carolina State University may have fixed that problem.

Using NVMM technology in next-generation computers would improve computer start times and boost memory capacity. And NVMM technologies, such as phase-change memory, have great potential to replace conventional dynamic random access memory (DRAM) in the main memory of computers. However, NVMM has security risks.
    
Conventional DRAM main memory does not store data when the computer is turned off. That means that it doesn’t store your credit card number and password after an online shopping spree. NVMM, on the other hand, stores all user data in main memory even years after the computer is turned off. This feature might very well give criminals access to your personal information or other data if your laptop or smart phone were stolen. And, since the data in the NVMM is stored in main memory, it cannot be encrypted using software. Software cannot manage main memory functions, because software itself operates in main memory.
    
NC State’s Wolfpack of researchers have come up with a solution using a hardware encryption system called i-NVMM.
    
“We could use hardware to encrypt everything,” explains Dr. Yan Solihin, associate professor of electrical and computer engineering at NC State and co-author of a paper describing i-NVMM, “but then the system would run very slowly – because it would constantly be encrypting and decrypting data.
    
“Instead, we developed an algorithm to detect data that is likely not needed by the processor. This allows us to keep 78 percent of main memory encrypted during typical operation, and only slows the system’s performance by 3.7 percent.”
    
The i-NVMM tool has two extra benefits as well. First, its algorithm also detects idleness. This means any data not currently in use – like your credit card number – is automatically encrypted. This makes i-NVMM even more protected than DRAM. Second, while 78 percent of the main memory is encrypted when the computer is in use, the other 22 percent is encrypted when the computer is turned off.
    
“Basically, unless someone accesses your computer while you’re using it, all of your data is protected,” Solihin says.
    
i-NVMM depends on a self-contained encryption engine that is integrated into a computer’s memory module – and no changes have to be made to a computer’s processor. That means it can be used with different processors and different systems. This is pretty awesome if you know how much trouble compatibility in computers can be.
    
“We’re now seeking industry partners who are interested in this technology,” Solihin says.
    
It’s probably a safe bet that many companies within the computer industry would be pretty interested in this new technology.
    
The paper, “i-NVMM: A Secure Non-Volatile Main Memory System with Incremental Encryption,” will be presented June 6 at the International Symposium on Computer Architecture (ISCA) in San Jose, Calif. It sounds like something that Silicon Valley will love.