i-NVMM: Securing non-volatile memory on the fly

The dynamic in Dynamic Random Access Memory (DRAM) implies electricity is required to maintain the charge of designated capacitors in the memory chip. Shut power off, capacitors discharge, and data vanishes.

In 2008, a group of Princeton researchers discovered by freezing DRAM chips, the charged/discharged state of capacitors was maintained long enough for researchers to snare data stored on the chips. Thankfully, it's not easy, so the crack never became mainstream.

Fast forward to 2011: researchers are trying to replace DRAM with more-efficient and power-friendly Non-Volatile Main Memory (NVMM). Here's what has hardware developers excited:

• No refresh power is required to maintain stored data.
• Resumption from sleep or hibernation is instantaneous.
• NVMM can fit more memory into the same amount of space used by existing technologies.

Remember the saying, "Along with the good, comes the bad"? Well, that applies to NVMM. Not requiring refresh power means data will persist indefinitely on NVMM memory chips when power is removed.

That gives the gang at Princeton, or someone who steals your notebook, plenty of time to extract stored data. My computer could have 4 GB's worth.

There is a solution

I'd like to introduce you to i-NVMM, a potential solution and creation of Dr. Siddhartha Chhabra (Intel) and Dr. Yan Solihin (North Carolina State University). In their paper, "i-NVMM: A Secure Non-Volatile Main Memory System with Incremental Encryption," the researchers describe i-NVMM as:

"A data privacy protection scheme for non-volatile main memory (NVMM). i-NVMM relies on a memory-side encryption engine to support encrypted main memory, hence it does not rely on specific architecture support."

Sounds simple enough, but it's not. I was trying to understand this slide:

Here is their explanation:

"Figure 6 shows hardware components that are added to a non-volatile main memory (NVMM) module. One added component is Page Status Table (PST), an SRAM structure that keeps track of the status of each page:

• 1-bit that indicates whether a page is currently encrypted or not (Enc-Status).
• The last time the page was accessed (LastAcc).
• The number of times the page has been accessed (numAcc).
• The next page accessed after this one (NextPage).
• 1-bit that indicates whether a page is pending for encryption/decryption or not (Pending).

LastAcc is used by the Inert Page Prediction (IPP) to predict a page as inert in order to encrypt it. NumAcc is used for tracking how many accesses have been received by a currently-encrypted page in order to decide when it should be queued for decryption."

Did you get that? I didn't. But, I wanted to. So I phoned the researchers. Dr. Chhabra consented to answer my barrage of questions.

Kassner: To begin, I am familiar with Non-Volatile Memory (NVM), but not Non-Volatile Main Memory (NVMM). What is the difference? Chhabra: You can think of NVM as any computer memory that retains stored information even if power is removed-flash drives and hard drives being two examples. NVM is not a new concept. The technology was first developed in the 1960s.

NVMM is a new concept. Consider it to be the entire system needed to replace DRAM. Among other components, NVMM will include NVM technologies, most likely Phase-Change Memory (PCM) or Magnetoresistive RAM (MRAM).

Kassner: The non-volatility of NVM appears to be a double-edged sword, good for computing, bad for security. I'm guessing security was not a major consideration back in 1960.

You and Dr. Solihin do have a solution: i-NVMM. Would you please give us an overview of the technology behind i-NVMM?

Chhabra: We realize that non-volatility is an important property, regardless of the fact that it makes it easier for attackers to scan the main memory. Hence, we propose a solution to bridge the vulnerability and ensure the system retains all the properties afforded by non-volatility.

Here are a few lines from the paper. They best summarize our proposal.

Emerging technologies for building non-volatile main memory (NVMM) systems suffer from a security vulnerability where information lingers on long after the system is powered down, enabling an attacker with physical access to the system to extract sensitive information off the memory. The goal of this study is to find a solution for such security vulnerability.

We introduce i-NVMM, a data privacy protection scheme for NVMM, where the main memory is encrypted incrementally [Kassner: the "i" in i-NVMM], i.e. different data in the main memory is encrypted at different times depending on whether the data is predicted to still be useful to the processor.

The motivation behind incremental encryption is the observation that the working set of an application is much smaller than its resident set. By identifying the working set and encrypting the remaining part of the resident set, i-NVMM can keep the majority of the main memory encrypted at all times without penalizing performance by much.

Our experiments demonstrate promising results. i-NVMM keeps 78% of the main memory encrypted across SPEC2006 benchmarks, yet only incurs 3.7% execution time overhead, and has a negligible impact on the write endurance of NVMM, all achieved with a relatively simple hardware support in the memory module.

Kassner: When you talk about NVMM and i-NVMM, are you suggesting that DRAM be replaced? Chhabra: This is something that is currently under research. There are various possibilities.

Physically, NVM can replace DRAM, but NVM is typically slower than DRAM and has limited write endurance. Those two issues, in all likelihood, will force the replacement memory to be a hybrid system.

Where the main memory system will consist of a small DRAM buffer—to exploit its speed and better write endurance—and a non-volatile memory like PCM to exploit its density properties.

In our work with encryption, we specifically talk about NVMM replacing DRAM totally. However, the solution is equally applicable and needed in a hybrid memory system like the one I described above.

Kassner: In the paper, you refer to a selection process that i-NVMM uses to encrypt and decrypt data. That is fascinating. How is that possible? Chhabra: i-NVMM predicts whether data is useful to the application or not. In essence, applications refer or touch more data than they actually access. The data an application touches is known as the resident set and the data an application uses when in steady state is the working set.

If a scheme blindly encrypts the memory, both the working set and the resident set will be encrypted. That causes the application to suffer high performance overhead, as data needs to be decrypted before it's fed to the application.

By detecting inactive memory pages — using hardware counters in the memory module — the memory-side cryptographic engine can predict the pages that are not a part of the resident set — we call them inert pages. Once a page is identified as inert, it is encrypted by the memory-side cryptographic engine.

Kassner: How do you envision i-NVMM? Is it additional firmware, or is it supplemental hardware attached to the memory module? Chhabra: We envision i-NVMM to be totally implemented inside the memory module, not requiring any additional hardware/software/firmware support outside the memory module. Kassner: Besides encrypting data, does i-NVMM improve security in other ways? I was specifically thinking that the prediction qualities of i-NVMM might prevent buffer overflows. Chhabra: No, i-NVMM is not designed for protecting software attacks like the one you mentioned. It is designed specifically to protect non-volatile data in NVMMs. I might add that not protecting the data can be a showstopper in the adoption of NVMM. Kassner: What happens when the computer is shut off? Is the memory wiped clean? Or does i-NVMM encrypt all of the data stored in memory? That seems like it would be an important consideration. Chhabra: When the system is shutoff, i-NVMM encrypts the pages that are currently not encrypted (these will be the pages that were being used by applications). We do not want to wipe out the entire memory at shut down as then we lose the non-volatility properties of NVMs. That is one thing we don't want.

In an attack scenario, where the attacker steals the memory module of a running system, we ensure the attacker will not gain anything useful. The i-NVMM has a small CMOS battery as reserve on the memory module to ensure that in such a case i-NVMM has enough power to encrypt the pages that are currently in plaintext.

Kassner: What is next on the agenda for i-NVMM? Chhabra: We are seeking industry partners interested in this technology to patent and prototype i-NVMM. Final thoughts

It is nice to see advances being made, particularly with hardware that will improve computer usage. Another thing I like to see is security being part and parcel of the development process. That is so not 1960s.

Finally, I would like to thank Dr. Chhabra for explaining the cutting-edge research around NVMM and i-NVMM.