SECURITY

Hardware Encryption Makes Non-Volatile Main Memory Ultra-Secure

Rebecca Kutzer-Rice | Date: 05-31-11 | Comments

While non-volatile main memory boots faster and has higher capacities than dynamic random access memory, its security risk has proved to be a major setback. A new hardware encryption system could bring both faster start times and high security to the next generation of computers.

Many are looking to non-volatile main memory (NVMM) for the next generation of computers, but security concerns have limited its potential. Newly developed encryption hardware from researchers at North Carolina State University could protect private information while allowing for widespread adoption of NVMM.

Today's computers use dynamic random access memory (DRAM) for their main memory. DRAM is highly secure because it does not save any data when the computer is turned off, but it boots slowly and has limited capacity.

NVMM, on the other hand, is appealing because of its fast boot times and larger memory capacities. Future NVMM-equipped computers could turn on instantly. Unlike DRAM, however, NVMM saves personal data for years after a machine has been turned off. This could allow criminals to access information like credit card numbers and passwords.

A major setback in securing NVMM is software's inability to encrypt it, since software cannot supervise main memory processes.

The researchers created a hardware-based encryption solution called i-NVMM. The tool includes an algorithm to separate unnecessary information and speed up processes.

"We could use hardware to encrypt everything, but then the system would run very slowly�because it would constantly be encrypting and decrypting data," said Dr. Yan Solihin, associate professor of electrical and computer engineering at NC State, according to a statement.

"Instead, we developed an algorithm to detect data that is likely not needed by the processor. This allows us to keep 78 percent of main memory encrypted during typical operation, and only slows the system's performance by 3.7 percent."

While 78 percent of the information is encrypted during use, the remaining 22 percent is encrypted when the computer turns off.

"Basically, unless someone accesses your computer while you're using it, all of your data is protected," Solihin said.

The algorithm also detects idleness, so unused data�like your password�is automatically encrypted. The result is an encryption system even more secure than traditional DRAM.

i-NVMM uses a self-contained encryption engine, so it is compatible with various processors and systems.

"We're now seeking industry partners who are interested in this technology," Solihin said.

Researchers will present their paper about the system, titled "i-NVMM: A Secure Non-Volatile Main Memory System with Incremental Encryption," at the International Symposium on Computer Architecture (ISCA) in June. The project received funding from the National Science Foundation (NSF).