Researchers develop hardware encryption for new computer memory technology

May 17, 2011

Security concerns are one of the key obstacles to the adoption of new non-volatile main memory (NVMM) technology in next-generation computers, which would improve computer start times and boost memory capacity. But now researchers from North Carolina State University have developed new encryption hardware for use with NVMM to protect personal information and other data.

NVMM technologies, such as , hold great promise to replace conventional dynamic (DRAM) in the main memory of computers. NVMM would allow computers to start instantly, and can fit more memory into the same amount of space used by existing technologies. However, NVMM poses a .

Conventional DRAM main memory does not store data once the computer is turned off. That means, for example, that it doesn't store your credit card number and password after an online shopping spree. NVMM, on the other hand, retains all user data in main memory even years after the computer is turned off. This feature could give criminals access to your personal information or other data if your laptop or smart phone were stolen. And, because the data in the NVMM is stored in main memory, it cannot be encrypted using software. Software cannot manage main , because software itself operates in main memory.

NC State researchers have developed a solution using a hardware encryption system called i-NVMM.

"We could use hardware to encrypt everything," explains Dr. Yan Solihin, associate professor of electrical and computer engineering at NC State and co-author of a paper describing i-NVMM, "but then the system would run very slowly – because it would constantly be encrypting and decrypting data.

"Instead, we developed an algorithm to detect data that is likely not needed by the processor. This allows us to keep 78 percent of main memory encrypted during typical operation, and only slows the system's performance by 3.7 percent."

The i-NVMM tool has two additional benefits as well. First, its algorithm also detects idleness. That means any data not currently in use – such as your credit card number – is automatically encrypted. This makes i-NVMM even more secure than DRAM. Second, while 78 percent of the main memory is encrypted when the computer is in use, the remaining 22 percent is encrypted when the computer is powered down.

"Basically, unless someone accesses your computer while you're using it, all of your data is protected," Solihin says.

i-NVMM relies on a self-contained encryption engine that is incorporated into a computer's memory module – and does not require changes to the computer's processors. That means it can be used with different processors and different systems.

"We're now seeking industry partners who are interested in this technology," Solihin says.

Explore further: Google DeepMind acquisition researchers working on a Neural Turing Machine

More information: The paper, "i-NVMM: A Secure Non-Volatile Main Memory System with Incremental Encryption," will be presented June 6 at the International Symposium on Computer Architecture (ISCA) in San Jose, Calif. The paper was co-authored by Dr. Siddhartha Chhabra, a former Ph.D. student at NC State.

Related Stories

New device may revolutionize computer memory

Jan 20, 2011

(PhysOrg.com) -- Researchers from North Carolina State University have developed a new device that represents a significant advance for computer memory, making large-scale "server farms" more energy efficient and allowing ...

New software design technique allows programs to run faster

Apr 05, 2010

(PhysOrg.com) -- Researchers at North Carolina State University have developed a new approach to software development that will allow common computer programs to run up to 20 percent faster and possibly incorporate new security ...

Faster, more durable flash memory sought out for project

Oct 29, 2010

USB flash drives have become nearly ubiquitous and are now dressed out as everything from Winnie the Pooh to hand grenades. But to further expand flash memory’s use in such applications as the main memory of a computer, ...

Recommended for you

Saving lots of computing capacity with a new algorithm

Oct 29, 2014

The control of modern infrastructure such as intelligent power grids needs lots of computing capacity. Scientists of the Interdisciplinary Centre for Security, Reliability and Trust (SnT) at the University of Luxembourg have ...

User comments : 4

Adjust slider to filter visible comments by rank

Display comments: newest first

antialias
not rated yet May 17, 2011
Neat idea.

However, I'm donning my tinfoil hat and will predict that governments will want a back door into this technology.
eachus
not rated yet May 17, 2011
However, I'm donning my tinfoil hat and will predict that governments will want a back door into this technology.


Sorry, that meme died a decade or so ago. I won't go into the details here, but the demonstration that backdoors don't work was pretty brutal. The government can either have (they hope) some security in their own communications, or a backdoor into everyone's communications that can be bypassed.

As a result we now have the AES algorithm which was developed publicly without backdoors, and Diffie-Hellman for generating per message keys.

What algorithm does this system use? The article doesn't say but hardware implementations of AES are available.
PPihkala
not rated yet May 17, 2011
I think that detecting idleing should allow turning that idle memory off, making such a system more energy efficient.
kaasinees
not rated yet May 17, 2011
define idle.

If it means the memory region is no longer allocated then this is pointless.
If it means the memory is used but has not been read/write in a long time the application has been poorly written.

If we can give every application a different encryption only known to the OS then no harmful application can access the other process memory unless it can hack into the OS memory and get the key. However in a properly written OS one program can not access memory outside of its allocated memory anyway.

Nah this is useless, coming from a Computer Scientist.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.