skip to main content
10.1145/3545008.3545061acmotherconferencesArticle/Chapter ViewAbstractPublication PagesicppConference Proceedingsconference-collections
research-article

A Dynamic and Recoverable BMT Scheme for Secure Non-Volatile Memory

Published: 13 January 2023 Publication History

Abstract

Data security is a key issue that non-volatile memory (NVM) system designers must consider. However, this is challenging because implementing security mechanisms such as bonsai merkle tree (BMT) in NVM needs to ensure crash recovery due to the non-volatile property of NVM. Existing schemes fail to efficiently guarantee the atomic BMT root update and instant system recovery required for BMT crash recovery, resulting in large write traffic and performance overhead. In this paper, we propose DR-TREE, a dynamic and recoverable BMT scheme for secure NVM, which reduces the update overhead of BMT root and achieves fast crash recovery with low write traffic. DR-TREE dynamically builds BMT and adjusts the updated BMT levels according to memory write requests, thus reducing unnecessary update overhead of BMT root. Next, based on the locality of memory write requests, DR-TREE merges repeated BMT updates, further decreasing the update overhead of BMT root. Moreover, DR-TREE achieves fast crash recovery with extremely low write traffic by delaying the partial recovery process. Experiments show that compared to the state-of-the-art design, DR-TREE improves the performance by 44.6%, decreases write traffic by 78.2% and achieves the system recovery in 5ms.

References

[1]
Mazen Alwadi, Aziz Mohaisen, and Amro Awad. 2021. ProMT: Optimizing Integrity Tree Updates for Write-Intensive Pages in Secure NVMs. In Proceedings of the ACM International Conference on Supercomputing (ICS’21). ACM, 479–490.
[2]
Mazen Alwadi, Kazi Zubair, David Mohaisen, and Amro Awad. 2020. Phoenix: Towards Ultra-Low Overhead, Recoverable, and Persistently Secure NVM. IEEE Transactions on Dependable and Secure Computing 19, 2 (2020), 1049–1063.
[3]
Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, Andre Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, Dan O’Keeffe, Mark L. Stillwell, David Goltzsche, Dave Eyers, Rüdiger Kapitza, Peter Pietzuch, and Christof Fetzer. 2016. SCONE: Secure Linux Containers with Intel SGX. In 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI’16). USENIX Association, Savannah, GA, 689–703.
[4]
Amro Awad, Laurent Njilla, and Mao Ye. 2019. Triad-NVM: Persistent-Security for Integrity-Protected and Encrypted Non-Volatile Memories. In Proceedings of the 46th ACM/IEEE International Symposium on Computer Architecture (ISCA’19). ACM/IEEE, 104–115.
[5]
Nathan Binkert, Bradford Beckmann, Gabriel Black, Steven K Reinhardt, Ali Saidi, Arkaprava Basu, Joel Hestness, Derek R. Hower, Tushar Krishna, Somayeh Sardashti, 2011. The gem5 simulator. ACM SIGARCH computer architecture news 39, 2 (2011), 1–7.
[6]
Zhengguo Chen, Youtao Zhang, and Nong Xiao. 2020. CacheTree: Reducing Integrity Verification Overhead of Secure Non-Volatile Memories. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 40, 7(2020), 1340–1353.
[7]
Intel Corporation. 2015. Introducing Intel Optane Technology - Bringing 3D XPoint Memory to Storage and Memory Products.
[8]
Victor Costan and Srinivas Devadas. 2016. Intel SGX Explained. IACR Cryptology ePrint Archive 2016, 86 (2016), 1–118.
[9]
Alexander Freij, Huiyang Zhou, and Yan Solihin. 2021. Bonsai Merkle Forests: Efficiently Achieving Crash Consistency in Secure Persistent Memory. In Proceedings of the 54st IEEE/ACM International Symposium on Microarchitecture (MICRO’21). ACM, 1227–1240.
[10]
Blaise Gassend, G. Edward Suh, Dwaine Clarke, Marten Van Dijk, and Srinivas Devadas. 2003. Caches and hash trees for efficient memory integrity verification. In Proceedings of the 9th IEEE International Symposium on High Performance Computer Architecture (HPCA’03). IEEE, 295–306.
[11]
John L. Henning. 2007. SPEC CPU2006 Memory Footprint. ACM SIGARCH Computer Architecture News 35, 1 (2007), 84–89.
[12]
Jianming Huang and Yu Hua. 2021. A Write-Friendly and Fast-Recovery Scheme for Security Metadata in Non-Volatile Memories. In 2021 IEEE International Symposium on High-Performance Computer Architecture (HPCA’21). IEEE, 359–370.
[13]
Intel. 2022. Achieve Greater Insight From Your Data with Intel Optane Persistent Memory. https://www.intel.com/content/www/us/en/products/docs/memory-storage/optane-persistent-memory/optane-persistent-memory-200-series-brief.html
[14]
Benjamin C. Lee, Engin Ipek, Onur Mutlu, and Doug Burger. 2009. Architecting phase change memory as a scalable dram alternative. ACM SIGARCH computer architecture news 37, 3 (2009), 2–13.
[15]
Tamara Silbergleit Lehman, Andrew D. Hilton, and Benjamin C. Lee. 2016. PoisonIvy: Safe speculation for secure memory. In 2016 49th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO’16). ACM, 1–13.
[16]
Mengya Lei, Fan Li, Fang Wang, Dan Feng, Xiaomin Zou, and Renzhi Xiao. 2021. SecNVM: An Efficient and Write-Friendly Metadata Crash Consistency Scheme for Secure NVM. ACM Trans. Archit. Code Optim. 19, 1 (2021), 26 pages.
[17]
Mengya Lei, Fang Wang, Dan Feng, Fan Li, and Xueliang Wei. 2021. Crash-Consistency-Aware Encryption for Non-Volatile Memories. In 50th International Conference on Parallel Processing (ICPP’21). ACM, 1–10.
[18]
Mengya Lei, Fang Wang, Dan Feng, Fan Li, and Jie Xu. 2020. An efficient persistency and recovery mechanism for SGX-style integrity tree in secure NVM. In Proceedings of the 23rd Conference on Design, Automation and Test in Europe (DATE’20). IEEE/ACM, 702–707.
[19]
Helger Lipmaa, Phillip Rogaway, and David Wagner. 2000. Comments to NIST concerning AES modes of operation: CTR-mode encryption.
[20]
Duo Liu, Tianzheng Wang, Yi Wang, Zili Shao, Qingfeng Zhuge, and Edwin H-M Sha. 2014. Application-specific wear leveling for extending lifetime of phase change memory in embedded systems. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 33, 10(2014), 1450–1462.
[21]
Sihang Liu, Aasheesh Kolli, Jinglei Ren, and Samira Khan. 2018. Crash consistency in encrypted non-volatile main memory systems. In Proceedings of the 24th IEEE International Symposium on High Performance Computer Architecture (HPCA’18). IEEE, 310–323.
[22]
David Mcgrew and John Viega. 2004. The Galois/counter mode of operation (GCM). Submission to NIST Modes of Operation Process (2004).
[23]
Brian Rogers, Siddhartha Chhabra, Milos Prvulovic, and Yan Solihin. 2007. Using address independent seed encryption and bonsai merkle trees to make secure processors os-and performance-friendly. In Proceedings of the 40th IEEE/ACM International Symposium on Microarchitecture (MICRO’07). IEEE/ACM, 183–196.
[24]
Andy M Rudoff. 2016. Deprecating the pcommit instruction.
[25]
Gururaj Saileshwar, Prashant Nair, Prakash Ramrakhyani, Wendy Elsasser, Jose Joao, and Moinuddin Qureshi. 2018. Morphable counters: Enabling compact integrity trees for low-overhead secure memories. In Proceedings of the 51st IEEE/ACM International Symposium on Microarchitecture (MICRO’18). IEEE/ACM, 416–427.
[26]
Gururaj Saileshwar, Prashant J. Nair, Prakash Ramrakhyani, Wendy Elsasser, and Moinuddin K. Qureshi. 2018. Synergy: Rethinking secure-memory design for error-correcting memories. In Proceedings of the 24th IEEE International Symposium on High Performance Computer Architecture (HPCA’18). IEEE, 454–465.
[27]
Cloyce D. Spradling. 2007. SPEC CPU2006 benchmark tools. ACM SIGARCH Computer Architecture News 35, 1 (2007), 130–134.
[28]
G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten van Dijk, and Srinivas Devadas. 2003. Efficient Memory Integrity Verification and Encryption for Secure Processors. In Proceedings of the 36th IEEE/ACM International Symposium on Microarchitecture (MICRO’03). IEEE/ACM, 339–350.
[29]
Shivam Swami and Kartik Mohanram. 2018. ACME: Advanced counter mode encryption for secure non-volatile memories. In Proceedings of the 55th ACM/ESDA/IEEE Design Automation Conference (DAC’18). IEEE/ACM, 1–6.
[30]
Meysam Taassori, Rajeev Balasubramonian, Siddhartha Chhabra, Alaa R. Alameldeen, Manjula Peddireddy, Rajat Agarwal, and Ryan Stutsman. 2020. Compact leakage-free support for integrity and reliability. In Proceedings of the 47th ACM/IEEE International Symposium on Computer Architecture (ISCA’20). ACM/IEEE, 735–748.
[31]
Meysam Taassori, Ali Shafiee, and Rajeev Balasubramonian. 2018. VAULT: Reducing paging overheads in SGX with efficient integrity verification structures. In Proceedings of the 23rd International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS’18). ACM, 665–678.
[32]
Chenyu Yan, Daniel Englender, Milos Prvulovic, Brian Rogers, and Yan Solihin. 2006. Improving cost, performance, and security of memory encryption and authentication. ACM SIGARCH Computer Architecture News 34, 2 (2006), 179–190.
[33]
Fan Yang, Youmin Chen, Haiyu Mao, Youyou Lu, and Jiwu Shu. 2020. ShieldNVM: An Efficient and Fast Recoverable System for Secure Non-Volatile Memory. ACM Transactions on Storage 16, 2 (2020), 1–31.
[34]
Mao Ye, Clayton Hughes, and Amro Awad. 2018. Osiris: A Low-Cost Mechanism to Enable Restoration of Secure Non-Volatile Memories. In Proceedings of the 51st IEEE/ACM International Symposium on Microarchitecture (MICRO’18). IEEE/ACM, 403–415.
[35]
Kazi Abu Zubair and Amro Awad. 2019. Anubis: Ultra-Low Overhead and Recovery Time for Secure Non-Volatile Memories. In Proceedings of the 46th ACM/IEEE International Symposium on Computer Architecture (ISCA’19). ACM/IEEE, 157–168.
[36]
Pengfei Zuo, Yu Hua, and Yuan Xie. 2019. SuperMem: Enabling Application-Transparent Secure Persistent Memory with Low Overheads. In Proceedings of the 52nd IEEE/ACM International Symposium on Microarchitecture (MICRO’19). IEEE/ACM, 479–492.

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
ICPP '22: Proceedings of the 51st International Conference on Parallel Processing
August 2022
976 pages
ISBN:9781450397339
DOI:10.1145/3545008
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 January 2023

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. atomic update
  2. crash recovery
  3. non-volatile memory
  4. security

Qualifiers

  • Research-article
  • Research
  • Refereed limited

Funding Sources

Conference

ICPP '22
ICPP '22: 51st International Conference on Parallel Processing
August 29 - September 1, 2022
Bordeaux, France

Acceptance Rates

Overall Acceptance Rate 91 of 313 submissions, 29%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 102
    Total Downloads
  • Downloads (Last 12 months)32
  • Downloads (Last 6 weeks)4
Reflects downloads up to 17 Feb 2025

Other Metrics

Citations

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format.

HTML Format

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media