CSI:Rowhammer – Cryptographic Security and Integrity against Rowhammer

Jonas Juffinger*, Lukas Anton Lamster, Andreas Kogler, Maria Eichlseder, Moritz Lipp, Daniel Gruss

*Korrespondierende/r Autor/-in für diese Arbeit

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem KonferenzbandBegutachtung


In this paper, we present CSI:Rowhammer, a principled hardware-software co-design Rowhammer mitigation with cryptographic security and integrity guarantees, that does not focus on any specific properties of Rowhammer.
We design a new memory error detection mechanism based on a low-latency cryptographic MAC and an exception mechanism initiating a software-level correction routine.
The exception handler uses a novel instruction-set extension for the error correction and resumes execution afterward.
In contrast to regular ECCDRAM that remains exploitable if more than 2 bits are flipped, CSI:Rowhammer maintains the security level of the cryptographic MAC.
We evaluate CSI:Rowhammer in a gem5 proof-of-concept implementation. Under normal conditions, we see latency overheads below 0.75 % and no memory overhead compared to off-the-shelf ECC-DRAM.
While the average latency to correct a single bitflip is below 20 ns (compared to a range from a few nanoseconds to several milliseconds for state-of-the-art ECC memory), CSI:Rowhammer can detect any number of bitflips with overwhelming probability and correct at least 8 bitflips in practical time constraints.
Titel44th IEEE Symposium on Security and Privacy
PublikationsstatusVeröffentlicht - 2023
Veranstaltung43th IEEE Symposium on Security and Privacay: IEEE S&P 2023 - San Francisco, USA / Vereinigte Staaten
Dauer: 22 Mai 202324 Mai 2023


Konferenz43th IEEE Symposium on Security and Privacay
KurztitelIEEE S&P 2023
Land/GebietUSA / Vereinigte Staaten
OrtSan Francisco


Untersuchen Sie die Forschungsthemen von „CSI:Rowhammer – Cryptographic Security and Integrity against Rowhammer“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren