Aktivitäten pro Jahr
Abstract
In this paper, we present CSI:Rowhammer, a principled hardware-software co-design Rowhammer mitigation with cryptographic security and integrity guarantees, that does not focus on any specific properties of Rowhammer.
We design a new memory error detection mechanism based on a low-latency cryptographic MAC and an exception mechanism initiating a software-level correction routine.
The exception handler uses a novel instruction-set extension for the error correction and resumes execution afterward.
In contrast to regular ECCDRAM that remains exploitable if more than 2 bits are flipped, CSI:Rowhammer maintains the security level of the cryptographic MAC.
We evaluate CSI:Rowhammer in a gem5 proof-of-concept implementation. Under normal conditions, we see latency overheads below 0.75 % and no memory overhead compared to off-the-shelf ECC-DRAM.
While the average latency to correct a single bitflip is below 20 ns (compared to a range from a few nanoseconds to several milliseconds for state-of-the-art ECC memory), CSI:Rowhammer can detect any number of bitflips with overwhelming probability and correct at least 8 bitflips in practical time constraints.
We design a new memory error detection mechanism based on a low-latency cryptographic MAC and an exception mechanism initiating a software-level correction routine.
The exception handler uses a novel instruction-set extension for the error correction and resumes execution afterward.
In contrast to regular ECCDRAM that remains exploitable if more than 2 bits are flipped, CSI:Rowhammer maintains the security level of the cryptographic MAC.
We evaluate CSI:Rowhammer in a gem5 proof-of-concept implementation. Under normal conditions, we see latency overheads below 0.75 % and no memory overhead compared to off-the-shelf ECC-DRAM.
While the average latency to correct a single bitflip is below 20 ns (compared to a range from a few nanoseconds to several milliseconds for state-of-the-art ECC memory), CSI:Rowhammer can detect any number of bitflips with overwhelming probability and correct at least 8 bitflips in practical time constraints.
Originalsprache | englisch |
---|---|
Titel | 44th IEEE Symposium on Security and Privacy |
Publikationsstatus | Veröffentlicht - 2023 |
Veranstaltung | 43th IEEE Symposium on Security and Privacay: IEEE S&P 2023 - San Francisco, USA / Vereinigte Staaten Dauer: 22 Mai 2023 → 24 Mai 2023 |
Konferenz
Konferenz | 43th IEEE Symposium on Security and Privacay |
---|---|
Kurztitel | IEEE S&P 2023 |
Land/Gebiet | USA / Vereinigte Staaten |
Ort | San Francisco |
Zeitraum | 22/05/23 → 24/05/23 |
Fingerprint
Untersuchen Sie die Forschungsthemen von „CSI:Rowhammer – Cryptographic Security and Integrity against Rowhammer“. Zusammen bilden sie einen einzigartigen Fingerprint.Aktivitäten
- 2 Vortrag bei Workshop, Seminar oder Kurs
-
Exploiting RowPress and RowHammer and How To Defend Against It
Juffinger, J. (Redner/in)
16 Juli 2024Aktivität: Vortrag oder Präsentation › Vortrag bei Workshop, Seminar oder Kurs › Science to science
-
Rowhammer - A Never Ending Story?
Juffinger, J. (Redner/in)
2 Apr. 2024Aktivität: Vortrag oder Präsentation › Vortrag bei Workshop, Seminar oder Kurs › Science to science