Abstract
In this paper, we present CSI:Rowhammer, a principled hardware-software co-design Rowhammer mitigation with cryptographic security and integrity guarantees, that does not focus on any specific properties of Rowhammer.
We design a new memory error detection mechanism based on a low-latency cryptographic MAC and an exception mechanism initiating a software-level correction routine.
The exception handler uses a novel instruction-set extension for the error correction and resumes execution afterward.
In contrast to regular ECCDRAM that remains exploitable if more than 2 bits are flipped, CSI:Rowhammer maintains the security level of the cryptographic MAC.
We evaluate CSI:Rowhammer in a gem5 proof-of-concept implementation. Under normal conditions, we see latency overheads below 0.75 % and no memory overhead compared to off-the-shelf ECC-DRAM.
While the average latency to correct a single bitflip is below 20 ns (compared to a range from a few nanoseconds to several milliseconds for state-of-the-art ECC memory), CSI:Rowhammer can detect any number of bitflips with overwhelming probability and correct at least 8 bitflips in practical time constraints.
We design a new memory error detection mechanism based on a low-latency cryptographic MAC and an exception mechanism initiating a software-level correction routine.
The exception handler uses a novel instruction-set extension for the error correction and resumes execution afterward.
In contrast to regular ECCDRAM that remains exploitable if more than 2 bits are flipped, CSI:Rowhammer maintains the security level of the cryptographic MAC.
We evaluate CSI:Rowhammer in a gem5 proof-of-concept implementation. Under normal conditions, we see latency overheads below 0.75 % and no memory overhead compared to off-the-shelf ECC-DRAM.
While the average latency to correct a single bitflip is below 20 ns (compared to a range from a few nanoseconds to several milliseconds for state-of-the-art ECC memory), CSI:Rowhammer can detect any number of bitflips with overwhelming probability and correct at least 8 bitflips in practical time constraints.
| Original language | English |
|---|---|
| Title of host publication | 44th IEEE Symposium on Security and Privacy |
| Publication status | Published - 2023 |
| Event | 43th IEEE Symposium on Security and Privacay: IEEE S&P 2023 - San Francisco, United States Duration: 22 May 2023 → 24 May 2023 |
Conference
| Conference | 43th IEEE Symposium on Security and Privacay |
|---|---|
| Abbreviated title | IEEE S&P 2023 |
| Country/Territory | United States |
| City | San Francisco |
| Period | 22/05/23 → 24/05/23 |