Encryption Protection for New Computer Memory

Tuesday, May 17, 2011 @ 05:05 PM gHale

Non-volatile main memory (NVMM) technology is the next-generation of computers that will improve start times and boost memory capacity.

But where does security play into NVMM? New encryption hardware is under development for use with NVMM to protect personal information and other data, said researchers at North Carolina State University.

NVMM technologies, such as phase-change memory, hold great promise to replace conventional dynamic random access memory (DRAM) in the main memory of computers. NVMM would allow computers to start instantly, and can fit more memory into the same amount of space used by existing technologies. However, NVMM poses a security risk.

Conventional DRAM main memory does not store data once the computer turns off. That means, for example, that it doesn’t store your credit card number and password after an online shopping spree. NVMM, on the other hand, retains all user data in main memory even years after the computer turns off. This feature could give criminals access to your personal information or other data if your laptop or smart phone fell into the wrong hands. And, because the data in the NVMM remains stored in main memory, the user cannot encrypt it using software. Software cannot manage main memory functions, because software itself operates in main memory.

NC State researchers call this new hardware encryption system i-NVMM.

“We could use hardware to encrypt everything,” said Dr. Yan Solihin, associate professor of electrical and computer engineering at NC State and co-author of a paper on the subject, “but then the system would run very slowly – because it would constantly be encrypting and decrypting data.

“Instead, we developed an algorithm to detect data that is likely not needed by the processor. This allows us to keep 78 percent of main memory encrypted during typical operation, and only slows the system’s performance by 3.7 percent.”

The i-NVMM tool has two additional benefits as well. First, its algorithm also detects idleness. That means any data not currently in use – such as your credit card number –automatically undergoes encryption. This makes i-NVMM even more secure than DRAM. Second, while 78 percent of the main memory encrypts when the computer is in use, the remaining 22 percent encrypts when you power down the computer.

“Basically, unless someone accesses your computer while you’re using it, all of your data is protected,” Solihin said.

i-NVMM relies on a self-contained encryption engine that incorporates into a computer’s memory module – and does not require changes to the computer’s processors. That means it can work with different processors and different systems.

“We’re now seeking industry partners who are interested in this technology,” Solihin said.

Leave a Reply

You must be logged in to post a comment.