Lightning talk for HPCA 2018.
Full paper: www.cs.utah.edu/~rajeev/pubs/h...
"Secure DIMM: Moving ORAM Primitives Closer to Memory", Ali Shafiee, Rajeev Balasubramonian, Mohit Tiwari, Feifei Li, 24th International Symposium on High-Performance Computer Architecture (HPCA-24) , Vienna, Austria, February 2018.
Paper abstract:
As more critical applications move to the cloud, there is
a pressing need to provide privacy guarantees for data and
computation. While cloud infrastructures are vulnerable to a
variety of attacks, in this work, we focus on an attack model
where an untrusted cloud operator has physical access to the
server and can monitor the signals emerging from the processor
socket. Even if data packets are encrypted, the sequence of
addresses touched by the program serves as an information
side channel. To eliminate this side channel, Oblivious RAM
constructs have been investigated for decades, but continue
to pose large overheads. In this work, we make the case that
ORAM overheads can be significantly reduced by moving some
ORAM functionality into the memory system. We first design
a secure DIMM (or SDIMM) that uses commodity low-cost
memory and an ASIC as a secure buffer chip. We then design
two new ORAM protocols that leverage SDIMMs to reduce
bandwidth, latency, and energy per ORAM access. In both
protocols, each SDIMM is responsible for part of the ORAM
tree. Each SDIMM performs a number of ORAM operations
that are not visible to the main memory channel. By having
many SDIMMs in the system, we are able to achieve highly
parallel ORAM operations. The main memory channel uses
its bandwidth primarily to service blocks requested by the
CPU, and to perform a small subset of the many shuffle
operations required by conventional ORAM. The new protocols
guarantee the same obliviousness properties as Path ORAM.
On a set of memory-intensive workloads, our two new ORAM
protocols - Independent ORAM and Split ORAM - are able to
improve performance by 1.9× and energy by 2.55×, compared
to Freecursive ORAM.
13 фев 2018
