Field of the Disclosure
The present disclosure relates generally to processing systems utilizing memory for data storage and, more particularly, to processing systems utilizing encrypted memory.
Description of the Related Art
The use of encrypted memory (that is, where the contents of memory are encrypted) has been proposed as a way to enhance security in settings where the data owner does not have physical control over the hardware used for execution. However, conventional approaches to encrypted memory are vulnerable to rudimentary attack techniques due to the need to individually and separately encrypt cache lines in view of the unpredictability of memory accesses, and the constraints of the typical processor-memory architecture.
Conventional encrypted memory implementations typically rely on electronic codebook (ECB)-based encryption schemes in which the data to be stored in the memory is encrypted solely as a function of the data and the encryption key to be used. This approach has a number of weaknesses, such as the fact that any two cache lines that have the same plaintext result in the same ciphertext, which can leak information about the data to an observer of the encrypted data. Such information makes ECB prone to “dictionary” attacks in which statistical properties of the data may be used to infer information about the encrypted data and possibly to even decipher the encryption key used to encrypt the data. Another weakness of conventional ECB-based encrypted memory implementations is that they are prone to data “injection” attacks in which an attacker injects traffic onto the interconnect between the processor and the memory that can corrupt or overwrite the encrypted data. To thwart such attacks, conventional encrypted memory systems often rely on the generation of tree-based structures over the entire contents of the memory, and thus requiring many memory accesses to authenticate each load operation or store operation.