Securing Memory Will Take More Than Cryptography Alone

By Scott Best, Rambus (March 3, 2023)

Advances in computing, storage and memory pave the way for a variety of innovations, from advanced sensor-fusion to autonomous driving and machine learning (ML). But with new technology comes new threats, and as memory evolves, so does the opportunity for cybercrime.

In traditional compute settings, small, secret algorithms could be confined primarily into on-chip memory within secure processor enclaves. But in state-of-the-art artificial intelligence (AI) and ML algorithms, the large size of the dataset often means most of the data resides in off-chip dynamic random-access memory (DRAM). Unfortunately, this memory is easier for adversaries to attack. Concerns about “data as IP” also extend to multi-tenant environments, where multiple virtual machines (VMs) simultaneously share the same physical memory. So-called “cross-VM attacks” (e.g., rowhammer as a tool for denial-of-service of even privilege escalation) are of increasing concern.

Traditional endpoint security can’t defend against memory-based attacks because they can occur invisibly, external to the chip. For example, there are dozens of inline DRAM socket testers and traffic analyzers that could be repurposed for copying DRAM contents, inserting malicious traffic, or even replaying authentic-but-obsolete DRAM traffic

To read the full article, click here