research-article

Public Access

Bonsai Merkle Forests: Efficiently Achieving Crash Consistency in Secure Persistent Memory

Authors:

Alexander Freij,

Yan SolihinAuthors Info & Claims

MICRO '21: MICRO-54: 54th Annual IEEE/ACM International Symposium on Microarchitecture

Pages 1227 - 1240

https://doi.org/10.1145/3466752.3480067

Published: 17 October 2021 Publication History

All formats PDF

Abstract

Due to its durability, the security of persistent memory (PM) needs to be ensured. Recent works have identified the requirements for correctly architecting secure PM to achieve crash recoverability. A key performance bottleneck, however, lies in the integrity tree update, which needs to be consistent with the memory persistency model and incurs a very high performance overhead. In this paper, we aim to drastically reduce this performance overhead.

First, we propose to leverage a small on-chip non-volatile metadata cache (nvMC) for keeping a small portion of the integrity tree. We show that nvMC cannot be managed like a regular cache due to violating crash recoverability, and hence derive a set of invariants to be satisfied for the nvMC to work properly. Then, we propose the idea of Bonsai Merkle Forests (BMF), which splits an integrity tree into multiple trees, leading to a forest, with the tree roots maintained in the nvMC. We propose and analyze different ways of BMF management. Our experimental results show that our proposed BMF schemes drastically reduce the performance overhead of BMT root updates, from 426% to just 3.5%.

References

[1]

Mohammad Alshboul, Prakash Ramrakhyani, William Wang, James Tuck, and Yan Solihin. 2021. BBB: Simplifying Persistent Programming using Battery-Backed Buffers. In The 27th IEEE International Symposium on High-Performance Computer Architecture (HPCA-27).

[2]

Mohamad Alshboul, James Tuck, and Yan Solihin. 2018. Lazy Persistency: A High-Performing and Write-Efficient Software Persistency Technique. In 2018 ACM/IEEE 45th Annual International Symposium on Computer Architecture (ISCA).

[3]

M. Alwadi, K. Zubair, D. Mohaisen, and A. Awad. 2020. Phoenix: Towards Ultra-Low Overhead, Recoverable, and Persistently Secure NVM. IEEE Transactions on Dependable and Secure Computing (2020).

[4]

AMD. 2020. AMD SEV-SNP: Strengthening VM Isolation with Integrity Protection and More. (2020).

[5]

Amro Awad, Laurent Njilla, and Mao Ye. 2019. Triad-NVM: Persistent-Security for Integrity-Protected and Encrypted Non-Volatile Memories (NVMs). In Proceedings of the 46th International Symposium on Computer Architecture.

Digital Library

[6]

Nathan Binkert, Bradford Beckmann, Gabriel Black, Steven K. Reinhardt, Ali Saidi, Arkaprava Basu, Joel Hestness, Derek R. Hower, Tushar Krishna, Somayeh Sardashti, Rathijit Sen, Korey Sewell, Muhammad Shoaib, Nilay Vaish, Mark D. Hill, and David A. Wood. 2011. The Gem5 Simulator. SIGARCH Comput. Archit. News(2011).

[7]

Guy E. Blelloch, Phillip B. Gibbons, Yan Gu, Charles McGuffey, and Julian Shun. 2018. The Parallel Persistent Memory Model. In Proceedings of the 30th on Symposium on Parallelism in Algorithms and Architectures.

Digital Library

[8]

Dhruva R. Chakrabarti, Hans-J. Boehm, and Kumud Bhandari. 2014. Atlas: Leveraging Locks for Non-volatile Memory Consistency. In Proceedings of the 2014 ACM International Conference on Object Oriented Programming Systems Languages & Applications.

Digital Library

[9]

Siddhartha Chhabra, Brian Rogers, and Yan Solihin. 2009. SHIELDSTRAP: Making Secure Processors Truly Secure. In Proceedings of the 2009 IEEE International Conference on Computer Design.

[10]

Siddartha Chhabra and Yan Solihin. 2011. i-NVMM: A secure non-volatile main memory system with incremental encryption. In 2011 38th Annual International Symposium on Computer Architecture (ISCA).

Digital Library

[11]

Jeremy Condit, Edmund B. Nightingale, Christopher Frost, Engin Ipek, Benjamin Lee, Doug Burger, and Derrick Coetzee. 2009. Better I/O Through Byte-addressable, Persistent Memory. In Proceedings of the ACM SIGOPS 22Nd Symposium on Operating Systems Principles.

Digital Library

[12]

Victor Costan and Srinivas Devadas. 2016. Intel SGX Explained. Cryptology ePrint Archive, Report 2016/086.

[13]

Subramanya R. Dulloor, Sanjay Kumar, Anil Keshavamurthy, Philip Lantz, Dheeraj Reddy, Rajesh Sankaran, and Jeff Jackson. 2014. System Software for Persistent Memory. In Proceedings of the Ninth European Conference on Computer Systems.

Digital Library

[14]

Alexander Freij, Shougang Yuan, Huiyang Zhou, and Yan Solihin. 2020. Persist Level Parallelism: Streamlining Integrity Tree Updates for Secure Persistent Non-Volatile Memory. In Proceedings of the 53rd Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).

[15]

Blaise Gassend, G. Edward Suh, Dwaine Clarke, Martin van Dijk, and Srinivas Devadas. 2003. Caches and hash trees for efficient memory integrity verification. In The Ninth International Symposium on High-Performance Computer Architecture, 2003. HPCA-9 2003. Proceedings.

[16]

J. Halderman, S. Schoen, N. Heninger, W. Clarkson, W. Paul, J. Calandrino, A. Feldman, J. Appelbaum, and E. Felten. 2008. Lest We Remember: Cold Boot Attacks on Encryption Keys. In USENIX Security Symposium.

[17]

John L. Henning. 2006. SPEC CPU2006 Benchmark Descriptions. SIGARCH Comput. Archit. News(2006).

[18]

Intel. 2015. Intel and Micron Produce Breakthrough Memory Technology. (2015).

[19]

Intel. 2021. Intel® Architecture Memory Encryption Technologies. (2021).

[20]

David Kaplan, Jeremy Powell, and Tom Woller. 2016. AMD Memory Encryption. (2016).

[21]

R. B. Lee, P. C. S. Kwan, J. P. McGregor, J. Dwoskin, and Zhenghong Wang. 2005. Architecture for protecting critical secrets in microprocessors. In 32nd International Symposium on Computer Architecture (ISCA’05).

Digital Library

[22]

Tamara Silbergleit Lehman, Andrew D. Hilton, and Benjamin C. Lee. 2016. PoisonIvy: Safe Speculation for Secure Memory. In The 49th Annual IEEE/ACM International Symposium on Microarchitecture.

[23]

Chen Liu and Chengmo Yang. 2015. Secure and Durable (SEDURA): An Integrated Encryption and Wear-leveling Framework for PCM-based Main Memory. In Proceedings of the 16th ACM SIGPLAN/SIGBED Conference on Languages, Compilers and Tools for Embedded Systems 2015 CD-ROM.

Digital Library

[24]

Sihang Liu, Aasheesh Kolli, Jinglei Ren, and Samira Manabi Khan. 2018. Crash Consistency in Encrypted Non-volatile Main Memory Systems. 2018 IEEE International Symposium on High Performance Computer Architecture (HPCA) (2018).

[25]

Sihang Liu, Korakit Seemakhupt, Gennady Pekhimenko, Aasheesh Kolli, and Samira Khan. 2019. Janus: Optimizing Memory and Storage Support for Non-volatile Memory Systems. In Proceedings of the 46th International Symposium on Computer Architecture(ISCA ’19).

Digital Library

[26]

Sanketh Nalli, Swapnil Haria, Mark D. Hill, Michael M. Swift, Haris Volos, and Kimberly Keeton. 2017. An Analysis of Persistent Memory Use with WHISPER. In Proceedings of the Twenty-Second International Conference on Architectural Support for Programming Languages and Operating Systems.

Digital Library

[27]

Xiang Pan, Anys Bacha, Spencer Rudolph, Li Zhou, Yinqian Zhang, and Radu Teodorescu. 2018. NVCool: When Non-Volatile Caches Meet Cold Boot Attacks. 2018 IEEE 36th International Conference on Computer Design (ICCD) (2018).

[28]

Steven Pelley, Peter Chen, and Thomas Wenisch. 2014. Memory Persistency. In Proceeding of the 41st Annual International Symposium on Computer Architecuture (ISCA).

[29]

Joydeep Rakshit and Kartik Mohanram. 2017. ASSURE: Authentication Scheme for SecURE Energy Efficient Non-Volatile Memories. In Proceedings of the 54th Annual Design Automation Conference 2017.

Digital Library

[30]

Brian Rogers, Siddhartha Chhabra, Milos Prvulovic, and Yan Solihin. 2007. Using Address Independent Seed Encryption and Bonsai Merkle Trees to Make Secure Processors OS- and Performance-Friendly. 40th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).

Digital Library

[31]

Brian Rogers, Milos Prvulovic, and Yan Solihin. 2006. Efficient Data Protection for Distributed Shared Memory Multiprocessors. In Proceedings of the 15th International Conference on Parallel Architectures and Compilation Techniques.

Digital Library

[32]

Brian Rogers, Chenyu Yan, Siddhartha Chhabra, Milos Prvulovic, and Yan Solihin. 2008. Single-Level Integrity and Confidentiality Protection for Distributed Shared Memory Multiprocessors. In in Proceedings of the 14th International Symposium on High Performance Computer Architecture (HPCA-14.

[33]

Andy Rudoff. 2016. Deprecating the PCOMMIT Instruction. (2016).

[34]

Andy Rudoof. [n. d.]. Persistent Memory Programming Without All That Cache Flushing. In SDC 2020.

[35]

Steve Scargall. 2020. Programming Persistent Memory: A Comprehensive Guide for Developers.

[36]

Seunghee Shin, Satish Kumar Tirukkovalluri, James Tuck, and Yan Solihin. 2017. Proteus: A Flexible and Fast Software Supported Hardware Logging Approach for NVM. In Proceedings of the 50th Annual IEEE/ACM International Symposium on Microarchitecture.

Digital Library

[37]

Seunghee Shin, James Tuck, and Yan Solihin. 2017. Hiding the Long Latency of Persist Barriers Using Speculative Execution. In Proceedings of the 44th Annual International Symposium on Computer Architecture.

Digital Library

[38]

G. Suh, Dwaine Clarke, Blaise Gassend, Marten van Dijk, and Srinivas Devadas. 2003. Efficient Memory Integrity Verification and Encryption for Secure Processors. In Proceedings. 36th Annual IEEE/ACM International Symposium on Microarchitecture, 2003. MICRO-36.

[39]

G. E. Suh, C. W. O’Donnell, and S. Devadas. 2007. AEGIS: A Single-Chip Secure Processor. IEEE Design Test of Computers(2007).

[40]

S. Swami and K. Mohanram. 2018. ACME: Advanced Counter Mode Encryption for Secure Non-Volatile Memories. In 2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC).

[41]

Shivam Swami and Kartik Mohanram. 2018. ARSENAL: Architecture for Secure Non-Volatile Memories. Computer Architecture Letters(2018).

[42]

Jakub Szefer and Sebastian Biedermann. 2014. Towards Fast Hardware Memory Integrity Checking with Skewed Merkle Trees. In Proceedings of the Third Workshop on Hardware and Architectural Support for Security and Privacy.

Digital Library

[43]

Meysam Taassori, Rajeev Balasubramonian, Siddhartha Chhabra, Alaa R. Alameldeen, Manjula Peddireddy, Rajat Agarwal, and Ryan Stutsman. 2020. Compact Leakage-Free Support for Integrity and Reliability. In 2020 ACM/IEEE 47th Annual International Symposium on Computer Architecture (ISCA).

[44]

Meysam Taassori, Ali Shafiee, and Rajeev Balasubramonian. 2018. VAULT: Reducing Paging Overheads in SGX with Efficient Integrity Verification Structures. In Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems.

Digital Library

[45]

David Lie Chandramohan Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell, and Mark Horowitz. 2000. Architectural Support for Copy and Tamper Resistant Software. In Proceedings of the Ninth International Conference on Architectural Support for Programming Languages and Operating Systems.

Digital Library

[46]

S. Vig, R. Juneja, and S. Lam. 2020. DISSECT: Dynamic Skew-and-Split Tree for Memory Authentication. In 2020 Design, Automation Test in Europe Conference Exhibition (DATE).

[47]

Chenyu Yan, Daniel Englender, Milos Prvulovic, Brian Rogers, and Yan Solihin. 2006. Improving Cost, Performance, and Security of Memory Encryption and Authentication. In Proceedings of the 33rd Annual International Symposium on Computer Architecture (ISCA).

Digital Library

[48]

Jun Yang, Youtao Zhang, and Lan Gao. 2003. Fast Secure Processor for Inhibiting Software Piracy and Tampering. In Proceedings of the 36th Annual IEEE/ACM International Symposium on Microarchitecture.

Digital Library

[49]

Mao Ye, Clayton Huges, and Amro Awad. 2018. Osiris: A Low-Cost Mechanism to Enable Restoration of Secure Non-Volatile Memories. In 51st Annual IEEE/ACM International Symposium on Microarchitecture.

Digital Library

[50]

Kazi Abu Zubair and Amro Awad. 2019. Anubis: Ultra-low Overhead and Recovery Time for Secure Non-volatile Memories. In Proceedings of the 46th International Symposium on Computer Architecture.

Digital Library

[51]

Pengfei Zuo, Yu Hua, and Yuan Xie. 2019. SuperMem: Enabling Application-transparent Secure Persistent Memory with Low Overheads. In Proceedings of the 52Nd Annual IEEE/ACM International Symposium on Microarchitecture.

Digital Library

Cited By

Thomas SWorkneh KMcCarty JIzraelevitz JLehman TBahar RTsafrir DMusuvathi MGupta RAbu-Ghazaleh N(2024)A Midsummer Night’s Tree: Efficient and High Performance Secure SCMProceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 310.1145/3620666.3651354(22-37)Online publication date: 27-Apr-2024
https://dl.acm.org/doi/10.1145/3620666.3651354
Shadab RZou YGandham SAwad ALin M(2024)A Secure Computing System With Hardware-Efficient Lazy Bonsai Merkle Tree for FPGA-Attached Embedded MemoryIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.332493521:4(3262-3279)Online publication date: Jul-2024
https://doi.org/10.1109/TDSC.2023.3324935
Wang YHe JSun KDong YChen JMa CZhou AMao R(2024)Boosting Write Performance of KV Stores: An NVM - Enabled Storage Collaboration Approach2024 IEEE 40th International Conference on Data Engineering (ICDE)10.1109/ICDE60146.2024.00166(2082-2095)Online publication date: 13-May-2024
https://doi.org/10.1109/ICDE60146.2024.00166
Show More Cited By

Recommendations

Crash recoverable ARMv8-oriented B+-tree for byte-addressable persistent memory
LCTES 2019: Proceedings of the 20th ACM SIGPLAN/SIGBED International Conference on Languages, Compilers, and Tools for Embedded Systems

The byte-addressable non-volatile memory (NVM) promises persistent memory. Concretely, ARM processors have incorporated architectural supports to utilize NVM. In this paper, we consider tailoring the important B+-tree for NVM operated by a 64-bit ARMv8 ...
Achieving crash consistency by employing persistent L1 cache
DATE '22: Proceedings of the 2022 Conference & Exhibition on Design, Automation & Test in Europe

Emerging non-volatile memory technologies promise the opportunity for maintaining persistent data in memory. However, providing crash-consistency in such systems can be costly as any update to the persistent data has to reach the persistent domain in a ...
Scalable crash consistency for secure persistent memory
DAC '22: Proceedings of the 59th ACM/IEEE Design Automation Conference

Persistent memory (PM) suffers from data security and crash consistency issues due to non-volatility. Counter-mode encryption (CME) and bonsai merkle tree (BMT) have been adopted to ensure data security by using security metadata. The data and its ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

MICRO '21: MICRO-54: 54th Annual IEEE/ACM International Symposium on Microarchitecture

October 2021

1322 pages

ISBN:9781450385572

DOI:10.1145/3466752

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGMICRO: ACM Special Interest Group on Microarchitectural Research and Processing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 October 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

NSF (National Science Foundation)

Conference

MICRO '21

Sponsor:

SIGMICRO

MICRO '21: 54th Annual IEEE/ACM International Symposium on Microarchitecture

October 18 - 22, 2021

Virtual Event, Greece

Acceptance Rates

Overall Acceptance Rate 484 of 2,242 submissions, 22%

Upcoming Conference

MICRO '24

Sponsor:
sigmicro

57th Annual IEEE/ACM International Symposium on Microarchitecture

November 2 - 6, 2024

Austin , TX , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

13
Total Citations
View Citations
974
Total Downloads

Downloads (Last 12 months)346
Downloads (Last 6 weeks)48

Reflects downloads up to 15 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Thomas SWorkneh KMcCarty JIzraelevitz JLehman TBahar RTsafrir DMusuvathi MGupta RAbu-Ghazaleh N(2024)A Midsummer Night’s Tree: Efficient and High Performance Secure SCMProceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 310.1145/3620666.3651354(22-37)Online publication date: 27-Apr-2024
https://dl.acm.org/doi/10.1145/3620666.3651354
Shadab RZou YGandham SAwad ALin M(2024)A Secure Computing System With Hardware-Efficient Lazy Bonsai Merkle Tree for FPGA-Attached Embedded MemoryIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.332493521:4(3262-3279)Online publication date: Jul-2024
https://doi.org/10.1109/TDSC.2023.3324935
Wang YHe JSun KDong YChen JMa CZhou AMao R(2024)Boosting Write Performance of KV Stores: An NVM - Enabled Storage Collaboration Approach2024 IEEE 40th International Conference on Data Engineering (ICDE)10.1109/ICDE60146.2024.00166(2082-2095)Online publication date: 13-May-2024
https://doi.org/10.1109/ICDE60146.2024.00166
Shadab RZou YLin M(2024)CTR+: A High-Performance Metadata Access Scheme for Secure Embedded Memory in Heterogeneous Computing Systems2024 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)10.1109/HOST55342.2024.10545394(304-308)Online publication date: 6-May-2024
https://doi.org/10.1109/HOST55342.2024.10545394
Feng EDu DXia YChen H(2023)Efficient Distributed Secure Memory with Migratable Merkle Tree2023 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA56546.2023.10071130(347-360)Online publication date: Feb-2023
https://doi.org/10.1109/HPCA56546.2023.10071130
Freij AZhou HSolihin Y(2023)SecPB: Architectures for Secure Non-Volatile Memory with Battery-Backed Persist Buffers2023 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA56546.2023.10071082(677-690)Online publication date: Feb-2023
https://doi.org/10.1109/HPCA56546.2023.10071082
Huang JHua Y(2023)Root Crash Consistency of SGX-style Integrity Trees in Secure Non-Volatile Memory Systems2023 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA56546.2023.10071003(152-164)Online publication date: Feb-2023
https://doi.org/10.1109/HPCA56546.2023.10071003
Chowdhuryy MJung MYao FAwad A(2023)D-Shield: Enabling Processor-side Encryption and Integrity Verification for Secure NVMe Drives2023 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA56546.2023.10070924(908-921)Online publication date: Feb-2023
https://doi.org/10.1109/HPCA56546.2023.10070924
Shadab RZou YGandham SLin M(2023)OMT: A Run-time Adaptive Architectural Framework for Bonsai Merkle Tree-Based Secure Authentication with Embedded Heterogeneous Memory2023 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)10.1109/HOST55118.2023.10133074(191-202)Online publication date: 1-May-2023
https://doi.org/10.1109/HOST55118.2023.10133074
Kim JLee WHong JKim S(2022)Efficient Integrity-Tree Structure for Convolutional Neural Networks through Frequent Counter Overflow Prevention in Secure MemoriesSensors10.3390/s2222876222:22(8762)Online publication date: 13-Nov-2022
https://doi.org/10.3390/s22228762
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents