Massachusetts Institute of Technology (MIT) researchers have developed Ascend, a type of secure hardware component that can disguise a server's memory-access patterns, making it impossible for an attacker to infer anything about the data being stored.
Ascend also stops timing attacks, which attempt to infer information from the amount of time that computations take.
"This is the first time that any hardware design has been proposed--it hasn’t been built yet--that would give you this level of security while only having about a factor of three or four overhead in performance," says MIT professor Srini Devadas.
The system involves arranging memory addresses in a data structure known as a tree. Every node in the tree lies along some path that starts at the top and passes from node to node, without backtracking, until arriving at a node with no further connections. Ascend prevents attackers from inferring anything from sequences of memory access by randomly swapping that address with one stored somewhere else in the tree. Therefore, accessing a single address multiple times will very rarely require traversing the same path.
From MIT News
View Full Article
Abstracts Copyright © 2013 Information Inc., Bethesda, Maryland, USA