Sign In

Communications of the ACM

ACM TechNews

Protecting Data in the Cloud

View as: Print Mobile App Share:
An image of locked chips, indicating data security.

The new Ascend secure hardware component can disguise a server's memory-access patterns, which makes it impossible for an attacker to infer any details of the data stored in the server.

Credit: Christine Daniloff/MIT

Massachusetts Institute of Technology (MIT) researchers have developed Ascend, a type of secure hardware component that can disguise a server's memory-access patterns, making it impossible for an attacker to infer anything about the data being stored.

Ascend also stops timing attacks, which attempt to infer information from the amount of time that computations take.

"This is the first time that any hardware design has been proposed--it hasn’t been built yet--that would give you this level of security while only having about a factor of three or four overhead in performance," says MIT professor Srini Devadas.

The system involves arranging memory addresses in a data structure known as a tree. Every node in the tree lies along some path that starts at the top and passes from node to node, without backtracking, until arriving at a node with no further connections. Ascend prevents attackers from inferring anything from sequences of memory access by randomly swapping that address with one stored somewhere else in the tree. Therefore, accessing a single address multiple times will very rarely require traversing the same path.

From MIT News
View Full Article


Abstracts Copyright © 2013 Information Inc., Bethesda, Maryland, USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account