Side-channel attacks on secure encrypted virtualization (sev)-encrypted state (sev-es) processors
US-2023059273-A1 · Feb 23, 2023 · US
Methods and systems for protecting against memory-based side-channel attacks
US12177328B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12177328-B2 |
| Application number | US-202217723711-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 19, 2022 |
| Priority date | Apr 22, 2021 |
| Publication date | Dec 24, 2024 |
| Grant date | Dec 24, 2024 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Embodiments protect against memory-based side-channel attacks by efficiently shuffling data. In an example implementation, in response to a data access request by an encryption methodology regarding a first data element from amongst a plurality of data elements stored in memory, a storage address of a second data element of the plurality is determined. This storage address is determined using (i) an address of the first data element in the memory, (ii) a permutation function, and (iii) a random number. In turn, the first data element is stored at the determined storage address of the second data element and the second data element is stored at the address of the first data element. In this way, embodiments protect encryption methodologies from memory-based side-channel attacks.
First claim
Opening claim text (preview).
What is claimed is: 1. A method of protecting against memory-based side-channel attacks, the method comprising: in response to a data access request by an encryption methodology regarding a first data element from amongst a plurality of data elements stored in memory: determining a storage address of a second data element of the plurality using (i) an address of the first data element in the memory, (ii) a permutation function, and (iii) a random number; storing the first data element at the determined storage address of the second data element and storing the second data element at the address of the first data element, thereby protecting the encryption methodology from memory-based side-channel attacks; and tracking update status for each of the plurality of data elements by creating a bit-map wherein each of the plurality of data elements has an associated one-bit indicator of permutation status. 2. The method of claim 1 , further comprising, in response to the request: servicing the request by providing the first data element to the encryption methodology. 3. The method of claim 1 wherein the permutation function is an exclusive or (XOR) function. 4. The method of claim 1 , wherein update status is associated with storage addresses of the plurality of data elements. 5. The method of claim 1 wherein the random number is a second random number and the method further comprises: prior to receipt of the request, storing each of the plurality of data elements at random locations in the memory, wherein each random location is a function of a first random number. 6. The method of claim 5 further comprising: specifying a region in the memory, wherein the random locations are in the specified region in the memory. 7. The method of claim 1 further comprising: iterating the determining and storing for each of a plurality of requests; and in at least one given iteration, modifying the random number. 8. The method of claim 7 further comprising: selecting the at least one given iteration, in which to modify the random number, as a function of the encryption methodology. 9. The method of claim 1 further comprising: storing each of the plurality of data elements at addresses determined using (i) the data elements address, (ii) the permutation function, and (iii) the random number; and updating the random number. 10. The method of claim 9 wherein the storing of each of the plurality of data elements and the updating the random number is performed in accordance with an epoch length, where epoch length is in terms of a number of requests to access the plurality of data elements. 11. The method of claim 1 further comprising: specifying a safe region in the memory; and loading each of the plurality of data elements to addresses in the specified region, wherein the addresses are a function of an initial random number. 12. The method of claim 1 wherein the random number is a first random number and each of the plurality of data elements is stored at an address that is a function of the first random number or a second random number. 13. The method of claim 12 wherein size and range of the first random number and second random number is determined by a platform microarchitecture, cache structure, and function of the encryption methodology. 14. A computer system for protecting against memory-based side-channel attacks, the system comprising: a processor; and a memory with computer code instructions stored thereon, the processor and the memory, with the computer code instructions, being configured to cause the system to: in response to a data access request by an encryption methodology regarding a first data element from amongst a plurality of data elements stored in memory: determine a storage address of a second data element of the plurality using (i) an address of the first data element in the memory, (ii) a permutation function, and (iii) a random number; store the first data element at the determined storage address of the second data element and store the second data element at the address of the first data element, thereby protecting the encryption methodology from memory-based side-channel attacks; and track update status for each of the plurality of data elements by creating a bit-map wherein each of the plurality of data elements has an associated one-bit indicator of permutation status. 15. The system of claim 14 wherein update status is associated with storage addresses of the plurality of data elements. 16. The system of claim 14 wherein the processor and the memory, with the computer code instructions, are further configured to cause the system to: iterate the determining and storing for each of a plurality of requests; and in at least one given iteration, modify the random number. 17. The system of claim 14 wherein the processor and the memory, with the computer code instructions, are further configured to cause the system to: specify a safe region in the memory; and load each of the plurality of data elements to addresses in the specified region, wherein the addresses are a function of an initial random number. 18. The system of claim 14 wherein the permutation function is an exclusive or (XOR) function. 19. A computer program product for protecting against memory-based side-channel attacks, the computer program product comprising: one or more non-transitory computer-readable storage devices and program instructions stored on at least one of the one or more storage devices, the program instructions, when loaded and executed by a processor, cause an apparatus associated with the processor to: in response to a data access request by an encryption methodology regarding a first data element from amongst a plurality of data elements stored in memory: determine a storage address of a second data element of the plurality using (i) an address of the first data element in the memory, (ii) a permutation function, and (iii) a random number; store the first data element at the determined storage address of the second data element and store the second data element at the address of the first data element, thereby protecting the encryption methodology from memory-based side-channel attacks; and update status for each of the plurality of data elements by creating a bit-map wherein each of the plurality of data elements has an associated one-bit indicator of permutation status.
Assignees
Inventors
Classifications
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12177328B2 cover?
- Embodiments protect against memory-based side-channel attacks by efficiently shuffling data. In an example implementation, in response to a data access request by an encryption methodology regarding a first data element from amongst a plurality of data elements stored in memory, a storage address of a second data element of the plurality is determined. This storage address is determined using (…
- Who is the assignee on this patent?
- Univ Northeastern
- What technology area does this patent fall under?
- Primary CPC classification H04L9/005. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Dec 24 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).