A Novel Approach of Data Content Zeroization Under Memory Attacks

Abstract

Protecting user’s secret data on the devices like smartphones, tablets, wearable devices etc, from memory attacks is always a challenge for system designers. The most stringent security requirements and protocols in today’s state-of-the-art systems are governed by Federal Information Processing Standards (FIPS). Specifically, it ensures the protection of sensitive data by erasing them from random access memories (RAMs) and associated flip-flip based registers, as soon as security violation(s) is(are) detected. Traditionally, the sensitive data like authentication credentials, cryptographic keys and other on-chip secrets are erased (or zeroized) by sequential write transactions initiated either by dedicated hardware or using software programs. This paper, for the first time, proposes a novel approach of erasing secured data content from on-chip RAMs using conventional memory built-in-self-test (MBIST) hardware in mission mode. The proposed zeroization approach is proved to be substantially faster than the traditional techniques in erasing data content. As it helps in re-using Memory BIST hardware for on-chip data content zeroization, this guarantees to save silicon area and power by removing dedicated conventional hardware from the device. This paper also discusses the micro-architectural implementation and security challenges of using Memory BIST hardware in mission mode and proposes practical solutions to fill the gaps.