Professional Documents
Culture Documents
Spintronics based MRAM for Security using PUF
Spintronics based MRAM for Security using PUF
Spintronics based MRAM for Security using PUF
Despite such a growth, dynamic RAMs (DRAMs) which are based on semiconductor
technologies face limitations in maintaining a significant growth rate. The charge leakage that
occurs when the device sizes are scaled down causes an increase in power consumption. A
non-volatile memory would not consume much more static power, in contrast with dynamic
RAMs. Due to potentially lower power consumption and instant-on capability, a search for
non-volatile memory technologies has been actively pursued for and the answer is MRAM.
A security mechanism is configured to prevent access without having to erase or modify (e.g.,
encrypt) data that is already stored in the data storage system and even when the data Storage
system is rendered inoperable.
Background:
The security mechanism utilizes an encryption key which is stored in, or is generated from
information stored in, a non-volatile memory module, such as a magneto resistive random-
access memory (MRAM) module, integrated in the data storage system. Data stored in the
MRAM module can be erased, written over, or otherwise rendered unrecoverable by
exposing the MRAM module to a suitable electromagnetic field. For example, data stored in
the MRAM module can be erased by degaussing. Such as by using a degausser configured to
erase data stored in magnetic media.
As another example, the data storage system can comprise a magnetic field generator that can
be activated (e.g., by supplying external power) to erase data stored in the MRAM module.
Advantageously, by erasing data stored in the MRAM module, access to encrypted data
stored in the data storage system can be prevented even in cases when the data storage system
has failed or has otherwise been rendered in operative or nonfunctional.
In other cases, the data storage system is configured to erase from the MRAM module or
otherwise render unrecoverable (e.g., written over) the encryption key or information from
which the encryption key is generated. For example, this can be performed in response to a
command (e.g., a vendor specific command that is not part of Standard command interface
between a host system and the data storage system) received from a host system.
Once the key or information from which the key is generated is erased, encrypted data stored
in the data storage system cannot be decrypted, and access is prevented. As a result, the data
storage system is sanitized.
Building Blocks:
MRAM
STT based MRAM
Physical Unclonable Function
Pretty Good Privacy
MRAM:
A typical MRAM cell has a transistor and a Magneto resistive element, quite like a DRAM,
which contains a transistor and a capacitor. While the charge stored in the capacitor of a
DRAM defines its memory state, the resistance of the Magneto resistive element determines 1
and 0 states. A transistor for every MRAM cell is required, as the absolute difference between
the resistances and hence, the voltage of two states is not high enough to function without a
transistor. Moreover, the transistor also provides the current required for the write operation.
STT stands for Spin-torque transfer, STT-MRAM is based on letting a current ow through the
MTJ device itself to realize the switching of the magnetization of the free layer. This means
that a current owing through the device can both sense the resistance (for reading operation)
and program (write operation) the memory. The current is seen as a set of spin-up and spin-
down electrons. While owing through a non-magnetic material, nothing happens to both
populations of electrons. STT-MRAM does not use any magnetic field, the write selectivity is
very precise (since the spin-torque effect happens within a cell without influencing
surrounding ones), thus magnetic interferences are not present anymore. Write current is also
much lower than the one required by Field MRAM as well as the architecture is simpler (no
longer multiple wires to discriminate between read and write operations).
PUF stands for Physical Unclonable Function and identies a well-known physical
characteristic which is associated univocally to a specific structure like an integrated circuit at
the physical level. The word physical is very important, since the idea behind PUF is to rely
on specific parameters at the materials level constituting a given device to generate some
useful information for identification purposes. A PUF is a one-way function that, evaluated
for each chip of a production lot, considers process variation to generate a unique signature
for that chip and that chip only, solely based on the process variation itself. In particular,
Process variation is then the random (thus unpredictable) input x to the PUF;
The generated output, y=f(x) is the unique signature of that given chip and hopefully unique.
This response is then used for security- or identification-related goals. No more than one chip
can come with the same signature. The advantage of PUF is that it is a one-way function: this
means that, starting from the input domain, it is possible to get a univocal result y=f(x),
however, the image (result) to which y belongs, is very difficult to invert. Given y, it is very
hard to find x.
PGP stands for Pretty Good Privacy invented by Phil Zimmermann. PGP was designed to
provide all four aspects of security, i.e., privacy, integrity, authentication, and non-
repudiation. It uses a digital signature (a combination of hashing and public key encryption)
to provide integrity, authentication, and non-repudiation. PGP uses a combination of secret
key encryption and public key encryption to provide privacy. Therefore, we can say that the
digital signature uses one hash function, one secret key, and two private-public key pairs.
These are the steps to be followed to apply PGP policy for the data at rest.
The commonly method for encrypting and decrypting data is PGP (Pretty Good Privacy).
PGP uses symmetric and asymmetric keys to encrypt data being transferred across networks.
Asymmetric encryption uses two different keys for the encryption and decryption and both
keys are derived from one another and created at the same time. These are divided into and
referred to as a public and a private key that makes up the key pair. Data is only encrypted
with a public key and thus can only be decrypted with the matching private key. PGP
provides additional security that prevents anyone who has only the public key from
decrypting data which was previously encrypted with it. Another benefit of asymmetric
encryption is that it allows authentication check. This seemed to be a viable option but with
some limitations.
PGP is mainly beneficial in cases when sensitive data is exchanged between partners;
essentially when the information is shared over the network. It works fine when you work for
attaining public key cryptography. Moreover, PGP requires more computational resources
that can lead to performance issues and make the process cumbersome.