- About
- Events
- Calendar
- Graduation Information
- Cornell Learning Machines Seminar
- Student Colloquium
- BOOM
- Spring 2025 Colloquium
- Conway-Walker Lecture Series
- Salton 2024 Lecture Series
- Seminars / Lectures
- Big Red Hacks
- Cornell University / Cornell Tech - High School Programming Workshop and Contest 2025
- Game Design Initiative
- CSMore: The Rising Sophomore Summer Program in Computer Science
- Explore CS Research
- ACSU Research Night
- Cornell Junior Theorists' Workshop 2024
- People
- Courses
- Research
- Undergraduate
- M Eng
- MS
- PhD
- Admissions
- Current Students
- Computer Science Graduate Office Hours
- Advising Guide for Research Students
- Business Card Policy
- Cornell Tech
- Curricular Practical Training
- A & B Exam Scheduling Guidelines
- Fellowship Opportunities
- Field of Computer Science Ph.D. Student Handbook
- Graduate TA Handbook
- Field A Exam Summary Form
- Graduate School Forms
- Instructor / TA Application
- Ph.D. Requirements
- Ph.D. Student Financial Support
- Special Committee Selection
- Travel Funding Opportunities
- Travel Reimbursement Guide
- The Outside Minor Requirement
- Robotics Ph. D. prgram
- Diversity and Inclusion
- Graduation Information
- CS Graduate Minor
- Outreach Opportunities
- Parental Accommodation Policy
- Special Masters
- Student Spotlights
- Contact PhD Office
Speaker
Samuel Breckenridge, Cornell
Friday, March 28, 2025 - 12:20 to 13:10 
Gates 114, Bloomberg 201 & Streaming via Zoom
Host:
Hakim Weatherspoon
Categories:
Title: uMMU: Securing Data Confidentiality with Unobservable Memory Subsystem
Abstract: Ensuring data confidentiality in a computing system's memory hierarchy proved to be a formidable challenge with the large attack surface. Diverse and powerful attacks threaten data confidentiality. Memory safety is notoriously hard to achieve with unsafe languages, thereby empowering adversaries with unauthorized memory accesses, as represented by the HeartBleed incident. More recently, microarchitectural side channel attacks reign as a prevalent threat against data confidentiality that affects program execution including the safeguarded ones inside TEEs.
In this paper, we introduce an in-process memory subsystem called uMMU. uMMU coherently consolidates the notion of employing processor registers as unobservable storage with data confidentiality protection techniques such as memory encryption and Oblivious RAM. uMMU creates a new address space called uVirtual address space that is unobservable to adversaries. Under the abstraction created by uMMU, the processor's spacious extended registers, such as Intel x86's AVX512, are transformed into unobservable and addressable physical memory backing. Completing the principles of virtual memory abstraction is the memory management that maintains a secure swap space applied with memory confidentiality policies such as encryption or ORAM. uMMU is a versatile and powerful framework that can host data confidentiality policies on sensitive data. Our real-world evaluation indicates that uMMU significantly improves the performance of programs with encryption and ORAM schemes for sensitive data protection: an average of 69.93% improvement in encryption-based protection of sensitive data in MbedTLS, and 497.84% for ORAM-based elimination of access patterns on Memcached's hashtable.
Bio: Sam Breckenridge is a first year PhD student working with Ari Juels. His research interests include security/privacy broadly, as well as blockchain systems and governance.