Data confidentiality, integrity, and persistence are essential in secure nonvolatile memory (NVM) systems. However, coupling authenticated memory encryption with security metadata persistence incurs nonnegligible performance overheads. Particularly, the integrity update process for the metadata cache bottlenecks execution performance. In this article, we propose Cachet, a novel integrity verification scheme. Instead of integrity trees, which require multiple hash calculations to update their integrity, Cachet employs set hash functions to authenticate the metadata cache. The observation that underlies Cachet is that the integrity of the metadata cache is never verified at runtime, and the recovery process necessitates the restoration of all data within the metadata cache. Cachet allows the metadata integrity update with two parallel hash calculations, without imposing additional overheads during system recovery. Our evaluation results show that Cachet reduces execution time by 21%, NVM writes by 30%, and power consumption overheads by 22% compared to state-of-the-art solutions.

中文翻译：

---

Cachet：安全非易失性内存系统中元数据缓存的低开销完整性验证

数据机密性、完整性和持久性对于安全非易失性存储器 (NVM) 系统至关重要。然而，将经过身份验证的内存加密与安全元数据持久性相结合会带来不可忽视的性能开销。特别是，元数据缓存的完整性更新过程成为执行性能的瓶颈。在本文中，我们提出了 Cachet，一种新颖的完整性验证方案。 Cachet 使用集合哈希函数来验证元数据缓存，而不是需要多次哈希计算来更新其完整性的完整性树。 Cachet 背后的观察结果是，元数据缓存的完整性在运行时从未得到验证，并且恢复过程需要恢复元数据缓存内的所有数据。 Cachet 允许通过两个并行哈希计算进行元数据完整性更新，而不会在系统恢复期间施加额外的开销。我们的评估结果表明，与最先进的解决方案相比，Cachet 将执行时间减少了 21%，NVM 写入减少了 30%，功耗开销减少了 22%。