Flexible In-NAND Cryptographic Processing for Secure Flash Storage

TL;DR

FlashVault introduces an in-NAND self-encryption architecture embedding reconfigurable cryptographic engines into 4D V-NAND chips, enabling secure, area-efficient, and high-performance encryption and digital signatures within flash storage devices.

Contribution

It is the first to embed reconfigurable cryptographic engines directly into NAND flash chips, supporting diverse algorithms without off-chip encryption overhead.

Findings

Outperforms CPU-based encryption by 1.46 to 3.45 times.

Supports block ciphers, public-key, and post-quantum algorithms.

Operates as a self-contained, secure NAND chip enclave.

Abstract

We present FlashVault, an in-NAND self-encryption architecture that embeds a reconfigurable cryptographic engine into the unused silicon area of a state-of-the-art 4D V-NAND structure. FlashVault supports not only block ciphers for data encryption but also public-key and post-quantum algorithms for digital signatures, all within the NAND flash chip. This design enables each NAND chip to operate as a self-contained enclave without incurring area overhead, while eliminating the need for off-chip encryption. We implement FlashVault at the register-transfer level (RTL) and perform place-and-route (P&R) for accurate power/area evaluation. Our analysis shows that the power budget determines the number of cryptographic engines per NAND chip. We integrate this architectural choice into a full-system simulation and evaluate its performance on a wide range of cryptographic algorithms. Our results show that FlashVault consistently outperforms both CPU-based encryption (1.46~3.45x) and near-core processing architecture (1.02~2.01x), demonstrating its effectiveness as a secure SSD architecture that meets diverse cryptographic requirements imposed by regulatory standards and enterprise policies.