Copilot - a coprocessor-based kernel runtime integrity monitor
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Lest we remember: cold boot attacks on encryption keys
SS'08 Proceedings of the 17th conference on Security symposium
AESSE: a cold-boot resistant implementation of AES
Proceedings of the Third European Workshop on System Security
TRESOR runs encryption securely outside RAM
SEC'11 Proceedings of the 20th USENIX conference on Security
Security through amnesia: a software-based solution to the cold boot attack on disk encryption
Proceedings of the 27th Annual Computer Security Applications Conference
TreVisor: OS-independent software-based full disk encryption secure against main memory attacks
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Deadbolt: locking down android disk encryption
Proceedings of the Third ACM workshop on Security and privacy in smartphones & mobile devices
PRIME: private RSA infrastructure for memory-less encryption
Proceedings of the 29th Annual Computer Security Applications Conference
Implementation and implications of a stealth hard-drive backdoor
Proceedings of the 29th Annual Computer Security Applications Conference
Beyond full disk encryption: protection on security-enhanced commodity processors
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Hi-index | 0.00 |
Hard disk encryption is known to be vulnerable to a number of attacks that aim to directly extract cryptographic key material from system memory. Several approaches to preventing this class of attacks have been proposed, including Tresor [18] and LoopAmnesia [25]. The common goal of these systems is to confine the encryption key and encryption process itself to the CPU, such that sensitive key material is never released into system memory where it could be accessed by a DMA attack. In this work, we demonstrate that these systems are nevertheless vulnerable to such DMA attacks. Our attack, which we call Tresor-Hunt, relies on the insight that DMA-capable adversaries are not restricted to simply reading physical memory, but can write arbitrary values to memory as well. Tresor-Hunt leverages this insight to inject a ring 0 attack payload that extracts disk encryption keys from the CPU into the target system's memory, from which it can be retrieved using a normal DMA transfer. Our implementation of this attack demonstrates that it can be constructed in a reliable and OS-independent manner that is applicable to any CPU-bound encryption technique, IA32-based system, and DMA-capable peripheral bus. Furthermore, it does not crash the target system or otherwise significantly compromise its integrity. Our evaluation supports the OS-independent nature of the attack, as well as its feasibility in real-world scenarios. Finally, we discuss several countermeasures that might be adopted to mitigate this attack and render CPU-bound encryption systems viable.