Exploiting social networks for threshold signing: attack-resilience vs. availability
Proceedings of the 2008 ACM symposium on Information, computer and communications security
A method for safekeeping cryptographic keys from memory disclosure attacks
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Universal serial bus based software attacks and protection solutions
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Eternal sunshine of the spotless machine: protecting privacy with ephemeral channels
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
RowClone: fast and energy-efficient in-DRAM bulk data copy and initialization
Proceedings of the 46th Annual IEEE/ACM International Symposium on Microarchitecture
Security-Preserving Live Migration of Virtual Machines in the Cloud
Journal of Network and Systems Management
Hi-index | 0.00 |
Cryptography has become an indispensable mechanism for securing systems, communications and applications. While offering strong protection, cryptography makes the assumption that cryptographic keys are kept absolutely secret. In general this assumption is very difficult to guarantee in real life because computers may be compromised relatively easily. In this paper we investigate a class of attacks, which exploit memory disclosure vulnerabilities to expose cryptographic keys. We demonstrate that the threat is real by formulating an attack that exposed the private key of an OpenSSH server within 1 minute, and exposed the private key of an Apache HTTP server within 5 minutes. We propose a set of techniques to address such attacks. Experimental results show that our techniques are efficient (i.e., imposing no performance penalty) and effective -- unless a large portion of allocated memory is disclosed.