research-article

AESSE: a cold-boot resistant implementation of AES

Authors:

Tilo Müller,

Andreas Dewald,

Felix C. FreilingAuthors Info & Claims

EUROSEC '10: Proceedings of the Third European Workshop on System Security

Pages 42 - 47

https://doi.org/10.1145/1752046.1752053

Published: 13 April 2010 Publication History

Get Access

Abstract

Cold boot attacks exploit the fact that memory contents fade with time and that most of them can be retrieved after a short power-down (reboot). These attacks aim at retrieving encryption keys from memory to thwart disk drive encryption. We present a method to implement disk drive encryption that is resistant to cold boot attacks. More specifically, we implemented AES and integrated it into the Linux kernel in such a way that neither the secret key nor any parts of it leave the processor. To achieve this, we used the SSE (streaming SIMD extensions) available in modern Intel processors in a non-standard way. We show that the performance penalty is acceptable and present a brief security analysis of the system.

References

[1]

Bitlocker drive encryption. Internet: http://technet.microsoft.com/en-us/windows/aa905065.aspx, November 2009.

Google Scholar

[2]

Utimaco safeguard cryptoserver. Internet: http://hsm.utimaco.com/home/, February 2010.

Google Scholar

[3]

Brian Gladman. BRG Main Site. Internet: http://www.gladman.me.uk, February 2010.

Google Scholar

[4]

J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten. Lest we remember: Cold boot attacks on encryption keys. In Proceedings of the 17th USENIX Security Symposium, pages 45--60, 2008.

Digital Library

Google Scholar

[5]

Infineon Technologies. Embedded Security. Internet: http://www.infineon.com/tpm, February 2010.

Google Scholar

[6]

Intel. Advanced Encryption Standard (AES) Instruction Set. Internet: http://software.intel.com/en-us/articles/intel-advanced-encryption-standard-aes-instructions-set/, February 2010.

Google Scholar

[7]

Intel Corporation. Intel 64 and IA-32 Architectures Software Developer's Manual Volume 2A: Instruction Set Reference A-M, December 2009.

Google Scholar

[8]

Intel Corporation. Intel 64 and IA-32 Architectures Software Developer's Manual Volume 2B: Instruction Set Reference N-Z, December 2009.

Google Scholar

[9]

Carsten Maartmann-Moe, Steffen E. Thorkildsen, and Andre Arnes. The persistence of memory: Forensic identification and extraction of cryptographic keys. Digital Investigation, 6(1):S132--S140, 2009. Finding cryptographic keys in memory.

Digital Library

Google Scholar

[10]

NIST. FIPS 197: Advanced Encryption Standard (AES). Technical report, NIST, 2001.

Google Scholar

[11]

Martin Oczko. KryptoNAS: Open Source Based NAS Encryption. In Norbert Pohlmann, Helmut Reimer, and Wolfgang Schneider, editors, ISSE 2009 Securing Electronic Business Processes. Vieweg+Teubner, 2009.

Google Scholar

[12]

Larry Ponemon. Airport Insecurity: The Case of Missing & Lost Laptops. Ponemon Institute, June 2008. http://www.dell.com/downloads/global/services/dell_lost_laptop_study.pdf.

Google Scholar

[13]

Christophe Saout. dm-crypt: a device-mapper crypto target, 2006.

Google Scholar

Cited By

View all

Yüksel İTuğrul YBostancı FOliveira GYağlıkçı AOlgun ASoysal MLuo HGómez-Luna JSadrosadati MMutlu O(2024)Simultaneous Many-Row Activation in Off-the-Shelf DRAM Chips: Experimental Characterization and Analysis2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58291.2024.00024(99-114)Online publication date: 24-Jun-2024
https://doi.org/10.1109/DSN58291.2024.00024
Sekar GJoseph MBalasubramanian R(2024)Fault-assisted side-channel analysis of HMAC-StreebogCryptologia10.1080/01611194.2024.2328548(1-17)Online publication date: 14-Apr-2024
https://doi.org/10.1080/01611194.2024.2328548
Zha CXu ZXing JYin H(2024)Loft: An Architecture for Lifetime Management of Privacy Data in Service CooperationUbiquitous Security10.1007/978-981-97-1274-8_17(255-273)Online publication date: 13-Mar-2024
https://doi.org/10.1007/978-981-97-1274-8_17
Show More Cited By

Index Terms

AESSE: a cold-boot resistant implementation of AES

Recommendations

Defending Against Malicious USB Firmware with GoodUSB
ACSAC '15: Proceedings of the 31st Annual Computer Security Applications Conference

USB attacks are becoming more sophisticated. Rather than using USB devices solely as a delivery mechanism for host-side exploits, attackers are targeting the USB stack itself, embedding malicious code in device firmware to covertly request additional ...
Isolating Operating System Components with Intel SGX
SysTEX '16: Proceedings of the 1st Workshop on System Software for Trusted Execution

In this paper, we present a novel approach on isolating operating system components with Intel SGX. Although SGX has not been designed to work in kernel mode, we found a way of wrapping Linux kernel functionality within SGX enclaves by moving parts of ...
Green Cryptography: Cleaner Engineering through Recycling

"Green cryptography" is an implementation-centric design paradigm that advocates mature (that is, secure) and minimalist (that is, simple) implementations by recycling cryptographic primitives, components, and design strategies. To exemplify the merits ...

Comments

Information & Contributors

Information

Published In

EUROSEC '10: Proceedings of the Third European Workshop on System Security

April 2010

51 pages

ISBN:9781450300599

DOI:10.1145/1752046

Program Chairs:
Manuel Costa
Microsoft Research
,
Engin Kirda
Eurecom Institute

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 April 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

EuroSys '10

Sponsor:

SIGOPS

EuroSys '10: Fifth EuroSys Conference 2010

April 13, 2010

Paris, France

Acceptance Rates

Overall Acceptance Rate 47 of 113 submissions, 42%

Upcoming Conference

EuroSys '25

Sponsor:
sigops

Twentieth European Conference on Computer Systems

March 30 - April 3, 2025

Rotterdam , Netherlands

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

42
Total Citations
View Citations
396
Total Downloads

Downloads (Last 12 months)9
Downloads (Last 6 weeks)1

Reflects downloads up to 11 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Yüksel İTuğrul YBostancı FOliveira GYağlıkçı AOlgun ASoysal MLuo HGómez-Luna JSadrosadati MMutlu O(2024)Simultaneous Many-Row Activation in Off-the-Shelf DRAM Chips: Experimental Characterization and Analysis2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58291.2024.00024(99-114)Online publication date: 24-Jun-2024
https://doi.org/10.1109/DSN58291.2024.00024
Sekar GJoseph MBalasubramanian R(2024)Fault-assisted side-channel analysis of HMAC-StreebogCryptologia10.1080/01611194.2024.2328548(1-17)Online publication date: 14-Apr-2024
https://doi.org/10.1080/01611194.2024.2328548
Zha CXu ZXing JYin H(2024)Loft: An Architecture for Lifetime Management of Privacy Data in Service CooperationUbiquitous Security10.1007/978-981-97-1274-8_17(255-273)Online publication date: 13-Mar-2024
https://doi.org/10.1007/978-981-97-1274-8_17
Fu YLin JFeng DWang WWang MWang W(2023)RegKey: A Register-based Implementation of ECC Signature Algorithms Against One-shot Memory DisclosureACM Transactions on Embedded Computing Systems10.1145/360480522:6(1-22)Online publication date: 9-Nov-2023
https://dl.acm.org/doi/10.1145/3604805
Alam SGuan LChen ZWang HXiao J(2023)CAUSEC: Cache-Based Secure Key Computation with (Mostly) Deprivileged Execution2023 IEEE 43rd International Conference on Distributed Computing Systems (ICDCS)10.1109/ICDCS57875.2023.00059(84-95)Online publication date: Jul-2023
https://doi.org/10.1109/ICDCS57875.2023.00059
Yoo TKivilinna JCho C(2023)AVX-Based Acceleration of ARIA Block Cipher AlgorithmIEEE Access10.1109/ACCESS.2023.329802611(77403-77415)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3298026
Bhade PSinha S(2021)Detection of Cache Side Channel Attacks Using Thread Level Monitoring of Hardware Performance Counters2021 IEEE 14th International Symposium on Embedded Multicore/Many-core Systems-on-Chip (MCSoC)10.1109/MCSoC51149.2021.00039(210-217)Online publication date: Dec-2021
https://doi.org/10.1109/MCSoC51149.2021.00039
Orosa LWang YSadrosadati MKim JPatel MPuddu ILuo HRazavi KGómez-Luna JHassan HMansouri-Ghiasi NGhose SMutlu OMartínez JDuato JJohn L(2021)CODICProceedings of the 48th Annual International Symposium on Computer Architecture10.1109/ISCA52012.2021.00045(484-497)Online publication date: 14-Jun-2021
https://dl.acm.org/doi/10.1109/ISCA52012.2021.00045
Santucci PIngrassia EPicierro GCesati M(2020)MemShield: GPU-Assisted Software Memory EncryptionApplied Cryptography and Network Security10.1007/978-3-030-57878-7_16(323-343)Online publication date: 29-Aug-2020
https://doi.org/10.1007/978-3-030-57878-7_16
Zhao SZhang QQin YFeng WFeng DCavallaro LKinder JWang XKatz J(2019)SecTEEProceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security10.1145/3319535.3363205(1723-1740)Online publication date: 6-Nov-2019
https://dl.acm.org/doi/10.1145/3319535.3363205
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Defending Against Malicious USB Firmware with GoodUSB

Isolating Operating System Components with Intel SGX

Green Cryptography: Cleaner Engineering through Recycling

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations