Abstract
Cryptographic algorithm implementations are vulnerable to Cold Boot attacks, which consist in exploiting the persistence of RAM cells across reboots or power down cycles to read the memory contents and recover precious sensitive data. The principal defensive weapon against Cold Boot attacks is memory encryption. In this work we propose MemShield, a memory encryption framework for user space applications that exploits a GPU to safely store the master key and perform the encryption/decryption operations. We developed a prototype that is completely transparent to existing applications and does not require changes to the OS kernel. We discuss the design, the related works, the implementation, the security analysis, and the performances of MemShield.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Arcangeli, A.: aa.git repository. https://git.kernel.org/pub/scm/linux/kernel/git/andrea/aa.git/. Accessed 17 Sept 2019
Bauer, J., Gruhn, M., Freiling, F.C.: Lest we forget: cold-boot attacks on scrambled DDR3 memory. Digit. Invest. 16, S65–S74 (2016)
Bernstein, D.J.: ChaCha, a variant of Salsa20. In: Workshop Record of SASC, vol. 8, pp. 3–5 (2008)
Blass, E.O., Robertson, W.: TRESOR-HUNT: attacking CPU-bound encryption. In: Proceedings of the 28th Annual Computer Security Applications Conference, ACSAC 2012, pp. 71–78. ACM, New York (2012)
Carbone, R., Bean, C., Salois, M.: An in-depth analysis of the Cold Boot attack: can it be used for sound forensic memory acquisition? Technical report DRDC Valcartier TM 2010–296, Defence R&D Canada - Valcartier, January 2011
Cesati, M., Mancuso, R., Betti, E., Caccamo, M.: A memory access detection methodology for accurate workload characterization. In: 2015 IEEE 21st International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA), pp. 141–148, August 2015
Chen, X., Dick, R.P., Choudhary, A.: Operating system controlled processor-memory bus encryption. In: 2008 Design, Automation and Test in Europe, pp. 1154–1159, March 2008
Chen, Y., Khandaker, M., Wang, Z.: Secure in-cache execution. In: Dacier, M., Bailey, M., Polychronakis, M., Antonakakis, M. (eds.) RAID 2017. LNCS, vol. 10453, pp. 381–402. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66332-6_17
Choudhuri, A.R., Maitra, S.: Differential cryptanalysis of Salsa and ChaCha–an evaluation with a hybrid model. IACR Cryptology ePrint Archive 2016, 377 (2016)
Kaplan, D., Powell, J., Woller, T.: AMD memory encryption whitepaper (2016)
Dey, S., Sarkar, S.: Improved analysis for reduced round Salsa and Chacha. Discret. Appl. Math. 227, 58–69 (2017)
Di Pietro, R., Lombardi, F., Villani, A.: CUDA leaks: a detailed hack for CUDA and a (partial) fix. ACM Trans. Embed. Comput. Syst. 15(1), 15:1–15:25 (2016)
Durumeric, Z., et al.: The matter of Heartbleed. In: Proceedings of the 2014 Conference on Internet Measurement Conference, IMC 2014, pp. 475–488. ACM, New York (2014)
Edelson, D.: Fault interpretation: fine-grain monitoring of page accesses. Technical report, University of California at Santa Cruz (1992)
Emelyanov, P.: CRIU: Checkpoint/restore in userspace, July 2011. https://criu.org
Götzfried, J., Dörr, N., Palutke, R., Müller, T.: HyperCrypt: hypervisor-based encryption of kernel and user space. In: 2016 11th International Conference on Availability, Reliability and Security (ARES), pp. 79–87, August 2016
Götzfried, J., Müller, T., Drescher, G., Nürnberger, S., Backes, M.: RamCrypt: kernel-based address space encryption for user-mode processes. In: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, ASIA CCS 2016, pp. 919–924. ACM, New York (2016)
Gruhn, M.: Forensically sound data acquisition in the age of anti-forensic innocence, Ph.D. thesis, Der Technischen Fakultät der Friedrich-Alexander-Universität Erlangen-Nürnberg, November 2016
Guan, L., et al.: Protecting mobile devices from physical memory attacks with targeted encryption. In: Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2019, pp. 34–44. ACM (2019)
Götzfried, J., Müller, T.: ARMORED: CPU-bound encryption for Android-driven ARM devices. In: 2013 International Conference on Availability, Reliability and Security, pp. 161–168, September 2013
Halderman, J.A., et al.: Lest we remember: cold-boot attacks on encryption keys. Commun. ACM 52(5), 91–98 (2009)
Henson, M., Taylor, S.: Beyond full disk encryption: protection on security-enhanced commodity processors. In: Jacobson, M., Locasto, M., Mohassel, P., Safavi-Naini, R. (eds.) ACNS 2013. LNCS, vol. 7954, pp. 307–321. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38980-1_19
Henson, M., Taylor, S.: Memory encryption: a survey of existing techniques. ACM Comput. Surv. 46(4), 53:1–53:26 (2014)
Horsch, J., Huber, M., Wessel, S.: TransCrypt: transparent main memory encryption using a minimal ARM hypervisor. In: 2017 IEEE Trustcom/BigDataSE/ICESS, pp. 152–161, August 2017
Huber, M., Horsch, J., Ali, J., Wessel, S.: Freeze and Crypt: Linux kernel support for main memory encryption. Comput. Secur. 86, 420–436 (2019)
Huber, M., Horsch, J., Wessel, S.: Protecting suspended devices from memory attacks. In: Proceedings of the 10th European Workshop on Systems Security, EuroSec 2017, pp. 10:1–10:6. ACM, New York (2017)
Intel®: Memory encryption technologies specification. Technical report, Intel Corp., April 2019
Intel®: Software Guard Extensions. Accessed 9 Sept 2019
Jang, I., Tang, A., Kim, T., Sethumadhavan, S., Huh, J.: Heterogeneous isolated execution for commodity GPUs. In: Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2019, pp. 455–468. ACM (2019)
King, C.: Stress-NG test suite (2011). https://kernel.ubuntu.com/~cking/stress-ng
Lin, J., Guan, L., Ma, Z., Luo, B., Xia, L., Jing, J.: Copker: a cryptographic engine against cold-boot attacks. IEEE Trans. Dependable Secure Comput. 15, 742–754 (2016)
Maitra, S.: Chosen IV cryptanalysis on reduced round ChaCha and Salsa. Discret. Appl. Math. 208, 88–97 (2016)
Ml̈ler, T., Dewald, A., Freiling, F.: AESSE: a cold-boot resistant implementation of AES. In: Proceedings of the Third European Workshop on System Security, EUROSEC 2010, pp. 42–47 (2010)
Mofrad, S., Zhang, F., Lu, S., Shi, W.: A comparison study of Intel SGX and AMD memory encryption technology. In: Proceedings of the 7th International Workshop on Hardware and Architectural Support for Security and Privacy, HASP 2018, pp. 9:1–9:8. ACM, New York (2018)
Müller, T.: Cold-Boot resistant implementation of AES in the Linux kernel. Master thesis, RWTH Aachen University, May 2010
Ml̈ler, T., Freiling, F.C., Dewald, A.: TRESOR runs encryption securely outside RAM. In: USENIX Security Symposium, vol. 17 (2011)
Nickolls, J., Buck, I., Garland, M., Skadron, K.: Scalable parallel programming with CUDA. Queue 6(2), 40–53 (2008)
NVIDIA®: CUDA toolkit. https://developer.nvidia.com/cuda-toolkit
Papadopoulos, P., Vasiliadis, G., Christou, G., Markatos, E., Ioannidis, S.: No sugar but all the taste! Memory encryption without architectural support. In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017. LNCS, vol. 10493, pp. 362–380. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66399-9_20
Peterson, P.A.H.: CryptKeeper: improving security with encrypted RAM. In: 2010 IEEE International Conference on Technologies for Homeland Security (HST), pp. 120–126, November 2010
Rybczyńska, M.: A proposed API for full-memory encryption, January 2019. https://lwn.net/Articles/776688
Simmons, P.: Security through Amnesia: a software-based solution to the Cold Boot attack on disk encryption. Computing Research Repository - CORR, April 2011
Stoyanov, R., Kollingbaum, M.J.: Efficient live migration of Linux containers. In: Yokota, R., Weiland, M., Shalf, J., Alam, S. (eds.) ISC High Performance 2018. LNCS, vol. 11203, pp. 184–193. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-02465-9_13
Suetake, M., Kizu, H., Kourai, K.: Split migration of large memory virtual machines. In: Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016, pp. 4:1–4:8. ACM, New York (2016)
TCG platform reset attack mitigation specification. Technical report, Trusted Computing Group (2008). https://www.trustedcomputinggroup.org/wp-content/uploads/Platform-Reset-Attack-Mitigation-Specification.pdf
Tews, E.: Frozencache-mitigating cold-boot attacks for full-disk-encryption software. In: 27th Chaos Communication Congress, December 2010
Userfaultfd. Man page on kernel.org. https://www.kernel.org/doc/Documentation/vm/userfaultfd.txt. Accessed 30 Aug 2019
Vasiliadis, G., Athanasopoulos, E., Polychronakis, M., Ioannidis, S.: Pixelvault: using GPUs for securing cryptographic operations. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 1131–1142. ACM (2014)
Volos, S., Vaswani, K., Bruno, R.: Graviton: trusted execution environments on GPUs. In: 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2018), pp. 681–696. USENIX Association, Carlsbad, October 2018
Vömel, S., Freiling, F.C.: A survey of main memory acquisition and analysis techniques for the Windows operating system. Digit. Invest. 8, 3–22 (2011)
Vömel, S., Freiling, F.C.: Correctness, atomicity, and integrity: defining criteria for forensically-sound memory acquisition. Digit. Invest. 9, 125–137 (2012)
Wang, Z., Zheng, F., Lin, J., Dong, J.: Utilizing GPU virtualization to protect the private keys of GPU cryptographic computation. In: Naccache, D., et al. (eds.) ICICS 2018. LNCS, vol. 11149, pp. 142–157. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01950-1_9
Würstlein, A., Gernoth, M., Götzfried, J., Müller, T.: Exzess: hardware-based RAM encryption against physical memory disclosure. In: Hannig, F., Cardoso, J.M.P., Pionteck, T., Fey, D., Schröder-Preikschat, W., Teich, J. (eds.) ARCS 2016. LNCS, vol. 9637, pp. 60–71. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-30695-7_5
Yitbarek, S.F., Aga, M.T., Das, R., Austin, T.: Cold Boot attacks are still hot: security analysis of memory scramblers in modern processors. In: 2017 IEEE International Symposium on High Performance Computer Architecture (HPCA), pp. 313–324, February 2017
Zhang, M., Zhang, Q., Zhao, S., Shi, Z., Guan, Y.: Softme: a software-based memory protection approach for tee system to resist physical attacks. Secur. Commun. Netw. 2019, 1–12 (2019)
Zhu, Z., Kim, S., Rozhanski, Y., Hu, Y., Witchel, E., Silberstein, M.: Understanding the security of discrete GPUs. In: Proceedings of the General Purpose GPUs, GPGPU 2010, pp. 1–11. ACM, New York (2017)
Acknowledgments
We gratefully thank Emiliano Betti for his valuable suggestions, support, and encouragements. The material presented in this paper is based upon work partially supported by Epigenesys s.r.l.. Any opinions, findings, and conclusions or recommendations expressed in this publication are those of the authors and do not necessarily reflect the view of Epigenesys s.r.l..
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Santucci, P., Ingrassia, E., Picierro, G., Cesati, M. (2020). MemShield: GPU-Assisted Software Memory Encryption. In: Conti, M., Zhou, J., Casalicchio, E., Spognardi, A. (eds) Applied Cryptography and Network Security. ACNS 2020. Lecture Notes in Computer Science(), vol 12147. Springer, Cham. https://doi.org/10.1007/978-3-030-57878-7_16
Download citation
DOI: https://doi.org/10.1007/978-3-030-57878-7_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-57877-0
Online ISBN: 978-3-030-57878-7
eBook Packages: Computer ScienceComputer Science (R0)