loading
Documents

Research.Publish.Connect.

Paper

Authors: Manuel Huber ; Julian Horsch ; Junaid Ali and Sascha Wessel

Affiliation: Fraunhofer AISEC, Germany

ISBN: 978-989-758-259-2

Keyword(s): Memory Encryption, Mobile Device Security, Data Confidentiality, Operating Systems Security

Related Ontology Subjects/Areas/Topics: Data and Application Security and Privacy ; Data Protection ; Information and Systems Security ; Information Assurance ; Information Hiding ; Privacy Enhancing Technologies ; Security and Privacy in Mobile Systems

Abstract: We present Freeze & Crypt, a framework for RAM encryption. Our goal is to protect the sensitive data the processes keep in RAM against memory attacks, such as coldboot, DMA, or JTAG attacks. This goal is of special significance when it comes to protect unattended or stolen devices, such as smartphones, tablets and laptops, against physical attackers. Freeze & Crypt makes use of the kernel’s freezer, which allows freezing a group of processes by holding them firm in the so-called refrigerator. Inside, frozen processes inescapably rest at a point in kernel space where they cannot access their memory from user space. We extend the freezer to make arbitrary process groups transparently and dynamically encrypt their full memory space with a key only present during en- and decryption. When thawing a process group, each process decrypts its memory space, leaves the refrigerator and resumes normal execution. We develop a prototype and deploy it onto productively used mobile devices r unning Android containers. With this application scenario, we show how our mechanism protects the sensitive data in RAM against physical attackers when a container or device is not in active use. (More)

PDF ImageFull Text

Download
Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 54.224.83.221

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Huber M., Horsch J., Ali J. and Wessel S. (2017). Freeze & Crypt: Linux Kernel Support for Main Memory Encryption.In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017) ISBN 978-989-758-259-2, pages 17-30. DOI: 10.5220/0006378400170030

@conference{secrypt17,
author={Manuel Huber and Julian Horsch and Junaid Ali and Sascha Wessel},
title={Freeze & Crypt: Linux Kernel Support for Main Memory Encryption},
booktitle={Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017)},
year={2017},
pages={17-30},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006378400170030},
isbn={978-989-758-259-2},
}

TY - CONF

JO - Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017)
TI - Freeze & Crypt: Linux Kernel Support for Main Memory Encryption
SN - 978-989-758-259-2
AU - Huber M.
AU - Horsch J.
AU - Ali J.
AU - Wessel S.
PY - 2017
SP - 17
EP - 30
DO - 10.5220/0006378400170030

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.