Freeze & Crypt: Linux Kernel Support for Main Memory Encryption

Manuel Huber, Julian Horsch, Junaid Ali, Sascha Wessel

Abstract

We present Freeze & Crypt, a framework for RAM encryption. Our goal is to protect the sensitive data the processes keep in RAM against memory attacks, such as coldboot, DMA, or JTAG attacks. This goal is of special significance when it comes to protect unattended or stolen devices, such as smartphones, tablets and laptops, against physical attackers. Freeze & Crypt makes use of the kernel’s freezer, which allows freezing a group of processes by holding them firm in the so-called refrigerator. Inside, frozen processes inescapably rest at a point in kernel space where they cannot access their memory from user space. We extend the freezer to make arbitrary process groups transparently and dynamically encrypt their full memory space with a key only present during en- and decryption. When thawing a process group, each process decrypts its memory space, leaves the refrigerator and resumes normal execution. We develop a prototype and deploy it onto productively used mobile devices running Android containers. With this application scenario, we show how our mechanism protects the sensitive data in RAM against physical attackers when a container or device is not in active use.

Download


Paper Citation


in Harvard Style

Huber M., Horsch J., Ali J. and Wessel S. (2017). Freeze & Crypt: Linux Kernel Support for Main Memory Encryption . In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017) ISBN 978-989-758-259-2, pages 17-30. DOI: 10.5220/0006378400170030


in Bibtex Style

@conference{secrypt17,
author={Manuel Huber and Julian Horsch and Junaid Ali and Sascha Wessel},
title={Freeze & Crypt: Linux Kernel Support for Main Memory Encryption},
booktitle={Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017)},
year={2017},
pages={17-30},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006378400170030},
isbn={978-989-758-259-2},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017)
TI - Freeze & Crypt: Linux Kernel Support for Main Memory Encryption
SN - 978-989-758-259-2
AU - Huber M.
AU - Horsch J.
AU - Ali J.
AU - Wessel S.
PY - 2017
SP - 17
EP - 30
DO - 10.5220/0006378400170030