TreVisor -- OS-Independent Software-Based Full Disk Encryption Secure Against Main Memory Attacks

Müller T, Taubmann B, Freiling F (2012)


Publication Language: English

Publication Type: Conference contribution, Original article

Publication year: 2012

Journal

Publisher: Springer-verlag

Edited Volumes: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Pages Range: 66-83

Conference Proceedings Title: International Conference on Applied Cryptography and Network Security

Event location: Singapur

URI: http://www1.cs.fau.de/trevisor

DOI: 10.1007/978-3-642-31284-7_5

Abstract

Software-based disk encryption techniques store necessary keys in main memory and are therefore vulnerable to DMA and cold boot attacks which can acquire keys from RAM. Recent research results have shown operating system dependent ways to overcome these attacks. For example, the TRESOR project patches Linux to store AES keys solely on the microprocessor. We present TreVisor, the first software-based and OS-independent solution for full disk encryption that is resistant to main memory attacks. It builds upon BitVisor, a thin virtual machine monitor which implements various security features. Roughly speaking, TreVisor adds the encryption facilities of TRESOR to BitVisor, i. e., we move TRESOR one layer below the operating system into the hypervisor such that secure disk encryption runs transparently for the guest OS. We have tested its compatibility with both Linux and Windows and show positive security and performance results. © 2012 Springer-Verlag.

Authors with CRIS profile

Involved external institutions

How to cite

APA:

Müller, T., Taubmann, B., & Freiling, F. (2012). TreVisor -- OS-Independent Software-Based Full Disk Encryption Secure Against Main Memory Attacks. In International Conference on Applied Cryptography and Network Security (pp. 66-83). Singapur: Springer-verlag.

MLA:

Müller, Tilo, Benjamin Taubmann, and Felix Freiling. "TreVisor -- OS-Independent Software-Based Full Disk Encryption Secure Against Main Memory Attacks." Proceedings of the ACNS 2012, Singapur Springer-verlag, 2012. 66-83.

BibTeX: Download