AESSE: A Cold-boot Resistant Implementation of AES

Beitrag bei einer Tagung
(Originalarbeit)


Details zur Publikation

Autorinnen und Autoren: Müller T, Dewald A, Freiling F
Titel Sammelwerk: Proceedings of the 3rd European Workshop on System Security, EUROSEC'10
Jahr der Veröffentlichung: 2010
Tagungsband: Proceedings of the Third European Workshop on System Security
Seitenbereich: 42-47


Abstract

Cold boot attacks exploit the fact that memory contents fade with time and that most of them can be retrieved after a short power-down (reboot). These attacks aim at retrieving encryption keys from memory to thwart disk drive encryption. We present a method to implement disk drive encryption that is resistant to cold boot attacks. More specifically, we implemented AES and integrated it into the Linux kernel in such a way that neither the secret key nor any parts of it leave the processor. To achieve this, we used the SSE (streaming SIMD extensions) available in modern Intel processors in a non-standard way. We show that the performance penalty is acceptable and present a brief security analysis of the system. Copyright 2010 ACM.


FAU-Autorinnen und Autoren / FAU-Herausgeberinnen und Herausgeber

Dewald, Andreas Dr.-Ing.
Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen)
Freiling, Felix Prof. Dr.-Ing.
Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen)
Müller, Tilo Dr.-Ing.
Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen)


Zitierweisen

APA:
Müller, T., Dewald, A., & Freiling, F. (2010). AESSE: A Cold-boot Resistant Implementation of AES. In Proceedings of the Third European Workshop on System Security (pp. 42-47). Paris.

MLA:
Müller, Tilo, Andreas Dewald, and Felix Freiling. "AESSE: A Cold-boot Resistant Implementation of AES." Proceedings of the EUROSEC 2010, Paris 2010. 42-47.

BibTeX: 

Zuletzt aktualisiert 2019-15-05 um 19:53