Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
Memory protection challenges: Attacks on memory encryption
Cyber Security: A Peer-Reviewed Journal,
1
(3),
199-206
(2017)
Abstract
This paper explains some of the challenges involved in protecting the system memory of a computing platform against adversaries who can read and modify its contents. To clarify the limitations and effectiveness of different defence mechanisms, we lay out a threat model, coupled with a set of assumptions on the adversarial capabilities, for a variety of scenarios. Finally, we explain the mechanics of some attacks on encrypted memory, to illustrate why relying on encryption alone is risky in reality. The paper is addressed to individuals and organisations with a need to consider physical attacks as part of their threat scope and to companies considering solutions to isolate system administrators from customer data in virtualised environments.
Keywords: memory encryption; data-only exploits; hardware attacks; TOCTOU race condition
The full article is available to subscribers to the journal.
Author's Biography
Rodrigo Rubira Branco is a senior principal security researcher at Intel Corporation in the Security Center of Excellence, where he leads the Client Core and BIOS Teams. He is the founder of the Dissect || PE Malware Analysis Project and held positions as Director of Vulnerability and Malware Research at Qualys and as Chief Security Research at Check Point, where he has founded the Vulnerability Discovery Team (VDT) and released dozens of vulnerabilities in many important software. In 2011, he was honoured as one of the top vulnerability contributors of Adobe. He is also one of the organisers of Hackers to Hackers Conference (H2HC), the oldest ongoing security research conference in Latin America. Rodrigo has been invited and accepted to speak in relevant security research events across the world such as Black Hat (USA), Hack in the Box (Malaysia and UAE), XCon (China), OLS (Canada), Defcon (USA), Hackito (France), Zero Nights (Russia), Troopers (Germany) and many others. He has published several papers in the fields of exploit writing, reverse engineering, malware analysis and rootkit development and is part of the invited review committee for a variety of security research conferences, such as Black Hat (USA), PHDays (Russia), Hackito (France), NoSuchCon (France), Opcde (UAE), CCNC (USA), Andsec (Argentina) and others.
Shay Gueron is an associate professor of mathematics at the University of Haifa, Israel. He is currently a senior principal engineer at Amazon Web Services. Previously, as an Intel senior principal engineer, he served as Intel’s senior cryptographer. His interests include cryptography, security and algorithms. He is responsible for some of Intel processors’ instructions such as AES-NI, PCLMULQDQ and coming VPMADD52, and for various micro-architectural features that speed up cryptographic algorithms. He contributed software to open source libraries (OpenSSL, NSS), with significant performance gains for symmetric encryption, public key algorithms and hashing. He was one of the Intel Software Guard Extensions (SGX) technology architects, in charge of its cryptographic definition and implementation, and the inventor of the Memory Encryption Engine.
