Abstract
An attacker who has physical access to a computing platform, and the means to read and modify the memory contents, can be a serious security threat. The ability to passively read memory compromises secrets that reside thereon, and the ability to actively modify memory can be used for circumventing the platform's policy/security mechanisms. Blocking arbitrary memory access mitigates such risks, but this is not always enforceable or desirable. Memory integrity mechanisms detect active tampering, and memory encryption protects data confidentiality. As a byproduct, encryption also diminishes the precision of active attacks, because it limits the attacker to only Blinded Random Block Corruption (BRBC) attacks. He can modify some unknown value (ciphertext) on the memory in an attempt to leverage the consequences that would occur when the CPU ends up using a randomly corrupted block of (decrypted) data. It is therefore tempting to hope that encryption-only is a practical defense against an active attacker, although it provides no theoretical promise for integrity. This paper argues that an attacker with arbitrary memory capabilities can succeed with BRBC attacks if the memory does not have integrity protection. Under such assumptions, we demonstrate a BRBC attack that gains administrator privileges on a locked system. This articulates the value of protecting memory integrity in cases that the system cannot deny arbitrary memory access from the potential attacker.
Original language | English |
---|---|
Title of host publication | Proceedings of the 2016 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2016 |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Pages | 85-90 |
Number of pages | 6 |
ISBN (Electronic) | 9781467388252 |
DOIs | |
State | Published - 20 Jun 2016 |
Event | 2016 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2016 - McLean, United States Duration: 3 May 2016 → 5 May 2016 |
Publication series
Name | Proceedings of the 2016 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2016 |
---|
Conference
Conference | 2016 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2016 |
---|---|
Country/Territory | United States |
City | McLean |
Period | 3/05/16 → 5/05/16 |
Bibliographical note
Publisher Copyright:© 2016 IEEE.
Keywords
- Software and hardware security
- memory encryption
- physical access attacks
ASJC Scopus subject areas
- Computer Networks and Communications
- Hardware and Architecture
- Safety, Risk, Reliability and Quality