Fault attacks on encrypted general purpose compute platforms

Robert Buhren, Shay Gueron, Jan Nordholz, Jean Pierre Seifert, Julian Vetter

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Adversaries with physical access to a target platform can perform cold boot or DMA attacks to extract sensitive data from the RAM. To prevent such attacks, hardware vendors announced respective processor extensions. AMD's extension SME will provide means to encrypt the RAM to protect security-relevant assets that reside there. The encryption will protect the user's content against passive eavesdropping. However, the level of protection it provides in scenarios that involve an adversary who cannot only read from RAM but also change content in RAM is less clear. This paper addresses the open research question whether encryption alone is a dependable protection mechanism in practice when considering an active adversary. To this end, we first build a software based memory encryption solution on a desktop system which mimics AMD's SME. Subsequently, we demonstrate a proof-of-concept fault attack on this system, by which we are able to extract the private RSA key of a GnuPG user. Our work suggests that transparent memory encryption is not enough to prevent active attacks.

Original languageEnglish
Title of host publicationCODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy
PublisherAssociation for Computing Machinery, Inc
Pages197-204
Number of pages8
ISBN (Electronic)9781450345231
DOIs
StatePublished - 22 Mar 2017
Event7th ACM Conference on Data and Application Security and Privacy, CODASPY 2017 - Scottsdale, United States
Duration: 22 Mar 201724 Mar 2017

Publication series

NameCODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy

Conference

Conference7th ACM Conference on Data and Application Security and Privacy, CODASPY 2017
Country/TerritoryUnited States
CityScottsdale
Period22/03/1724/03/17

Bibliographical note

Publisher Copyright:
© 2017 ACM.

Keywords

  • Fault injection
  • Main memory encryption

ASJC Scopus subject areas

  • Computer Science Applications
  • Information Systems
  • Software

Fingerprint

Dive into the research topics of 'Fault attacks on encrypted general purpose compute platforms'. Together they form a unique fingerprint.

Cite this