Fault attacks on encrypted general purpose compute platforms

Robert Buhren; Shay Gueron; Jan Nordholz; Jean Pierre Seifert; Julian Vetter

doi:10.1145/3029806:3029836

Fault attacks on encrypted general purpose compute platforms

Robert Buhren, Shay Gueron, Jan Nordholz, Jean Pierre Seifert, Julian Vetter

Department of Mathematics

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Adversaries with physical access to a target platform can perform cold boot or DMA attacks to extract sensitive data from the RAM. To prevent such attacks, hardware vendors announced respective processor extensions. AMD's extension SME will provide means to encrypt the RAM to protect security-relevant assets that reside there. The encryption will protect the user's content against passive eavesdropping. However, the level of protection it provides in scenarios that involve an adversary who cannot only read from RAM but also change content in RAM is less clear. This paper addresses the open research question whether encryption alone is a dependable protection mechanism in practice when considering an active adversary. To this end, we first build a software based memory encryption solution on a desktop system which mimics AMD's SME. Subsequently, we demonstrate a proof-of-concept fault attack on this system, by which we are able to extract the private RSA key of a GnuPG user. Our work suggests that transparent memory encryption is not enough to prevent active attacks.

Original language	English
Title of host publication	CODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy
Publisher	Association for Computing Machinery, Inc
Pages	197-204
Number of pages	8
ISBN (Electronic)	9781450345231
DOIs	https://doi.org/10.1145/3029806:3029836
State	Published - 22 Mar 2017
Event	7th ACM Conference on Data and Application Security and Privacy, CODASPY 2017 - Scottsdale, United States Duration: 22 Mar 2017 → 24 Mar 2017

Publication series

Name	CODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy

Conference

Conference	7th ACM Conference on Data and Application Security and Privacy, CODASPY 2017
Country/Territory	United States
City	Scottsdale
Period	22/03/17 → 24/03/17

Bibliographical note

Funding Information:
The second author is supported by the PQCRYPTO project, which is partially funded by the European Commission Horizon 2020 research Programme, grant #645622, by the Blavatnik Interdisciplinary Cyber Research Center (ICRC) at the Tel Aviv University, and by the Israel SCIENCE FOUNDATION (grant No. 1018/16). The fifth author is supported by the Helmholtz Research School on Security Technologies.

Publisher Copyright:
© 2017 ACM.

Keywords

Fault injection
Main memory encryption

ASJC Scopus subject areas

Computer Science Applications
Information Systems
Software

Access to Document

10.1145/3029806:3029836

Cite this

Buhren, R., Gueron, S., Nordholz, J., Seifert, J. P., & Vetter, J. (2017). Fault attacks on encrypted general purpose compute platforms. In CODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy (pp. 197-204). (CODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy). Association for Computing Machinery, Inc. https://doi.org/10.1145/3029806:3029836

Buhren, Robert ; Gueron, Shay ; Nordholz, Jan et al. / Fault attacks on encrypted general purpose compute platforms. CODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, Inc, 2017. pp. 197-204 (CODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy).

@inproceedings{0c3d4b06aa2647e099119005326ed4e6,

title = "Fault attacks on encrypted general purpose compute platforms",

abstract = "Adversaries with physical access to a target platform can perform cold boot or DMA attacks to extract sensitive data from the RAM. To prevent such attacks, hardware vendors announced respective processor extensions. AMD's extension SME will provide means to encrypt the RAM to protect security-relevant assets that reside there. The encryption will protect the user's content against passive eavesdropping. However, the level of protection it provides in scenarios that involve an adversary who cannot only read from RAM but also change content in RAM is less clear. This paper addresses the open research question whether encryption alone is a dependable protection mechanism in practice when considering an active adversary. To this end, we first build a software based memory encryption solution on a desktop system which mimics AMD's SME. Subsequently, we demonstrate a proof-of-concept fault attack on this system, by which we are able to extract the private RSA key of a GnuPG user. Our work suggests that transparent memory encryption is not enough to prevent active attacks.",

keywords = "Fault injection, Main memory encryption",

author = "Robert Buhren and Shay Gueron and Jan Nordholz and Seifert, {Jean Pierre} and Julian Vetter",

note = "Funding Information: The second author is supported by the PQCRYPTO project, which is partially funded by the European Commission Horizon 2020 research Programme, grant #645622, by the Blavatnik Interdisciplinary Cyber Research Center (ICRC) at the Tel Aviv University, and by the Israel SCIENCE FOUNDATION (grant No. 1018/16). The fifth author is supported by the Helmholtz Research School on Security Technologies. Publisher Copyright: {\textcopyright} 2017 ACM.; 7th ACM Conference on Data and Application Security and Privacy, CODASPY 2017 ; Conference date: 22-03-2017 Through 24-03-2017",

year = "2017",

month = mar,

day = "22",

doi = "10.1145/3029806:3029836",

language = "English",

series = "CODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy",

publisher = "Association for Computing Machinery, Inc",

pages = "197--204",

booktitle = "CODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy",

}

Buhren, R, Gueron, S, Nordholz, J, Seifert, JP & Vetter, J 2017, Fault attacks on encrypted general purpose compute platforms. in CODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy. CODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy, Association for Computing Machinery, Inc, pp. 197-204, 7th ACM Conference on Data and Application Security and Privacy, CODASPY 2017, Scottsdale, United States, 22/03/17. https://doi.org/10.1145/3029806:3029836

Fault attacks on encrypted general purpose compute platforms. / Buhren, Robert; Gueron, Shay; Nordholz, Jan et al.

CODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, Inc, 2017. p. 197-204 (CODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Fault attacks on encrypted general purpose compute platforms

AU - Buhren, Robert

AU - Gueron, Shay

AU - Nordholz, Jan

AU - Seifert, Jean Pierre

AU - Vetter, Julian

N1 - Funding Information: The second author is supported by the PQCRYPTO project, which is partially funded by the European Commission Horizon 2020 research Programme, grant #645622, by the Blavatnik Interdisciplinary Cyber Research Center (ICRC) at the Tel Aviv University, and by the Israel SCIENCE FOUNDATION (grant No. 1018/16). The fifth author is supported by the Helmholtz Research School on Security Technologies. Publisher Copyright: © 2017 ACM.

PY - 2017/3/22

Y1 - 2017/3/22

N2 - Adversaries with physical access to a target platform can perform cold boot or DMA attacks to extract sensitive data from the RAM. To prevent such attacks, hardware vendors announced respective processor extensions. AMD's extension SME will provide means to encrypt the RAM to protect security-relevant assets that reside there. The encryption will protect the user's content against passive eavesdropping. However, the level of protection it provides in scenarios that involve an adversary who cannot only read from RAM but also change content in RAM is less clear. This paper addresses the open research question whether encryption alone is a dependable protection mechanism in practice when considering an active adversary. To this end, we first build a software based memory encryption solution on a desktop system which mimics AMD's SME. Subsequently, we demonstrate a proof-of-concept fault attack on this system, by which we are able to extract the private RSA key of a GnuPG user. Our work suggests that transparent memory encryption is not enough to prevent active attacks.

AB - Adversaries with physical access to a target platform can perform cold boot or DMA attacks to extract sensitive data from the RAM. To prevent such attacks, hardware vendors announced respective processor extensions. AMD's extension SME will provide means to encrypt the RAM to protect security-relevant assets that reside there. The encryption will protect the user's content against passive eavesdropping. However, the level of protection it provides in scenarios that involve an adversary who cannot only read from RAM but also change content in RAM is less clear. This paper addresses the open research question whether encryption alone is a dependable protection mechanism in practice when considering an active adversary. To this end, we first build a software based memory encryption solution on a desktop system which mimics AMD's SME. Subsequently, we demonstrate a proof-of-concept fault attack on this system, by which we are able to extract the private RSA key of a GnuPG user. Our work suggests that transparent memory encryption is not enough to prevent active attacks.

KW - Fault injection

KW - Main memory encryption

UR - http://www.scopus.com/inward/record.url?scp=85018469200&partnerID=8YFLogxK

U2 - 10.1145/3029806:3029836

DO - 10.1145/3029806:3029836

M3 - Conference contribution

AN - SCOPUS:85018469200

T3 - CODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy

SP - 197

EP - 204

BT - CODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy

PB - Association for Computing Machinery, Inc

T2 - 7th ACM Conference on Data and Application Security and Privacy, CODASPY 2017

Y2 - 22 March 2017 through 24 March 2017

ER -

Buhren R, Gueron S, Nordholz J, Seifert JP, Vetter J. Fault attacks on encrypted general purpose compute platforms. In CODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, Inc. 2017. p. 197-204. (CODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy). doi: 10.1145/3029806:3029836

Fault attacks on encrypted general purpose compute platforms

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this