Copker: A Cryptographic Engine Against Cold-Boot Attacks

Guan, Le; Lin, Jingqiang; Ma, Zhanshan; Luo, Bo; Xia, Luning; Jing, Jiwu

doi:10.1109/tdsc.2016.2631548

Cited by 14 publications

(7 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It provided a secure and isolated execution environment between guest TEEs. For physical attacks, Guan et al proposed Copker [23], an encryption engine implemented inside the CPU, and they proved that it provides a secure service against cold boot attacks. In [24], the authors proposed Loop-Amnesia, a disk encryption technology that eliminated cold boot attacks.…”

Section: Software Enhancementsmentioning

confidence: 99%

SoftME: A Software-Based Memory Protection Approach for TEE System to Resist Physical Attacks

Zhang

Zhao

et al. 2019

Security and Communication Networks

View full text Add to dashboard Cite

The development of the Internet of Things has made embedded devices widely used. Embedded devices are often used to process sensitive data, making them the target of attackers. ARM TrustZone technology is used to protect embedded device data from compromised operating systems and applications. But as the value of the data stored in embedded devices increases, more and more effective physical attacks have emerged. However, TrustZone cannot resist physical attacks. We propose SoftME, an approach that utilizes the on-chip memory space to provide a trusted execution environment for sensitive applications. We protect the confidentiality and integrity of the data stored on the off-chip memory. In addition, we design task scheduling in the encryption process. We implement a prototype system of our approach on the development board supporting TrustZone and evaluate the overhead of our approach. The experimental results show that our approach improves the security of the system, and there is no significant increase in system overhead.

show abstract

Section: Software Enhancementsmentioning

confidence: 99%

SoftME: A Software-Based Memory Protection Approach for TEE System to Resist Physical Attacks

Zhang

Zhao

et al. 2019

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…Let us illustrate it with the example discussed in Introduction section. Say, the input is the DOI 10.1109/TDSC.2016.2631548 identifying the paper titled "Copker: a cryptographic engine against cold-boot attacks" (Guan et al 2018). The output is a ranked list showing the surrogates and the links where the OA copies are available:…”

Section: Input and Outputmentioning

confidence: 99%

“…Example 1 (Conference paper as a proxy for a journal paper) The paper titled "Copker -Computing with Private Keys without RAM" published in the Proceedings of Network and Distributed System Security Symposium (NDSS), 2014 (Guan et al 2014) is freely available on the web. 13 The authors later extended it into a paper titled "Copker -A Cryptographic Engine Against Cold-Boot Attacks" published in IEEE Transactions on Dependable and Secure Computing in 2018 (Guan et al 2018). The journal version currently does not have a free copy on the web.…”

Section: Introductionmentioning

confidence: 99%

Enhancing access to scholarly publications with surrogate resources

et al. 2019

View full text Add to dashboard Cite

Digital libraries containing scholarly publications are common today. They are an invaluable source of information to students, researchers, and practitioners. However, many digital libraries expose only the article metadata like title, author names, publication date, and the abstract for free; access to full-text requires access toll. Given that journal subscription charges are sometimes prohibitive, many important publications remain beyond the access of researchers, especially in developing countries. While open access publication solves this issue, the hard reality is that many research papers are not currently available for free reading or download. In this paper, we present a novel approach to alleviate this problem. We present a technique to retrieve open access surrogates of a scholarly article when the latter is unavailable freely in a digital library. Surrogates are articles semantically close to the original articles, written by the same author(s) and give valuable insights into the paper being searched for; they address the same or a very similar problem using the same or very similar techniques. Our focus on approximate matches of scholarly articles distinguishes our application from many academic search engines. We run it on a large corpus of computer science papers and compare the results with human judgment. Experimental results show that our tool can indeed identify relevant OA surrogates of access-restricted papers.

show abstract

“…Additional recent work related to bootloader attacks include the works of Guan et al 11 and Redini et al, 12 whereas attacks on FDE systems are discussed in other works. [13][14][15] Both bootloader and FDE attacks in the context of IoT security are considered in the work of Johnston et al 16 Redini et al 12 have developed a taint analysis system, BootStomp, which is designed to find potential security flaws in bootloaders.…”

Section: Bootloader Attacks and Prior Workmentioning

confidence: 99%

“…Guan et al present a cryptographic engine, Copker, which they have developed. Copker performs cryptographic operations within the CPU so that no “plaintext‐sensitive” data is stored in RAM.…”

Section: Introductionmentioning

confidence: 99%

BootBandit: A macOS bootloader attack

Boursalian

Stamp

2019

Engineering Reports

View full text Add to dashboard Cite

Historically, the boot phase on personal computers left systems in a relatively vulnerable state. Because traditional antivirus software runs within the operating system, the boot environment is difficult to protect from malware. Examples of attacks against bootloaders include so‐called “evil maid” attacks, in which an intruder physically obtains a boot disk to install malicious software for obtaining the password used to encrypt a disk. The password then must be stored and retrieved again through physical access. In this paper, we discuss an attack that borrows concepts from the evil maid. We assume exploitation can be used to infect a bootloader on a system running macOS remotely to install code to steal the user's password. We explore the ability to create a communication channel between the bootloader and the operating system to remotely steal the password for a disk protected by FileVault 2. On a macOS system, this attack has additional implications due to “password forwarding” technology, in which a user's account password also serves as the FileVault password, enabling an additional attack surface through privilege escalation.

show abstract

Copker: A Cryptographic Engine Against Cold-Boot Attacks

Cited by 14 publications

References 24 publications

SoftME: A Software-Based Memory Protection Approach for TEE System to Resist Physical Attacks

SoftME: A Software-Based Memory Protection Approach for TEE System to Resist Physical Attacks

Enhancing access to scholarly publications with surrogate resources

BootBandit: A macOS bootloader attack

Contact Info

Product

Resources

About