Browse Prior Art Database

Selective memory encryption

IP.com Disclosure Number: IPCOM000244183D
Publication Date: 2015-Nov-20
Document File: 5 page(s) / 166K

Publishing Venue

The IP.com Prior Art Database

Abstract

The objective of this paper is to illustrate a method to protect a computer system against cold boot attacks. This kind of attacks can be described as extracting the memory chips of a running computer system and reading their memory information before it gets lost due to the loss of power. A state of the art to protect against these attacks consist of keeping the memory content encrypted all the time. This has the disadvantage of the performance overhead that this encryption adds to the computer system. Typically not all the memory content is security relevant: most of the data stored in memory is not critical, such as public available program binaries. This paper illustrates how only the relevant memory areas can be protected. This results on a keeping the protection against cold boot attacks while minimizing the overhead.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 54% of the total text.

Page 01 of 5

Selective memory encryption

Summary of the Method

• Only encrypt security relevant memory areas of a program • Complete program is considered sensitive
• Only some data areas of program are considered sensitive


• OS manages and controls size/number of encrypted memory areas

Highlevel Flow


• Prerequisite infrastructure of increment based encrypted memory (encryption unit & tables in firmware for keys)

• Application allocates secure memory via new flag in malloc instruction
• Supported by Operating System (OS) kernel & hardware/firmware

• Firmware assigns key for the secure increment • Only specific increments are encrypted as required by application/OS
• OS returns address space in secure increment to application

1


Page 02 of 5

Overview

stack

stack

...

enc heap

...

...

MyApp1

heap

data

code

heap

Crypto4

data

code

inc1

inc2

3

malloc_en

crypted()

inc3

App lication

enc

M yApp1

0

OS

Crypr o4

M yApp7

1

 Enc cache

inc4

0

Enc u nit

1

request encrypted increment

2

clear increment

Inc

Enable

key

Non- enc cache

Firmware

1

0

-

2

0

-

PU

3

1

12 345

Initial Setup

1. Create a table in a Hardware Storage Area (HSA) or hardware/firmware controlled storage during Initial Machine Load (IML)/ system boot to store the following info for each memory increment:

Is increment encrypted?

If so, the encryption key
Otherwise NULL

• Increment index (optional)

• Useful if the table only contains info for encrypted increments slower but uses less

   memory • Otherwise an offset based on the increment number is used
2. Activate Logical PARtition (LPAR)/Virtual Machine (VM)

     • Hypervisor sets all memory increments for LPAR/VM as non-encrypted
3. Start OS

2


Page 03 of 5

Load Application

St art

Application has encryption flag?

No

Load application in regular memory

Yes

Process description in next ch apter.

Is sufficien t encrypted memory available?

No

Create encryp ted memo ry increment

Yes

Load app lication in the encr ypted memory

End

Create Encrypted Memory Increment

• OS identifies a non-used, non-encrypted increment • OS requests firmware to set increment to be encrypted • Firmware generates key for increment • Firmware stores key in encryption table • Firmware sets "encrypted" flag for increment in table
• OS flags increment as available encrypted memory

Execute Application

Variant: malloc_encrypted

Variant: malloc


• Application informs OS about memory range used for encrypted heap

• Application calls malloc_encrypted
• Memory is allocated in encrypted

        heap
• Application reads/writes to memory allocated with malloc_encrypted


• If this is the first access, memory is

• Application calls malloc
• Memory is allocated in heap


• Application reads/writes to memory allocated with malloc


• If this is the first access, memory is not mapped yet to physical

3


Page 04 of 5

not mapped yet to physical memory application check (s390x), address violation (Intel)


• OS finds that used address is in encrypted heap area


•...