TRESOR Runs Encryption Securely Outside RAM

Authors: 

Tilo Müller and Felix C. Freiling, University of Erlangen; Andreas Dewald, University of Mannheim

Abstract: 

Current disk encryption techniques store necessary keys in RAM and are therefore susceptible to attacks that target volatile memory, such as Firewire and cold boot attacks. We present TRESOR, a Linux kernel patch that implements the AES encryption algorithm and its key management solely on the microprocessor. Instead of using RAM, TRESOR ensures that all encryption states as well as the secret key and any part of it are only stored in processor registers throughout the operational time of the system, thereby substantially increasing its security. Our solution takes advantage of Intel’s new AES-NI instruction set and exploits the x86 debug registers in a non-standard way, namely as cryptographic key storage. TRESOR is compatible with all modern Linux distributions, and its performance is on a par with that of standard AES implementations.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {266517,
author = {Tilo M{\"u}ller and Felix C. Freiling and Andreas Dewald},
title = {{TRESOR} Runs Encryption Securely Outside {RAM}},
booktitle = {20th USENIX Security Symposium (USENIX Security 11)},
year = {2011},
address = {San Francisco, CA},
url = {https://www.usenix.org/conference/usenix-security-11/tresor-runs-encryption-securely-outside-ram},
publisher = {USENIX Association},
month = aug
}
Download

Presentation Video

Presentation Audio

Links

Paper: 
http://www.usenix.org/events/sec11/tech/full_papers/Muller.pdf
Slides: 
http://www.usenix.org/events/sec11/tech/slides/muller.pdf