CryptMe: Data leakage prevention for unmodified programs on ARM devices

Chen Cao, Le Guan, Ning Zhang, Neng Gao, Jingqiang Lin, Bo Luo, Peng Liu, Ji Xiang, Wenjing Lou

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Sensitive data (e.g., passwords, health data and private videos) can be leaked due to many reasons, including (1) the misuse of legitimate operating system (OS) functions such as core dump, swap and hibernation, and (2) physical attacks to the DRAM chip such as cold-boot attacks and DMA attacks. While existing software-based memory encryption is effective in defeating physical attacks, none of them can prevent a legitimate OS function from accidentally leaking sensitive data in the memory. This paper introduces CryptMe that integrates memory encryption and ARM TrustZone-based memory access controls to protect sensitive data against both attacks. CryptMe essentially extends the Linux kernel with the ability to accommodate the execution of unmodified programs in an isolated execution domain (to defeat OS function misuse), and at the same time transparently encrypt sensitive data appeared in the DRAM chip (to defeat physical attacks). We have conducted extensive experiments on our prototype implementation. The evaluation results show the efficiency and added security of our design.

Original languageEnglish (US)
Title of host publicationResearch in Attacks, Intrusions, and Defenses - 21st International Symposium, RAID 2018, Proceedings
EditorsMichael Bailey, Sotiris Ioannidis, Manolis Stamatogiannakis, Thorsten Holz
PublisherSpringer Verlag
Pages380-400
Number of pages21
ISBN (Print)9783030004699
DOIs
StatePublished - Jan 1 2018
Event21st International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2018 - Heraklion, Greece
Duration: Sep 10 2018Sep 12 2018

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11050 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other21st International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2018
CountryGreece
CityHeraklion
Period9/10/189/12/18

Fingerprint

Leakage
Attack
Data storage equipment
Dynamic random access storage
Operating Systems
Cryptography
Encryption
Chip
Dynamic mechanical analysis
Access control
Swap
Password
Health
Linux
Access Control
Integrate
Prototype
kernel
Software
Experiments

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Cao, C., Guan, L., Zhang, N., Gao, N., Lin, J., Luo, B., ... Lou, W. (2018). CryptMe: Data leakage prevention for unmodified programs on ARM devices. In M. Bailey, S. Ioannidis, M. Stamatogiannakis, & T. Holz (Eds.), Research in Attacks, Intrusions, and Defenses - 21st International Symposium, RAID 2018, Proceedings (pp. 380-400). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11050 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-030-00470-5_18
Cao, Chen ; Guan, Le ; Zhang, Ning ; Gao, Neng ; Lin, Jingqiang ; Luo, Bo ; Liu, Peng ; Xiang, Ji ; Lou, Wenjing. / CryptMe : Data leakage prevention for unmodified programs on ARM devices. Research in Attacks, Intrusions, and Defenses - 21st International Symposium, RAID 2018, Proceedings. editor / Michael Bailey ; Sotiris Ioannidis ; Manolis Stamatogiannakis ; Thorsten Holz. Springer Verlag, 2018. pp. 380-400 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{a7a67c7a199049bbab100772bbce0926,
title = "CryptMe: Data leakage prevention for unmodified programs on ARM devices",
abstract = "Sensitive data (e.g., passwords, health data and private videos) can be leaked due to many reasons, including (1) the misuse of legitimate operating system (OS) functions such as core dump, swap and hibernation, and (2) physical attacks to the DRAM chip such as cold-boot attacks and DMA attacks. While existing software-based memory encryption is effective in defeating physical attacks, none of them can prevent a legitimate OS function from accidentally leaking sensitive data in the memory. This paper introduces CryptMe that integrates memory encryption and ARM TrustZone-based memory access controls to protect sensitive data against both attacks. CryptMe essentially extends the Linux kernel with the ability to accommodate the execution of unmodified programs in an isolated execution domain (to defeat OS function misuse), and at the same time transparently encrypt sensitive data appeared in the DRAM chip (to defeat physical attacks). We have conducted extensive experiments on our prototype implementation. The evaluation results show the efficiency and added security of our design.",
author = "Chen Cao and Le Guan and Ning Zhang and Neng Gao and Jingqiang Lin and Bo Luo and Peng Liu and Ji Xiang and Wenjing Lou",
year = "2018",
month = "1",
day = "1",
doi = "10.1007/978-3-030-00470-5_18",
language = "English (US)",
isbn = "9783030004699",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "380--400",
editor = "Michael Bailey and Sotiris Ioannidis and Manolis Stamatogiannakis and Thorsten Holz",
booktitle = "Research in Attacks, Intrusions, and Defenses - 21st International Symposium, RAID 2018, Proceedings",
address = "Germany",

}

Cao, C, Guan, L, Zhang, N, Gao, N, Lin, J, Luo, B, Liu, P, Xiang, J & Lou, W 2018, CryptMe: Data leakage prevention for unmodified programs on ARM devices. in M Bailey, S Ioannidis, M Stamatogiannakis & T Holz (eds), Research in Attacks, Intrusions, and Defenses - 21st International Symposium, RAID 2018, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11050 LNCS, Springer Verlag, pp. 380-400, 21st International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2018, Heraklion, Greece, 9/10/18. https://doi.org/10.1007/978-3-030-00470-5_18

CryptMe : Data leakage prevention for unmodified programs on ARM devices. / Cao, Chen; Guan, Le; Zhang, Ning; Gao, Neng; Lin, Jingqiang; Luo, Bo; Liu, Peng; Xiang, Ji; Lou, Wenjing.

Research in Attacks, Intrusions, and Defenses - 21st International Symposium, RAID 2018, Proceedings. ed. / Michael Bailey; Sotiris Ioannidis; Manolis Stamatogiannakis; Thorsten Holz. Springer Verlag, 2018. p. 380-400 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11050 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - CryptMe

T2 - Data leakage prevention for unmodified programs on ARM devices

AU - Cao, Chen

AU - Guan, Le

AU - Zhang, Ning

AU - Gao, Neng

AU - Lin, Jingqiang

AU - Luo, Bo

AU - Liu, Peng

AU - Xiang, Ji

AU - Lou, Wenjing

PY - 2018/1/1

Y1 - 2018/1/1

N2 - Sensitive data (e.g., passwords, health data and private videos) can be leaked due to many reasons, including (1) the misuse of legitimate operating system (OS) functions such as core dump, swap and hibernation, and (2) physical attacks to the DRAM chip such as cold-boot attacks and DMA attacks. While existing software-based memory encryption is effective in defeating physical attacks, none of them can prevent a legitimate OS function from accidentally leaking sensitive data in the memory. This paper introduces CryptMe that integrates memory encryption and ARM TrustZone-based memory access controls to protect sensitive data against both attacks. CryptMe essentially extends the Linux kernel with the ability to accommodate the execution of unmodified programs in an isolated execution domain (to defeat OS function misuse), and at the same time transparently encrypt sensitive data appeared in the DRAM chip (to defeat physical attacks). We have conducted extensive experiments on our prototype implementation. The evaluation results show the efficiency and added security of our design.

AB - Sensitive data (e.g., passwords, health data and private videos) can be leaked due to many reasons, including (1) the misuse of legitimate operating system (OS) functions such as core dump, swap and hibernation, and (2) physical attacks to the DRAM chip such as cold-boot attacks and DMA attacks. While existing software-based memory encryption is effective in defeating physical attacks, none of them can prevent a legitimate OS function from accidentally leaking sensitive data in the memory. This paper introduces CryptMe that integrates memory encryption and ARM TrustZone-based memory access controls to protect sensitive data against both attacks. CryptMe essentially extends the Linux kernel with the ability to accommodate the execution of unmodified programs in an isolated execution domain (to defeat OS function misuse), and at the same time transparently encrypt sensitive data appeared in the DRAM chip (to defeat physical attacks). We have conducted extensive experiments on our prototype implementation. The evaluation results show the efficiency and added security of our design.

UR - http://www.scopus.com/inward/record.url?scp=85053911061&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85053911061&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-00470-5_18

DO - 10.1007/978-3-030-00470-5_18

M3 - Conference contribution

AN - SCOPUS:85053911061

SN - 9783030004699

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 380

EP - 400

BT - Research in Attacks, Intrusions, and Defenses - 21st International Symposium, RAID 2018, Proceedings

A2 - Bailey, Michael

A2 - Ioannidis, Sotiris

A2 - Stamatogiannakis, Manolis

A2 - Holz, Thorsten

PB - Springer Verlag

ER -

Cao C, Guan L, Zhang N, Gao N, Lin J, Luo B et al. CryptMe: Data leakage prevention for unmodified programs on ARM devices. In Bailey M, Ioannidis S, Stamatogiannakis M, Holz T, editors, Research in Attacks, Intrusions, and Defenses - 21st International Symposium, RAID 2018, Proceedings. Springer Verlag. 2018. p. 380-400. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-030-00470-5_18