Protecting Data on Smartphones and Tablets from Memory Attacks

Slides:

Advertisements

Similar presentations

IT Essentials PC Hardware & Software v5.0

Advertisements

1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.

Objectives Overview Define an operating system

Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?

1 Alcatel Onetouch Antivirus. 2 Thinking about security on your smartphone Alcatel OneTouch? We have the solution. Among the applications on your smartphone,

Protecting Data on Smartphones & Tablets from Memory Attacks Patrick ColpJiawen Zhang James Gleeson Sahil Suneja Eyal de Lara Himanshu Raj Stefan Saroiu.

1) Fourth Generation computers use A. Vacuum tubes B. Transistors C. Microprocessors D. None of the above C. Microprocessors.

© 2014 by McGraw-Hill Education. This is proprietary material solely for authorized instructor use. Not authorized for sale or distribution in any manner.

Computer Parts Assignment

Discovering Computers 2010

1 Bootstrapping Trust in a “Trusted” Platform Carnegie Mellon University November 11, 2008 Bryan Parno.

Chung Man Ho Willims Chow Man Kei Gary Kwok Pak Wai Lion.

Department of Electrical & Computer Engineering Advisor: Michael Zink.

Iron Key and Portable Drive Security Zakary Littlefield.

Lest We Remember Cold-Boot Attacks Against Disk Encryption J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A.

I/O Subsystem Organization and Interfacing Cs 147 Peter Nguyen

Hardware of Personal Computers

0x1A Great Papers in Computer Security

CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.

Android 5.0 “Lollipop” Eric Moore Computer Users Group of Greeley February 14, 2015.

Microsoft Visual Basic 2012 CHAPTER ONE Introduction to Visual Basic 2012 Programming.

Tanenbaum 8.3 See references

Bellringer Do you think students should study computers? Why or why not?

Security in the industry H/W & S/W What is AMD’s ”enhanced virus protection” all about? What’s coming next? Presented by: Micha Moffie.

How to discover ephemeral evidence with Live RAM analysis.

Memory Hierarchy.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

Essential Computer Concepts

Mac OS Lion Memory Forensics Using IEEE 1394 to Bypass FileVault 2 Full Volume Encryption. Todd Garrison September 18, 2011.

Computing hardware CPU.

Operating Systems  A collection of programs that  Coordinates computer usage among users  Manages computer resources  Handle Common Tasks.

Discovering Computers 2012: Chapter 4

Objectives Overview Describe the various computer and mobile device cases and the contents they protect Describe multi-core processors, the components.

ENHANCED CONTENT PROTECTION OVERVIEW. Security Solution Characteristics Comprehensive security ecosystem All devices meet the same standard – No assumption.

Architecture for Protecting Critical Secrets in Microprocessors Ruby Lee Peter Kwan Patrick McGregor Jeffrey Dwoskin Zhenghong Wang Princeton Architecture.

Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.

Explain the purpose of an operating system

An approach to on the fly activation and deactivation of virtualization-based security systems Denis Efremov Pavel Iakovenko

3 Computing System Fundamentals

I T Essentials I Chapter 1 JEOPARDY HardwareConnector/CablesMemoryAcronymsPotpourri

VMM Based Rootkit Detection on Android Class Presentation Pete Bohman, Adam Kunk, Erik Shaw.

Implementing Memory Protection Primitives on Reconfigurable Hardware Brett Brotherton Nick Callegari Ted Huffmire.

SMARTPHONE FORENSICS 101 General Overview of Smartphone Investigations.

Wireless and Mobile Security

Understand Encryption LESSON 2.5_A Security Fundamentals.

Chapter 9 Operating Systems Discovering Computers Technology in a World of Computers, Mobile Devices, and the Internet.

By: Collin Molnar. Overview  Intro to Android  Security basics  Android architecture  Application isolation  Application permissions  Physical access.

INTRODUCTION TO COMPUTERS. A computer system is an electronic device used to input data, process data, store data for later use and produce output in.

DISCOVERING COMPUTERS 2018 Digital Technology, Data, and Devices

UNM Encryption Services in Development

Presented by Kartik Patel

Hardware-rooted Trust for Secure Key Management & Transient Trust

Operating System Review

Components of Computer

4. NCdisk SP-based SoC Architecture 5. NCdisk Security Protocol

Security of Mobile Operating Systems

Introduction to Computers

Memory chips Memory chips have two main properties that determine their application, storage capacity (size) and access time(speed). A memory chip contains.

I'm Kenichi Kourai from Kyushu Institute of Technology.

Operating System Review

OS Virtualization.

User-mode Secret Protection (SP) architecture

Today’s agenda Hardware architecture and runtime system

Chapter 1 Introduction.

2.C Memory GCSE Computing Langley Park School for Boys.

Shielding applications from an untrusted cloud with Haven

Securing Android Apps using Trusted Execution Environment (TEE) - 07/08/14 Presented by: Mike Hendrick VP Product Sequitur Labs.

What is an operating system An operating system is the most important software that runs on a computer. It manages the computer's memory and processes,

Presentation transcript:

Protecting Data on Smartphones and Tablets from Memory Attacks Presenter: Luren Wang

Overview Motivation Threat Model Background Implementation Evaluation Conclusion Future Work

Motivation Smartphones and tablets are easily stolen. According to Consumer Reports, smartphone theft rose to 3.1 million in the US in 2013 [1]. Encrypting data at rest is less useful. Devices are rarely turned off. Vulnerable to an inexpensive class of memory attacks.

Using passwords, PIN, patterns, etc Using passwords, PIN, patterns, etc. are ineffective since RAM retains unencrypted data. Using a freezer, USB cable, laptop, and a tool called Frost, researchers retrieved recent emails, photos, and visited websites.

Threat Model Attacker has physical access to the device. Device is in locked state. Attacker will conduct memory attacks. Not considered: Side channel attacks. Malware or any other software attacks. Code-injection attacks JTAG attacks Sophisticated physical attacks.

Memory Attacks Cold boot attacks – boot stolen device into an attack-controlled OS that outputs memory contents. Bus monitoring attacks – obtain sensitive data over time by attaching bus monitoring tool. DMA attack – attacker could manipulate DMA with a tool to dump the entire memory. Interfaces such as PCI Express and Thunderbolt are vulnerable.

Other Solutions On Chip AES Schemes – storing AES keys in CPU registers. Cannot guard against monitoring attacks. Encrypted RAM – encrypts most RAM all the time. Terrible overhead.

Background System-on-Chip (SoC) – Chip which integrates components such as CPU, RAM, GPU, I/O. (Very simplified) iRAM – internal SRAM used for storing runtime state of peripherals’ firmware. Locked L2 Cache – Cortex-A9 ARM platforms have PL310 cache controller which can lock a portion of the cache from eviction. Originally used for making small computation faster and predictable.

On-SoC Storage Two options to store secrets: iRAM and Locked L2 Cache. Although DRAM and iRAM both suffer from data remanence, ARM zeroes out iRAM upon boot up. Locked L2 cache prevents data from being evicted. iRAM can protect against DMA attacks only if TrustZone takes explicit steps to protect it.

Implementation Requirements Device locked – All sensitive memory pages in DRAM are encrypted. When page needs to be accessed, it is decrypted in-place on SoC memory. Device unlocked – Encryption is pointless. Encrypted pages are decrypted on-demand. AES_On_SoC – Secret states (encryption key) need to be protected in SoC memory.

Schematic Locked State

Unlocked State Simply decrypted on-demand (lazy approach). Encrypted pages are modified to generate a trap when page is accessed which causes Sentry to decrypt the page.

Selective Encryption Could encrypt all user-level state and most of kernel state. However, this takes too long and too much power. Encrypting 2GB of DRAM on a smartphone takes over a minute with four CPU cores. Solution - Only secure apps and OS subsystems marked as sensitive. User select applications for encryption in systems setting menu.

Protecting Persistent State File-system encryption is not acceptable because crypto library leaves sensitive data in DRAM. Solution – Incorporate AES_On_SoC in dm-crypt, an encryption module in Linux. Two keys – volatile key and persistent key. Volatile key is generated every reboot with a new value and stored on SoC. Used to encrypt memory pages. Persistent key is used to encrypt data on disk. Store in secure hardware fuse.

Evaluation The following experiments were performed on Nexus 4 which contains a quad-core SnapdragonS4 CPU (1.5 GHz and 2 GB RAM).

Device Lock Overhead

Device Unlock Overhead

Energy Profile For a heavy weight application, Google Maps, the energy overhead of lock and unlock is an additional 2.3 joules. Assuming the user locks and unlocks the phone 150 times a day, Sentry will use an additional 2% battery life.

Limitations No published data regarding how prevelant zeroing out iRAM is. Many devices, such as Nexus 4, lock their firmware which prevents enabling cache-locking through TrustZone.

Conclusion Prevents memory attacks with relatively low sacrifices in performance and battery life. More memory available on SoC which are isolated from DMA controllers would simplify the design.

Quiz Why does Sentry use on-demand decryption after unlock? Why is iRAM more suitable for storing sensitive data than DRAM even though both suffer from data-remanence? Why is it important to implement an on-SoC version of AES?

Citations [1] "Smart Phone Thefts Rose to 3.1 Million in 2013 - Consumer Reports." Smart Phone Thefts Rose to 3.1 Million in 2013 - Consumer Reports. N.p., n.d. Web. 08 Sept. 2015.