Protecting Sensitive Information in the Volatile Memory from Disclosure Attacks

Malliaros, Stefanos; Ntantogian, Christoforos; Xenakis, Christos

doi:10.1109/ares.2016.75

Cited by 7 publications

(3 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…FighterPOS [75] and GlitchPOS [48]) are two notorious examples of this type of malware. On the other hand, credentials dumping malware is the PC version of PoS malware, with web browsers presenting common targets [43]. Actually, the target range is much wider, with any process that retains passwords, hashes or credentials of any form, e.g., session tickets, in memory presenting a potential target [51,54].…”

Section: Information-stealing Malwarementioning

confidence: 99%

RV-TEE: secure cryptographic protocol execution based on runtime verification

Vella

Colombo

Abela

et al. 2021

J Comput Virol Hack Tech

View full text Add to dashboard Cite

Analytical security of cryptographic protocols does not immediately translate to operational security due to incorrect implementation and attacks targeting the execution environment. Code verification and hardware-based trusted execution solutions exist, however these leave it up to the implementer to assemble the complete solution, imposing a complete re-think of the hardware platforms and software development process. We rather aim for a comprehensive solution for secure cryptographic protocol execution, which takes the form of a trusted execution environment based on runtime verification and stock hardware security modules. RV-TEE can be deployed on existing platforms and protocol implementations. Runtime verification lends itself well at several conceptual levels of the execution environment, ranging from high level protocol properties, to lower level checks such as taint inference. The proposed architectural setup involving two runtime verification modules is instantiated through a case study using a popular web browser. We successfully monitor high and low level properties with promising results with respect to practicality.

show abstract

Section: Information-stealing Malwarementioning

confidence: 99%

RV-TEE: secure cryptographic protocol execution based on runtime verification

Vella

Colombo

Abela

et al. 2021

J Comput Virol Hack Tech

View full text Add to dashboard Cite

show abstract

“…Design efforts therefore focus on two distinct areas: (1) how to deliver high performance while minimizing energy consumption and (2) how to provide both cryptographic-quality "roots of trust" in silicon and resistance to physical side-channel attacks with minimal area overhead [1][2]. Among the main elements of a CPS, on-chip memories, and in particular SRAMs, are probably the most critical in terms of performance and vulnerabilities to attacks because they might contain sensitive data (such as secret keys) [3]. In this context, the detection of malicious tampering events (mechanical, electrical or optical) is then the first bulwark of the defense strategy aimed at effectively securing SRAMs, while maintaining high performance in nominal operating conditions [4].…”

Section: Introductionmentioning

confidence: 99%

A Near-Instantaneous and Non-Invasive Erasure Design Technique to Protect Sensitive Data Stored in Secure SRAMs

Noël

Pezzin

Christmann

et al. 2021

ESSCIRC 2021 - IEEE 47th European Solid State Circuits Conference (ESSCIRC)

View full text Add to dashboard Cite

On-chip memories, and in particular SRAMs, are among the most critical components in terms of data security because they might contain sensitive data such as secret keys. Whenever a tampering event is detected, one should be able to erase efficiently and rapidly the full content of a memory holding such sensitive data, but current solutions based on simple power-off lead to very long erasure times. In this paper, we present a non-invasive design technique based on an innovative mechanism to remove electric charges from SRAM bitcells still powered on, before refreshing them with a new content not correlated with the previous one. The particularity of this novel hardware countermeasure is to be natively compatible with any SRAM circuit designed from pushed-rule foundry bitcells. We have designed and characterized an 8kB SRAM in 22nm FD-SOI process technology exploiting the proposed security strategy demonstrating an erase operation accomplished in the nanosecond time scale (versus 295µs with the conventional power-off solution) at the cost of an additional area of less than 5%. We have also shown that our solution is more efficient than a solution without prior erasure consisting in writing identical data to all memory addresses in a single clock cycle (1 ns). The use of the latter drops the ratio of zeroized addresses at 92%, while increasing the operating energy consumption by 2.1x under nominal operating conditions.

show abstract

“…If other users want to use this region, only the user can release the region's ownership before other users can re-occupy and use. realize permissions management and storage encryption for the storage region by user [3]. Only users can turn on and turn off the use of MPU.…”

Section: Introductionmentioning

confidence: 99%

Design and Implementation of Private Owner Code Region in Memory Protection Unit

Qian¹,

Jing²,

Bin³

2018

Proceedings of the 2018 International Conference on Network, Communication, Computer Engineering (NCCE 2018)

View full text Add to dashboard Cite

Embedded systems often use a number of multitasking operations and controls, these systems must have a mechanism to ensure the implementation of the current task, so that it has no effect on other tasks, that is, to prevent the system's resources and tasks are accessed illegally. There are usually two ways to achieve this goal: software and hardware protection. Software protection means alone software to protect resources of the system, and no hardware involved. However, when a multitasking operation occurs, it must be coordinated through the system and can easily affect the operation of the current task, resulting in irrational use of resources. Conversely, if the system has specialized hardware to detect and limit access to resources, there is a good guarantee of ownership of resources and the rules governing the running of the task. The chip's internal memory protection unit is very effective to achieve such a function. The article focuses on its private owner code region, the region can not only be accessed by the user, and when the region is monopolized by the user, which can also be used as a user to access other regions.

show abstract

Protecting Sensitive Information in the Volatile Memory from Disclosure Attacks

Cited by 7 publications

References 29 publications

RV-TEE: secure cryptographic protocol execution based on runtime verification

RV-TEE: secure cryptographic protocol execution based on runtime verification

A Near-Instantaneous and Non-Invasive Erasure Design Technique to Protect Sensitive Data Stored in Secure SRAMs

Design and Implementation of Private Owner Code Region in Memory Protection Unit

Contact Info

Product

Resources

About