首页> 外文会议>Applied cryptography and network security. >Tre Visor OS-Independent Software-Based Full Disk Encryption Secure against Main Memory Attacks
【24h】

Tre Visor OS-Independent Software-Based Full Disk Encryption Secure against Main Memory Attacks

机译:基于Tre Visor的独立于操作系统的基于软件的全磁盘加密可防止主内存攻击

获取原文
获取原文并翻译 | 示例

摘要

Software-based disk encryption techniques store necessary keys in main memory and are therefore vulnerable to DMA and cold boot attacks which can acquire keys from RAM. Recent research results have shown operating system dependent ways to overcome these attacks. For example, the TRESOR project patches Linux to store AES keys solely on the microprocessor. We present Tre Visor, the first software-based and OS-independent solution for full disk encryption that is resistant to main memory attacks. It builds upon Bit Visor, a thin virtual machine monitor which implements various security features. Roughly speaking, TreVisor adds the encryption facilities of TRESOR to BitVisor. i.e., we move TRESOR one layer below the operating system into the hypervisor such that secure disk encryption runs transparently for the guest OS. We have tested its compatibility with both Linux and Windows and show positive security and performance results.
机译:基于软件的磁盘加密技术将必要的密钥存储在主存储器中,因此容易受到DMA和冷启动攻击的攻击,这些攻击可以从RAM获取密钥。最近的研究结果显示了依赖于操作系统的方式来克服这些攻击。例如,TRESOR项目对Linux进行了修补,以仅将AES密钥存储在微处理器上。我们介绍Tre Tresor,这是第一个基于软件且独立于操作系统的全磁盘加密解决方案,可抵抗主内存攻击。它建立在Bit Visor上,Bit Visor是一种瘦虚拟机监视器,可实现各种安全功能。粗略地说,TreVisor将TRESOR的加密功能添加到BitVisor。也就是说,我们将TRESOR在操作系统下一层移到虚拟机管理程序中,以便对来宾OS透明地运行安全磁盘加密。我们已经测试了它与Linux和Windows的兼容性,并显示出积极的安全性和性能结果。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号