1 / 32

Presented by: Payas Gupta

brady-white
Télécharger la présentation

Presented by: Payas Gupta

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Lest We Remember: Cold Boot Attacks on Encryption KeysJ. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. FeltenIn Proceedings of the 2008 USENIX Security Symposium.Awarded Best Student Paper Presented by: Payas Gupta Year II of SRG

  2. In today’s talk… • Introduction • Characterizing Remanence Effects • Imaging Residual Memory • Key Reconstruction • Identifying Keys in Memory • Attacking Encrypted Disks • Countermeasures and Limitations • Conclusions

  3. Introduction • Is it true? • Computer’s memory is erased almost immediately when it loses power. • Ordinary DRAMs typically lose their contents gradually over a period of seconds • Data will persist for minutes or even hours if the chips are kept at low temperatures

  4. Introduction • Exploit DRAM remanence effects to recover cryptographic keys held in memory • Defeated popular encryption systems including BitLocker, TrueCrypt etc. • Many other security systems are probably vulnerable. • Mac OS X leaves the user’s login password in memory, and can be recovered using Cold boot attack.

  5. Introduction • However, newer memory technologies, which use higher circuit densities, tended to decay more quickly than older ones • Could able to reconstruct keys • AES, DES, triple DES, RSA, tweak keys

  6. Characterizing Remanence Effects • DRAM cell is essentially a capacitor • Over time charge will leak and cell will lose its state • To forestall this, cell must be refreshed • Standard refresh time is order of ms

  7. Decay at different temperatures Submerged into Liquid Nitrogen (-196˚C) for 60 minutes Only 0.17% decay

  8. After 5 seconds

  9. After 30 seconds

  10. After 60 seconds

  11. After 5 minutes

  12. Imaging tools • Booting the system will overwrite some portions of memory • Bad options • Loading full OS into memory • Use tiny special-purpose programs, produce accurate dumps of memory contents to some external medium

  13. Imaging tools • PXI network boot – Intel’s Preboot Execution Environment (PXE) • Implemented 9KB standalone application that can be booted via PXE • Extracted memory images at 300 Mb/s with gigabit Ethernet cards. • USB drives • Implemented a 10KB plug-in for the SYSLINUX bootloader that can be booted from an external USB drive. • iPods 

  14. Imaging attacks • Simple reboot • Configure BIOS and boot the imaging tools • Transferring DRAM modules • Cooling a module before powering it off can slow decay sufficiently to allow it to be transferred to another machine with minimal decay.

  15. Cold Boot attack Before powering off the computer… spray an upside-down canister of multipurpose duster directly onto the memory chips, cooling them to -50˚C

  16. Cold Boot attack Data will persist for several minutes after power loss

  17. Cold Boot attack Even if we remove the DRAM from the computer

  18. Key Reconstruction • Designed algorithms which can correct errors quickly with range 5%-50% depending on the type of key. • Most Encryption programs speed up computation by storing data precomputed from the encryption keys. • This data contains much more structure than the key itself A SORT OF ECC FOR THE KEY

  19. Modeling the decay • Assumption, that all bits decay to the same ground state. • P(10) = δ0P(01) = δ1 • P of decaying to ground state approaches 1 as time goes on. • P of flipping in the opposite direction remains constant and tiny. • Observed • Bits tend to decay in predictable order • Actual order of decay appeared fairly random wrt location.

  20. RSA Key Generation • Choose two prime numbers p and q • N=pq • Φ(n) = (p-1)(q-1) • e  public key exponent • de ≡ 1(mod Φ(n)) • d  private key exponent

  21. RSA keys • RSA public key consists • Modulus N • Public key exponent e • RSA private key consists • Private exponent d • Optional values • Prime factor p and q of N • d mod(p-1) • d mod(q-1) • q-1 mod p

  22. Reconstructing RSA private keys Previous approaches • Let n=lg(N) • N can be factored in polynomial time • Coppersmith [14] • given the n/4 LSB of p • Boneh, Durfee and Frankel [9] • given the n/4 LSB of d • Blomer and May [7] • given the n/4 LSB of d mod(p-1)

  23. Reconstructing RSA private keys • Error could be distributed across all bits of the key data, so previous approaches are not directly applicable • Given, public modulus N • p’ and q’ are recovered from memory • Deduce values for the original p and q by iteratively reconstructing them from LSBs.

  24. Reconstructing RSA private keys • δ -> probability of unidirectional decay. • 1024-bit primes (2048-bit key) • δ = 4% • median reconstruction time = 4.5s • δ = 6% • median reconstruction time = 2.5min • 512-bit primes • δ = 10% • median reconstruction time = 1min

  25. Identifying RSA keys in memory • Most widely used format for RSA is as specified in PKCS • This object, packaged in DER encoding is the standard format for storage and interchange of private keys. • They search of identifying features of the DER-encoding itself. • Sequence identifier 0x30 followed a few bytes later by the DER encoding of the RSA version number and then by the DER encoding of the next field.

  26. Attacking … BitLocker • BitLocker – • operates as a filter driver • Resides between the file system and the disk driver, encrypting and decrypting individual sectors on demand. • AES encryption in CBC mode • Secret pad key and CBC encryption key

  27. BitLocker Procedure

  28. BitUnLocker • External USB hard-disk containing Linux • A custom SYSLINUX-based bootloader • FUSD filter driver that allows BitLocker volumes to be mounted under Linux. • ATTACK- Power cut, connect external USB hard disk and boot. • Dump Memory image and apply keyfind algorithm.

  29. Attacking … Loop-AES • Loop-AES – on-the-fly disk encryption package for Linux systems. • Encrypt AES in CBC mode • Each disk block is encrypted with one of 64-encryption keys. • Additional AES key to generate IVs. • keyfind program revealed 65 AES keys. • For each of the AES keys, it maintains two copies of the key schedule in memory, one normal copy and one with each bit inverted.

  30. Countermeasures and Limitations • Scrubbing Memory • Avoid storing keys in memory • Overwrite unwanted keys • Systems can also memory at boot time • Limit booting from network or removable media • Avoiding precomputation • Physical Defenses • Sensors respond to low temperatures or opening of computer’s case

  31. Countermeasures and Limitations • Encrypting in the disk Controller • Main encryption keys are stored in the disk controller rather than in DRAM

  32. Conclusions • DRAMs hold their values for surprisingly long intervals without power or refresh. • Defeat several popular disk encryption systems. • Today’s Trusted Computing technologies cannot protect keys that are already in memory • Architecture should be changed • DRAM is untrusted and avoid storing sensitive data there

More Related