TUM Logo

TransCrypt: Transparent main memory encryption using a minimal ARM hypervisor

Attacks on memory, revealing secrets, for example, via DMA or cold boot, are a long known problem. In this paper, we present TransCrypt, a concept for transparent and guest-agnostic, dynamic kernel and user main memory encryption using a custom minimal hypervisor. The concept utilizes the address translation features provided by hardware-based virtualization support of modern CPUs to restrict the guest to a small working set of recently accessed physical pages. The rest of the pages, which constitute the majority of memory, remain securely encrypted. Furthermore, we present a transparent and guest-agnostic mechanism for recognizing pages to be excluded from encryption to still ensure correct system functionality, for example, for pages shared with peripheral devices. The detailed evaluation using our fully functional prototype on an ARM Cortex-A15 development board running Android shows that TransCrypt is able to effectively protect secrets in memory while keeping the p erformance impact small. For example, the system is able to keep the E-mail account password of a typical user in the Android mail app's memory encrypted 98.99% of the time, while still reaching 81.7% and 99.8% of native performance in different benchmarks.

TransCrypt: Transparent main memory encryption using a minimal ARM hypervisor

16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications

Authors: Julian Horsch, Manuel Huber, and Sascha Wessel
Year/month: 2017/8
Booktitle: 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications
Pages: 152-161
Address: Sydney, Australia
Publisher: IEEE
Fulltext: click here

Abstract

Attacks on memory, revealing secrets, for example, via DMA or cold boot, are a long known problem. In this paper, we present TransCrypt, a concept for transparent and guest-agnostic, dynamic kernel and user main memory encryption using a custom minimal hypervisor. The concept utilizes the address translation features provided by hardware-based virtualization support of modern CPUs to restrict the guest to a small working set of recently accessed physical pages. The rest of the pages, which constitute the majority of memory, remain securely encrypted. Furthermore, we present a transparent and guest-agnostic mechanism for recognizing pages to be excluded from encryption to still ensure correct system functionality, for example, for pages shared with peripheral devices. The detailed evaluation using our fully functional prototype on an ARM Cortex-A15 development board running Android shows that TransCrypt is able to effectively protect secrets in memory while keeping the p erformance impact small. For example, the system is able to keep the E-mail account password of a typical user in the Android mail app's memory encrypted 98.99% of the time, while still reaching 81.7% and 99.8% of native performance in different benchmarks.

Bibtex:

@inproceedings { Horsch:2017,
author = { Julian Horsch and Manuel Huber and Sascha Wessel},
title = { TransCrypt: Transparent main memory encryption using a minimal ARM hypervisor },
year = { 2017 },
month = { August },
booktitle = { 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications },
address = { Sydney, Australia },
pages = { 152-161 },
publisher = { IEEE },
url = { http://dx.doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.232 },

}