Can keys be hidden inside the CPU on modern windows host

Amit Resh, Nezer Zaidenberg

نتاج البحث: فصل من :كتاب / تقرير / مؤتمرمنشور من مؤتمرمراجعة النظراء

ملخص

The "Truly-Protect" trusted computing environment by Averbuch et al (2011) relies on encryption keys being hidden from external software and crackers. "Truly-Protect" saves the keys in internal registers inside the CPU. Such external keys should not be accessible by any software that runs on the machine prior to "Truly-Protect" validation or even after "Truly-Protect" validation. The assumption is that the hackers cannot reverse engineer the CPU and discover the content of these registers. But is it really possible to hide keys in such places? Internal CPU memory is indeed not available for user processes. However, the CPU memory and registers are accessible from the running operating system kernel. Truly protect uses a validation protocol that also verifies the Operating system kernel does not include malicious additions. These tests should ensure a cracker has not modified the OS. But Modern Windows operating system support loading new kernel code segments (drivers) even during the operating system runtime. Can we prevent modifying the kernel (loading drivers) after "Truly-protect" has verified the kernel? In this work we examine modern Intel CPUs available on desktop PCs and the latest releases of Microsoft Windows (windows 7,8) for existence of good hiding places for the encryption keys.

اللغة الأصليةالإنجليزيّة
عنوان منشور المضيف12th European Conference on Information Warfare and Security 2013, ECIW 2013
ناشرAcademic Conferences Ltd
الصفحات231-235
عدد الصفحات5
رقم المعيار الدولي للكتب (المطبوع)9781627489089
حالة النشرنُشِر - 2013
منشور خارجيًانعم
الحدث12th European Conference on Information Warfare and Security 2013, ECIW 2013 - Jyvaskyla, فنلندا
المدة: ١١ يوليو ٢٠١٣١٢ يوليو ٢٠١٣

سلسلة المنشورات

الاسمEuropean Conference on Information Warfare and Security, ECCWS

!!Conference

!!Conference12th European Conference on Information Warfare and Security 2013, ECIW 2013
الدولة/الإقليمفنلندا
المدينةJyvaskyla
المدة١١/٠٧/١٣١٢/٠٧/١٣

All Science Journal Classification (ASJC) codes

  • !!Information Systems
  • !!Information Systems and Management
  • !!Safety, Risk, Reliability and Quality

بصمة

أدرس بدقة موضوعات البحث “Can keys be hidden inside the CPU on modern windows host'. فهما يشكلان معًا بصمة فريدة.

قم بذكر هذا