Can keys be hidden inside the CPU on modern windows host

Amit Resh, Nezer Zaidenberg

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

The "Truly-Protect" trusted computing environment by Averbuch et al (2011) relies on encryption keys being hidden from external software and crackers. "Truly-Protect" saves the keys in internal registers inside the CPU. Such external keys should not be accessible by any software that runs on the machine prior to "Truly-Protect" validation or even after "Truly-Protect" validation. The assumption is that the hackers cannot reverse engineer the CPU and discover the content of these registers. But is it really possible to hide keys in such places? Internal CPU memory is indeed not available for user processes. However, the CPU memory and registers are accessible from the running operating system kernel. Truly protect uses a validation protocol that also verifies the Operating system kernel does not include malicious additions. These tests should ensure a cracker has not modified the OS. But Modern Windows operating system support loading new kernel code segments (drivers) even during the operating system runtime. Can we prevent modifying the kernel (loading drivers) after "Truly-protect" has verified the kernel? In this work we examine modern Intel CPUs available on desktop PCs and the latest releases of Microsoft Windows (windows 7,8) for existence of good hiding places for the encryption keys.

Original languageEnglish
Title of host publication12th European Conference on Information Warfare and Security 2013, ECIW 2013
PublisherAcademic Conferences Ltd
Pages231-235
Number of pages5
ISBN (Print)9781627489089
StatePublished - 2013
Externally publishedYes
Event12th European Conference on Information Warfare and Security 2013, ECIW 2013 - Jyvaskyla, Finland
Duration: 11 Jul 201312 Jul 2013

Publication series

NameEuropean Conference on Information Warfare and Security, ECCWS

Conference

Conference12th European Conference on Information Warfare and Security 2013, ECIW 2013
Country/TerritoryFinland
CityJyvaskyla
Period11/07/1312/07/13

Keywords

  • CPU architecture
  • Copy-protection
  • Virtualization

All Science Journal Classification (ASJC) codes

  • Information Systems
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Can keys be hidden inside the CPU on modern windows host'. Together they form a unique fingerprint.

Cite this