Can keys be hidden inside the CPU on modern windows host

Amit Resh, Nezer Zaidenberg

פרסום מחקרי: פרק בספר / בדוח / בכנספרסום בספר כנסביקורת עמיתים

תקציר

The "Truly-Protect" trusted computing environment by Averbuch et al (2011) relies on encryption keys being hidden from external software and crackers. "Truly-Protect" saves the keys in internal registers inside the CPU. Such external keys should not be accessible by any software that runs on the machine prior to "Truly-Protect" validation or even after "Truly-Protect" validation. The assumption is that the hackers cannot reverse engineer the CPU and discover the content of these registers. But is it really possible to hide keys in such places? Internal CPU memory is indeed not available for user processes. However, the CPU memory and registers are accessible from the running operating system kernel. Truly protect uses a validation protocol that also verifies the Operating system kernel does not include malicious additions. These tests should ensure a cracker has not modified the OS. But Modern Windows operating system support loading new kernel code segments (drivers) even during the operating system runtime. Can we prevent modifying the kernel (loading drivers) after "Truly-protect" has verified the kernel? In this work we examine modern Intel CPUs available on desktop PCs and the latest releases of Microsoft Windows (windows 7,8) for existence of good hiding places for the encryption keys.

שפה מקוריתאנגלית
כותר פרסום המארח12th European Conference on Information Warfare and Security 2013, ECIW 2013
מוציא לאורAcademic Conferences Ltd
עמודים231-235
מספר עמודים5
מסת"ב (מודפס)9781627489089
סטטוס פרסוםפורסם - 2013
פורסם באופן חיצוניכן
אירוע12th European Conference on Information Warfare and Security 2013, ECIW 2013 - Jyvaskyla, פינלנד
משך הזמן: 11 יולי 201312 יולי 2013

סדרות פרסומים

שםEuropean Conference on Information Warfare and Security, ECCWS

כנס

כנס12th European Conference on Information Warfare and Security 2013, ECIW 2013
מדינה/אזורפינלנד
עירJyvaskyla
תקופה11/07/1312/07/13

ASJC Scopus subject areas

  • ???subjectarea.asjc.1700.1710???
  • ???subjectarea.asjc.1800.1802???
  • ???subjectarea.asjc.2200.2213???

טביעת אצבע

להלן מוצגים תחומי המחקר של הפרסום 'Can keys be hidden inside the CPU on modern windows host'. יחד הם יוצרים טביעת אצבע ייחודית.

פורמט ציטוט ביבליוגרפי