TreVisor - Cryptography & Security Department
TreVisor - Cryptography & Security Department
TreVisor - Cryptography & Security Department
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
TRESOR<br />
TRESOR Runs Encryption Securely Outside RAM<br />
● Published at USENIX 2011<br />
● Keys are stored in CPU registers (dr0-dr3) rather than in RAM<br />
● All intermediate states / runtime variables are stored only in CPU<br />
registers as well<br />
● Challenges:<br />
● No use of stack and heap<br />
● Scheduling, hardware interrupts, and context switches<br />
● Userland access to debug registers (dr0-dr3)<br />
● Swapping and Suspend-to-Disk / RAM<br />
● ...<br />
● Linux kernel patch (originally for 2.6.36); dm-crypt support<br />
● AES-128, -192, and -256 accelerated by Intel's AES-NI<br />
June 26 - 29, 2012 · ACNS '12 Singapore · <strong>TreVisor</strong> · Tilo Müller, Benjamin Taubmann, and Felix C. Freiling