TreVisor - Cryptography & Security Department

More documents

Recommendations

Info

Security Analysis ● We spent considerable effort to ensure that no key data enters RAM ● Methods we used to dump RAM ● cold boot attacks ● BitVisor debugging shell ● virtualization ● DMA attacks (Firewire; IOMMU switched off) ● We were not able to recover any keybits June 26 - 29, 2012 · ACNS '12 Singapore · TreVisor · Tilo Müller, Benjamin Taubmann, and Felix C. Freiling
Part V Conclusion I. Motivation: Memory Attacks on Full Disk Encryption II. Background & Design: TRESOR, TreVisor, BitVisor III. Implementation Details: The BitVisor Patch IV. Evaluation: Performance, Compatibility, Security V. Conclusion
Page 1 and 2: TreVisor OS-Independent Software-Ba
Page 3 and 4: Part I Motivation I. Motivation: Me
Page 5 and 6: Disk Encryption But current (softwa
Page 7 and 8: Attacks on Main Memory Problem: mai
Page 9 and 10: Cold Boot Attacks ● Remanence eff
Page 11 and 12: Attacks on Main Memory Basically al
Page 13 and 14: Part II Background & Design I. Moti
Page 15 and 16: TRESOR Problems ● TRESOR effectiv
Page 17 and 18: TRESOR vs. TreVisor App App TRESOR
Page 19 and 20: Tresor + BitVisor = TreVisor We use
Page 21 and 22: Registers Debug registers: SSE Regi
Page 23 and 24: Key Management ● Every CPU core s
Page 25 and 26: Availability http://www1.cs.fau.de/
Page 27 and 28: TreVisor Performance Linux (write)
Page 29 and 30: Compatibility: Hardware ● CPU req
Page 31: Security Overview Threat Model Hard
Page 35: The End Thank you for your attentio

TreVisor - Cryptography & Security Department

Create successful ePaper yourself

Delete template?

Save as template?