Attacks on memory, revealing secrets, for example, via DMA or cold boot, are a long known problem. In this paper, we present TransCrypt, a concept for transparent and guest-agnostic, dynamic kernel and user main memory encryption using a custom minimal hypervisor. The concept utilizes the address translation features provided by hardware-based virtualization support of modern CPUs to restrict the guest to a small working set of recently accessed physical pages. The rest of the pages, which constitute the majority of memory, remain securely encrypted. Furthermore, we present a transparent and guest-agnostic mechanism for recognizing pages to be excluded from encryption to still ensure correct system functionality, for example, for pages shar...
Abstract—Unencrypted data appearing on the processor– memory bus can result in security violations, ...
Mobile Storage Devices, such as USB flash drives, offer a flexible solution for the transport and ...
Security features of modern (SoC) FPAGs permit to protect the confidentiality of hard- and software ...
We present Freeze & Crypt, a framework for main memory encryption. Our goal is to protect sensitive ...
A confidential virtual machine (CVM) uses a hardware-rooted key to encrypt customer data written to ...
Hypervisors are increasingly utilized in modern computer systems, ranging from PCs to web servers an...
In this paper, we present a framework for transparent kernel and user execution tracing from a minim...
Non-volatile memories provide energy efficiency, tolerance against power failure, and “instant-on” p...
Abstract — Memory scanning is a common technique used by malicious programs to read and modify the m...
There are several mobile password managers on the marked, where the most popular of these uses the c...
Today's computing devices keep considerable amounts of sensitive data unencrypted in RAM. When stole...
AbstractTo combat the problem of encryption key recovery from main memory using cold boot-attacks, v...
People store increasing amounts of personal data digitally, from emails to credit cards. Two prevale...
To combat the problem of encryption key recovery from main memory using cold boot-attacks, various...
The isolation of security critical components from an untrusted OS allows to both protect applicatio...
Abstract—Unencrypted data appearing on the processor– memory bus can result in security violations, ...
Mobile Storage Devices, such as USB flash drives, offer a flexible solution for the transport and ...
Security features of modern (SoC) FPAGs permit to protect the confidentiality of hard- and software ...
We present Freeze & Crypt, a framework for main memory encryption. Our goal is to protect sensitive ...
A confidential virtual machine (CVM) uses a hardware-rooted key to encrypt customer data written to ...
Hypervisors are increasingly utilized in modern computer systems, ranging from PCs to web servers an...
In this paper, we present a framework for transparent kernel and user execution tracing from a minim...
Non-volatile memories provide energy efficiency, tolerance against power failure, and “instant-on” p...
Abstract — Memory scanning is a common technique used by malicious programs to read and modify the m...
There are several mobile password managers on the marked, where the most popular of these uses the c...
Today's computing devices keep considerable amounts of sensitive data unencrypted in RAM. When stole...
AbstractTo combat the problem of encryption key recovery from main memory using cold boot-attacks, v...
People store increasing amounts of personal data digitally, from emails to credit cards. Two prevale...
To combat the problem of encryption key recovery from main memory using cold boot-attacks, various...
The isolation of security critical components from an untrusted OS allows to both protect applicatio...
Abstract—Unencrypted data appearing on the processor– memory bus can result in security violations, ...
Mobile Storage Devices, such as USB flash drives, offer a flexible solution for the transport and ...
Security features of modern (SoC) FPAGs permit to protect the confidentiality of hard- and software ...