Visible to the public Copker: A Cryptographic Engine Against Cold-Boot Attacks

TitleCopker: A Cryptographic Engine Against Cold-Boot Attacks
Publication TypeJournal Article
Year of Publication2018
AuthorsGuan, L., Lin, J., Ma, Z., Luo, B., Xia, L., Jing, J.
JournalIEEE Transactions on Dependable and Secure Computing
KeywordsCache-as-RAM, Cathode ray tubes, cold-boot attack, cold-boot attacks, compositionality, Computers, Copker stores kilobytes, CPU registers, cryptographic engine, cryptographic keys, cryptographic services, cryptography, cyber physical systems, deterministic random bit generator, deterministic random bit generators, disk encryption, ECDSA signing, Internet of Things, Kernel, key-encryption key, Magnetic Remanence, memory data, multiple private keys, on-chip CPU caches, PGP Email clients, plain-text sensitive data, popular asymmetric cryptosystems, private key, private key cryptography, pubcrawl, public-key cryptography implementation, RAM chips, Random access memory, random number generation, Registers, Resiliency, RSA, sensitive information, suspend mode
AbstractCryptosystems are essential for computer and communication security, e.g., RSA or ECDSA in PGP Email clients and AES in full disk encryption. In practice, the cryptographic keys are loaded and stored in RAM as plain-text, and therefore vulnerable to cold-boot attacks exploiting the remanence effect of RAM chips to directly read memory data. To tackle this problem, we propose Copker, a cryptographic engine that implements asymmetric cryptosystems entirely within the CPU, without storing any plain-text sensitive data in RAM. Copker supports the popular asymmetric cryptosystems (i.e., RSA and ECDSA), and deterministic random bit generators (DRBGs) used in ECDSA signing. In its active mode, Copker stores kilobytes of sensitive data, including the private key, the DRBG seed and intermediate states, only in on-chip CPU caches (and registers). Decryption/signing operations are performed without storing any sensitive information in RAM. In the suspend mode, Copker stores symmetrically-encrypted private keys and DRBG seeds in memory, while employs existing solutions to keep the key-encryption key securely in CPU registers. Hence, Copker releases the system resources in the suspend mode. We implement Copker with the support of multiple private keys. With security analyses and intensive experiments, we demonstrate that Copker provides cryptographic services that are secure against cold-boot attacks and introduce reasonable overhead.
Citation Keyguan_copker_2018