https://www.sec.in.tum.de/i20/publications/fridgelock-preventing-data-theft-on-suspended-linux-with-usable-memory-encryption

Chair of IT Security
TUM School of Computation, Information and Technology
Technical University of Munich
TUM Logo
Search Site [                  ] [Search]
[ ] only in current section
Advanced Search...
Toggle navigation

  * Home
  * Teaching
  * Research
  * Projects
  * People
  * Student Work
  * Jobs
  * Publications
  * CTF

You are here:

 1. Home
 2. Publications
 3. FridgeLock: Preventing Data Theft on Suspended Linux with Usable
    Memory Encryption

FridgeLock: Preventing Data Theft on Suspended Linux with Usable
Memory Encryption

To secure mobile devices, such as laptops and smartphones, against
unauthorized physical data access, employing Full Disk Encryption
(FDE) is a popular defense. This technique is effective if the device
is always shut down when unattended. However, devices are often
suspended instead of switched off. This leaves confidential data such
as the FDE key, passphrases and user data in RAM which may be read
out using cold boot, JTAG or DMA attacks. These attacks can be
mitigated by encrypting the main memory during suspend. While this
approach seems promising, it is not implemented on Windows or Linux.
We present FridgeLock to add memory encryption on suspend to Linux.
Our implementation as a Linux Kernel Module (LKM) does not require an
admin to recompile the kernel. Using Dynamic Kernel Module Support
(DKMS) allows for easy and fast deployment on existing Linux systems,
where the distribution provides a prepackaged kernel and kernel
updates. We tested our module on a range of 4.19 to 5.3 kernels and
experienced a low performance impact, sustaining the system's
usability. We hope that our tool leads to a more detailed evaluation
of memory encryption in real world usage scenarios.

FridgeLock: Preventing Data Theft on Suspended Linux with Usable
Memory Encryption

Proceedings of the Tenth ACM Conference on Data and Application
Security and Privacy

Authors:   Fabian Franzen, Manuel Andreas, and Manuel Huber
Year/      2020/3
month:
Booktitle: Proceedings of the Tenth ACM Conference on Data and
           Application Security and Privacy
Fulltext:  fridgelock.pdf

Abstract

To secure mobile devices, such as laptops and smartphones, against
unauthorized physical data access, employing Full Disk Encryption
(FDE) is a popular defense. This technique is effective if the device
is always shut down when unattended. However, devices are often
suspended instead of switched off. This leaves confidential data such
as the FDE key, passphrases and user data in RAM which may be read
out using cold boot, JTAG or DMA attacks. These attacks can be
mitigated by encrypting the main memory during suspend. While this
approach seems promising, it is not implemented on Windows or Linux.
We present FridgeLock to add memory encryption on suspend to Linux.
Our implementation as a Linux Kernel Module (LKM) does not require an
admin to recompile the kernel. Using Dynamic Kernel Module Support
(DKMS) allows for easy and fast deployment on existing Linux systems,
where the distribution provides a prepackaged kernel and kernel
updates. We tested our module on a range of 4.19 to 5.3 kernels and
experienced a low performance impact, sustaining the system's
usability. We hope that our tool leads to a more detailed evaluation
of memory encryption in real world usage scenarios.

Bibtex:

@inproceedings {
author = { Fabian Franzen and Manuel Andreas and Manuel Huber},
title = { FridgeLock: Preventing Data Theft on Suspended Linux with
Usable Memory Encryption },
year = { 2020 },
month = { March },
booktitle = { Proceedings of the Tenth ACM Conference on Data and
Application Security and Privacy },
url = {https://www.sec.in.tum.de/i20/publications/
fridgelock-preventing-data-theft-on-suspended-linux-with-usable-memory-encryption
/@@download/file/fridgelock.pdf}
}
Upcoming Events

  * MA Abschlussvortrag Hendrik Hagendorn / Michael Heinl, Sebastian
    Peters May 03, 2024 10:00 AM
    (Europe/Berlin) -- per Videokonferenz
  * GR Abschlussvortrag Michael Pessel / Ludwig Peuckert May 03, 2024
    11:00 AM
    (Europe/Berlin) -- per Videokonferenz
  * BA Abschlussvortrag Florian Raabe / Albert Stark, Joana Pecholt 
    May 10, 2024 11:00 AM
    (Europe/Berlin) -- per Videokonferenz
  * Mundl. Promotionsprufung Alexander Giehl May 21, 2024 01:00 PM
    (Europe/Berlin) -- Am AISEC - Box -
  * BA Abschlussvortrag Jakob Gunther / Pascal Debus, Kilian Tscharke
    May 23, 2024 09:00 AM
    (Europe/Berlin) -- per Videokonferenz

Previous events...
Upcoming events...
News

  * Prof. Claudia Eckert erhalt hochste Auszeichnung der TUM, die
    Heinz Maier-Leibnitz-Medaille Dec 13, 2023
  * Die Lehrveranstaltungsplanung fur das SS 2024 ist noch nicht
    abgeschlossen Oct 11, 2023
  * Preis fur gute Lehre: Claudia Eckert ausgezeichnet Apr 28, 2023
  * Experience Cybersecurity @ Fraunhofer AISEC Apr 21, 2023
  * Wir suchen ab sofort 1 wissenschaftliche Mitarbeiter/innen fur
    ein Projekt zusammen mit SAP Mar 21, 2023

More news...
Imprint Data privacy How to find us Login