When Encryption is not Enough: Memory Encryption is Broken

Published as Working-group on Applied Security & Privacy Technical Report UCSC-WASP-15-03.

Abstract

Computer Systems which allow the contents of userspace memory to be protected from view by the operating system often use encryption to implement this security boundary. This technical report shows how rapidly changing memory contents leak information even when an adversary can only read the contents of memory as ciphertext. We use an example to demonstrate that far from providing complete protection from seeing the contents of memory, the patterns of updates to the ciphertext yields information about its contents.

Publication date:
November 2015

Authors:
D J Capelis

Projects:
User Controlled Trusted Systems

Available media

Full paper text: PDF

Bibtex entry

@techreport{wasptr-15-03,
  author       = {D J Capelis},
  title        = {When Encryption is not Enough: Memory Encryption is Broken},
  institution  = {University of California, Santa Cruz},
  number       = {UCSC-WASP-15-03},
  month        = nov,
  year         = {2015},
}