- Jan 18, 2011
- 139
- 2
- 81
"TRESOR Runs Encryption Securely Outside RAM
TRESOR is a secure implementation of AES which is resistant against cold boot attacks and other attacks on main memory. The basic idea behind this implementation is to store the secret key inside CPU registers rather than in RAM. All computations take place only on registers, no AES state is ever going to RAM. In particular, the x86 debug registers are misused as secure key storage.
TRESOR is a secure implementation of AES which is resistant against cold boot attacks and other attacks on main memory. The basic idea behind this implementation is to store the secret key inside CPU registers rather than in RAM. All computations take place only on registers, no AES state is ever going to RAM. In particular, the x86 debug registers are misused as secure key storage."
- Homepage: http://www1.informatik.uni-erlangen.de/tresor
- ReadMe: http://www1.informatik.uni-erlangen.de/tresor/readme.html
- Wikipedia: https://en.wikipedia.org/wiki/TRESOR
- USENIX paper, 2011:
http://www1.informatik.uni-erlangen.de/tresorfiles/tresor.pdf
- Slashdot::
http://linux.slashdot.org/story/11/08/26/2033226/protecting-a-laptop-from-sophisticated-attacks
- "Lest We Remember: Cold Boot Attacks on Encryption Keys"
http://citp.princeton.edu/pub/coldboot.pdf
- "Introduction to Cold Boot Attack"
http://freedom-to-tinker.com/blog/felten/new-research-result-cold-boot-attacks-disk-encryption
- Experimental guidelines from Princeton University
http://citp.princeton.edu/memory/exp/
Alternative: A similar project to TRESOR is Loop-Amnesia (AES-128 for 64-bit CPUs without AES-NI support)
: http://linuxrocks123.livejournal.com/93919.html
TRESOR is a secure implementation of AES which is resistant against cold boot attacks and other attacks on main memory. The basic idea behind this implementation is to store the secret key inside CPU registers rather than in RAM. All computations take place only on registers, no AES state is ever going to RAM. In particular, the x86 debug registers are misused as secure key storage.
TRESOR is a secure implementation of AES which is resistant against cold boot attacks and other attacks on main memory. The basic idea behind this implementation is to store the secret key inside CPU registers rather than in RAM. All computations take place only on registers, no AES state is ever going to RAM. In particular, the x86 debug registers are misused as secure key storage."
- Homepage: http://www1.informatik.uni-erlangen.de/tresor
- ReadMe: http://www1.informatik.uni-erlangen.de/tresor/readme.html
- Wikipedia: https://en.wikipedia.org/wiki/TRESOR
- USENIX paper, 2011:
http://www1.informatik.uni-erlangen.de/tresorfiles/tresor.pdf
- Slashdot::
http://linux.slashdot.org/story/11/08/26/2033226/protecting-a-laptop-from-sophisticated-attacks
- "Lest We Remember: Cold Boot Attacks on Encryption Keys"
http://citp.princeton.edu/pub/coldboot.pdf
- "Introduction to Cold Boot Attack"
http://freedom-to-tinker.com/blog/felten/new-research-result-cold-boot-attacks-disk-encryption
- Experimental guidelines from Princeton University
http://citp.princeton.edu/memory/exp/
Alternative: A similar project to TRESOR is Loop-Amnesia (AES-128 for 64-bit CPUs without AES-NI support)
: http://linuxrocks123.livejournal.com/93919.html
Facebook
Twitter