ARMORED: CPU-Bound Encryption for Android-Driven ARM Devices

Author

Gotzfried, Johannes ; Muller, Tim

Author_Institution

Friedrich-Alexander-Univ., Erlangen-Nurnberg, Germany

fYear

2013

fDate

2-6 Sept. 2013

Firstpage

161

Lastpage

168

Abstract

As recently shown by attacks against Android-driven smart phones, ARM devices are vulnerable to cold boot attacks. At the end of 2012, the data recovery tool FROST was released which exploits the remanence effect of RAM to recover user data from a smart phone, at worst its disk encryption key. Disk encryption is supported in Android since version 4.0 and is today available on many smart phones. With ARMORED, we demonstrate that Android´s disk encryption feature can be improved to withstand cold boot attacks by performing AES entirely without RAM. ARMORED stores necessary keys and intermediate values of AES inside registers of the ARM microprocessor architecture without involving main memory. As a consequence, cold boot attacks on encryption keys in RAM appear to be futile. We developed our implementation on a Panda Board and tested it successfully on real phones. We also present a security and a performance analysis for ARMORED.

Keywords

cryptography; microprocessor chips; operating systems (computers); smart phones; ARM microprocessor architecture; ARMORED; Android-driven ARM devices; Android-driven smartphones; CPU-bound encryption; FROST; PandaBoard; RAM; cold boot attacks; data recovery tool; disk encryption key; remanence effect; Encryption; Kernel; Linux; Random access memory; Registers; Smart phones; AES; ARM; Android; CPU-bound encryption; Cold boot;

fLanguage

English

Publisher

ieee

Conference_Titel

Availability, Reliability and Security (ARES), 2013 Eighth International Conference on

Conference_Location

Regensburg

Type

conf

DOI

10.1109/ARES.2013.23

Filename

6657237