Title :
Protecting Cryptographic Keys on Client Platforms Using Virtualization and Raw Disk Image Access
Author :
Sanjeev, Sujit ; Lodhia, Jatin ; Srinivasan, Raghunathan ; Dasgupta, Partha
Abstract :
Software cryptosystems face the challenge of secure key management. Recent trends in breaking cryptosystems suggest that it is easier to steal the cryptographic keys from unsecure systems than to break the algorithm itself, a prominent example of such an attack is the cracking of the HD-DVD encryption. This paper presents two methods to hide cryptographic keys in an unsecure machine. The first methoduses virtualization to isolate the sections of memory that contain cryptographic keys from an untrusted guest operating system (OS). Virtualization is an effective method to provide isolation between trusted and un-trusted components of a system. This work makes the Virtual Machine Monitor (VMM)as a cryptographic service provider for guest OS. The second method provides techniques to securely retrieve and store keys in secondary storage. The information about key storage and retrieval is stored inside the application binary. On execution this section retrieves the key from secondary storage.
Keywords :
cryptography; virtualisation; HD-DVD encryption; client platforms; cryptographic keys; raw disk image access; secure key management; software cryptosystems; unsecure systems; untrusted guest operating system; virtual machine monitor; virtualization; Arrays; Encryption; Kernel; Malware; Key hiding; Lguest; Linux; Raw disk interface; Secret Hiding; Virtualization;
Conference_Titel :
Privacy, Security, Risk and Trust (PASSAT) and 2011 IEEE Third Inernational Conference on Social Computing (SocialCom), 2011 IEEE Third International Conference on
Conference_Location :
Boston, MA
Print_ISBN :
978-1-4577-1931-8
DOI :
10.1109/PASSAT/SocialCom.2011.75
