抗板级物理攻击的持久存储方法研究

doi:10.19678/j.issn.1000-3428.0060881

计算机工程 ›› 2022, Vol. 48 ›› Issue (2): 132-139. doi: 10.19678/j.issn.1000-3428.0060881

抗板级物理攻击的持久存储方法研究

李闽¹, 张倩颖^1,2,3, 王国辉^1,2, 施智平^1,4, 关永^1,5

1. 首都师范大学信息工程学院, 北京 100048;
2. 高可靠嵌入式系统北京市工程研究中心, 北京 100048;
3. 中国科学院计算技术研究所计算机体系结构国家重点实验室, 北京 100190;
4. 电子系统可靠性技术北京市重点实验室, 北京 100048;
5. 北京成像理论与技术高精尖创新中心, 北京 100048

收稿日期:2021-02-18 修回日期:2021-04-27 发布日期:2021-05-24
作者简介:李闽(1993-),男,硕士研究生,主研方向为嵌入式操作系统安全;张倩颖(通信作者),副教授;王国辉,高级实验师;施智平、关永,教授、博士生导师。
基金资助:
国家自然科学基金（61802375，61602325，61876111，61877040）；北京市教委科技计划一般项目（KM201910028005）；中国科学院计算技术研究所计算机体系结构国家重点实验室开放课题（CARCH201920）；首都师范大学交叉科学研究院项目（19530012005）。

Research on Persistent Storage Method Against Board-Level Physical Attacks

LI Min¹, ZHANG Qianying^1,2,3, WANG Guohui^1,2, SHI Zhiping^1,4, GUAN Yong^1,5

1. College of Information Engineering, Capital Normal University, Beijing 100048, China;
2. Beijing Engineering Research Center of High Reliable Embedded System, Beijing 100048, China;
3. State Key Laboratory of Computer Architecture, Institute of Computing Technology, Chinese Academy of Sciences, Beijing 100190, China;
4. Beijing Key Laboratory of Electronic System Reliability Technology, Beijing 100048, China;
5. Beijing Advanced Innovation Center for Imaging Theory and Technology, Beijing 100048, China

Received:2021-02-18 Revised:2021-04-27 Published:2021-05-24

摘要/Abstract

摘要： 为保护文件系统的安全性，提出一种抗板级物理攻击的持久存储方法。利用ARM TrustZone技术构建持久存储架构，实现内存保护机制和持久存储保护服务，提高文件系统的物理安全性。基于片上内存（OCM）在可信执行环境（TEE）中的内核层建立内存保护机制，保证TEE的可信应用能够抵抗板级物理攻击。基于TEE的内存保护机制实现保护文件系统中敏感数据的持久存储保护服务，确保文件系统的机密性和完整性。在物理开发板上实现持久存储架构的原型系统，使用基准测试工具对原型系统进行性能评估，并分析性能损耗的原因。测试结果表明，内存保护机制在保护TEE系统物理安全性时引入的时间开销会随着OCM的增大而减小，持久存储保护服务在保护数据量较小的敏感数据时产生的时间开销在用户可接受范围内。

关键词: ARM TrustZone技术, 可信执行环境, 板级物理攻击, 片上内存, 持久存储保护

Abstract: In order to protect the security of the file system, this paper presents a persistent storage method against board-level physical attacks.Utilizing the ARM TrustZone technology, we build a persistent storage architecture that provides a memory protection mechanism and a persistent storage protection service and improves the physical security of the file system.Based on On-Chip Memory(OCM), a memory protection mechanism is built at the kernel level of the Trusted Execution Environment(TEE), and it ensures that trusted applications of TEE can resist board-level physical attacks.Based on the above memory protection mechanism of TEE, a persistent storage protection service is realized for protecting sensitive data in file systems, which can provide confidentiality and integrity protection to the file system.Finally, we implement a prototype system on a physical development board, use benchmark test tools to evaluate its performance, and analyze the cause for its overhead.The test results show that the overhead introduced by the memory protection mechanism in protecting the physical security of the TEE system decreases with the increase of the OCM, and the overhead of the persistent storage protection service when protecting a small amount of sensitive data is within the acceptable range of users.

Key words: ARM TrustZone technology, Trusted Execution Environment(TEE), board-level physical attack, On-Chip Memory(OCM), persistent storage protection

中图分类号:

TP316

李闽, 张倩颖, 王国辉, 施智平, 关永. 抗板级物理攻击的持久存储方法研究[J]. 计算机工程, 2022, 48(2): 132-139.

LI Min, ZHANG Qianying, WANG Guohui, SHI Zhiping, GUAN Yong. Research on Persistent Storage Method Against Board-Level Physical Attacks[J]. Computer Engineering, 2022, 48(2): 132-139.

http://www.ecice06.com/CN/Y2022/V48/I2/132

图/表 8

20220301123234

20220301123238

20220301123241

20220301123246

20220301123250

20220301123254

20220301123258

20220301123302

参考文献

[1] ARM Ltd.Security technology-building a secure system using TrustZone technology[EB/OL].[2021-01-04].https://developer.arm.com/documentation/PRD29-GENC-009492/c.
[2] HUANG A.Keeping secrets in hardware:the Microsoft Xbox^TM case study[C]//Proceedings of International Workshop on Cryptographic Hardware and Embedded Systems.Berlin, Germany:Springer, 2002:213-227.
[3] HOTZ G.PS3 glitch hack[EB/OL].[2021-01-04].https://rdist.root.org/2010/01/27/how-the-ps3-hypervisor-was-hacked/.
[4] SOLUTIONS E.Analysis tools for DDR1, DDR2, DDR3, embedded DDR and fully buffered DIMM modules[EB/OL].[2021-01-04].http://www.epnsolutions.net/ddr.html.
[5] MÜLLER T, SPREITZENBARTH M.Frost:forensic recovery of scrambled telephones[C]//Proceedings of International Conference on Applied Cryptography and Network Security.Berlin, Germany:Springer, 2014:373-388.
[6] FS2334 DDR2800 MT/s DIMM analysis probe-FuturePlus systems[EB/OL].[2021-01-04].https://www.yumpu.com/en/document/read/41592980/fs2334-ddr2-800-mt-s-dimm-analysis-probe-futureplus-systems.
[7] NCC Group.TPM genie tool[EB/OL].[2021-01-04].https://github.com/nccgroup/TPMGenie.
[8] HALDERMAN J A, SCHOEN S D, HENINGER N, et al.Lest we remember[J].Communications of the ACM, 2009, 52(5):91-98.
[9] Gitee.Optee_test[EB/OL].[2021-02-05].https://gitee.com/iamwjia/optee_test.
[10] 杨阳, 关志, 陈钟.冷启动攻击研究综述[J].计算机应用研究, 2015, 32(10):2886-2890. YANG Y, GUAN Z, CHEN Z.Survey of cold boot attack[J].Application Research of Computers, 2015, 32(10):2886-2890.(in Chinese)
[11] NEUGSCHWANDTNER M, BEITLER A, KURMUS A.A transparent defense against USB eavesdropping attacks[C]//Proceedings of the 9th European Workshop on System Security.New York, USA:ACM Press, 2016:1-6.
[12] MÜLLER T, DEWALD A, FREILING F C.AESSE:a cold-boot resistant implementation of AES[C]//Proceedings of the 3rd European Workshop on System Security.New York, USA:ACM Press, 2010:42-47.
[13] MÜLLER T, FREILING F C, DEWALD A.TRESOR runs encryption securely outside RAM[C]//Proceedings of the 20th USENIX Security Symposium.New York, USA:ACM Press, 2011:1-17.
[14] SIMMONS P.Security through amnesia:a software-based solution to the cold boot attack on disk encryption[C]//Proceedings of the 27th Annual Computer Security Applications Conference.New York, USA:ACM Press, 2011:73-82.
[15] GARMANY B, MÜLLER T.PRIME:private RSA infrastructure for memory-less encryption[C]//Proceedings of the 29th Annual Computer Security Applications Conference.New York, USA:ACM Press, 2013:149-158.
[16] VASILIADIS G, ATHANASOPOULOS E, POLYCHRONAKIS M, et al.PixelVault:using GPUs for securing cryptographic operations[C]//Proceedings of 2014 ACM SIGSAC Conference on Computer and Communications Security.New York, USA:ACM, 2014:1131-1142.
[17] PETERSON P A H.Cryptkeeper:improving security with encrypted RAM[C]//Proceedings of 2010 IEEE International Conference on Technologies for Homeland Security.Washington D.C., USA:IEEE Press, 2010:120-126.
[18] COLP P, ZHANG J W, GLEESON J, et al.Protecting data on smartphones and tablets from memory attacks[C]//Proceedings of the 20th International Conference on Architectural Support for Programming Languages and Operating Systems.New York, USA:ACM Press, 2015:177-189.
[19] GÖTZFRIED J, MÜLLER T, DRESCHER G, et al.RamCrypt:kernel-based address space encryption for user-mode processes[C]//Proceedings of the 11th ACM Asia Conference on Computer and Communications Security.New York, USA:ACM Press, 2016:919-924.
[20] GUAN L, CAO C, ZHU S C, et al.Protecting mobile devices from physical memory attacks with targeted encryption[C]//Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks.New York, USA:ACM Press, 2019:34-44.
[21] FERGUSON N.AES-CBC + Elephant diffuser:a disk encryption algorithm for Windows Vista[EB/OL].[2021-01-04].http://people.eecs.berkeley.edu/~raluca/cs261-f15/readings/bitlocker.pdf.
[22] BROZ M, KOZINA O, WAGNER A, et al.dm-crypt:Linux kernel device-mapper crypto target[EB/OL].[2021-01-04].https://gitlab.com/cryptsetup/cryptsetup/wikis/DMCrypt.
[23] ZHAO S J, ZHANG Q Y, HU G Y, et al.Providing root of trust for ARM TrustZone using on-chip SRAM[C]//Proceedings of the 4th International Workshop on Trustworthy Embedded Devices.New York, USA:ACM Press, 2014:25-36.

选择文件类型/文献管理软件名称

选择包含的内容

抗板级物理攻击的持久存储方法研究

Research on Persistent Storage Method Against Board-Level Physical Attacks

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 8

参考文献

相关文章 1

编辑推荐

Metrics

本文评价

模态框（Modal）标题

选择文件类型/文献管理软件名称

选择包含的内容

抗板级物理攻击的持久存储方法研究

Research on Persistent Storage Method Against Board-Level Physical Attacks

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 8

参考文献

相关文章 1

编辑推荐

Metrics

本文评价