Research Article
Protecting Encryption Keys in Mobile Systems Against Memory Errors
@ARTICLE{10.4108/eai.14-12-2015.2262698, author={Jianing Zhao and Peter Kemper}, title={Protecting Encryption Keys in Mobile Systems Against Memory Errors}, journal={EAI Endorsed Transactions on Security and Safety}, volume={3}, number={10}, publisher={ACM}, journal_a={SESA}, year={2016}, month={1}, keywords={mobile systems, encryption, fault injection, simulation, memory errors, software reliability}, doi={10.4108/eai.14-12-2015.2262698} }- Jianing Zhao
Peter Kemper
Year: 2016
Protecting Encryption Keys in Mobile Systems Against Memory Errors
SESA
EAI
DOI: 10.4108/eai.14-12-2015.2262698
Abstract
Beyond its use to encrypt data, an encryption key can be used as a mean to control access to data on a mobile de-vice by leveraging a cloud service. This implies that a key is present in a mobile device only when it is on demand and authorized by the cloud, the key is evicted when it is not in use. CleanOS is an example system that is based on this concept. For security reasons, keys are stored only in DRAM memory during execution, which makes them susceptible to memory errors. In this paper, we identify scenarios where a memory error that damages a key can escalate to an unrecoverable data loss in a mobile system.
Copyright © 2015 J. Zhao and P. Kemper, licensed to EAI. This is an open access article distributed under the terms of the Creative Commons Attribution licence (http://creativecommons.org/licenses/by/3.0/), which permits unlimited use, distribution and reproduction in any medium so long as the original work is properly cited.