Abstract

We present HyperCrypt, a hypervisor-based solution that encrypts the entire kernel and user space to protect against physical attacks on main memory, such as cold boot attacks. HyperCrypt is fully transparent for the guest operating system and all applications running on top of it. At any time, only a small working set of memory pages remains in clear while the vast majority of pages are constantly kept encrypted. By utilizing CPU-bound encryption, the symmetric encryption key is never exposed to RAM. We evaluated our prototype running a standard Linux system with an nginx web sever. With the default configuration of 1024 cleartext pages, successful cold boot attacks are rendered highly unlikely due to large caches of at least 4 MB in modern CPUs. The performance overhead of nginx is raised by factor 1.37 compared to a non-virtualized system.

Paper: HyperCrypt (by Johannes Götzfried, Nico Dörr, Ralph Palutke, and Tilo Müller)
Slides: HyperCrypt Slides (presented at ARES’16, Salzburg, Austria)

Get the Code

Implementation (by Nico Dörr):
hypercrypt-bitvisor-1.4.patch: HyperCrypt patch for BitVisor (Version 1.4)