GlobalSign Blog

Can On-the-Fly RAM Encryption Secure Against Hardware Hackers?

Can On-the-Fly RAM Encryption Secure Against Hardware Hackers?

RAM encryption is one of those perennial subjects that appears every few years, generates much speculation, and then disappears without trace. 

We seem to be in one of these cycles at the moment. This is likely because, given the seismic shift to remote work over the first half of 2020, cybersec professionals are suddenly worried about hardware security to a much higher degree than normal. You can use VPNs and encrypted mail servers all you like, goes the thinking, but what if an employee leaves their laptop on a train, and a hacker manages to pull all of their passwords out of their RAM?

Well, here's the reality: this type of attack is extremely rare, and it's not immediately apparent that encrypting RAM would prevent it. Let’s dig deeper.

Hardware Attacks on RAM

Initially, we need to define what type of attack RAM encryption would be able to defeat. At first glance, any data stored in RAM appears to be pretty secure, for two reasons.

The first is that your OS manages permissions to access RAM for programs and blocks these same programs from seeing the contents of the RAM designated to others. In principle, this means that every program has a hermetically sealed section of RAM all to itself. The second reason is that RAM is volatile, and so all the data it contains will be lost after the power supply is switched off.

This means that the only conceivable attack that could access data stored in RAM is one "from the outside." This has been demonstrated in lab conditions, but (to my knowledge) has never been seen in the wild. This kind of attack would involve a cold restart of a machine that is already in the possession of the hacker, and an extremely fast recovery of RAM data before it disappears.

If that sounds familiar, it's because the same kind of technique is often used by one particular type of hacker: whitehat forensics operators. When computers are recovered from crime scenes, they will be "attacked" in precisely this fashion, in order to recover any encrypted information. If the computer was still running before this restart, and the RAM could be accessed extremely quickly, it's possible that this data could be recovered.

Protecting RAM With Encryption

This type of attack – even if it remains theoretical – has been enough of a concern for engineers to seriously investigate the possibility of encrypting RAM. 

At first glance, that might sound like an absurd idea. That's because whichever CPU is going to be encrypting the RAM will need memory space to store this data while it works on it, and this memory space is going to be in...RAM. So attempting to encrypt RAM using standard architectures is a little like literally trying to pull yourself up by your bootstraps.

As a result, systems that run with encrypted RAM have to use exotic architectures. There is, for instance, a two decades old article from Anderson and Kuhn which cites a Dallas DS5002FP that is able to encrypt it's own RAM. It does so by using hard-coded encryption protocols inside the CPU. 

Other solutions may exist, though. CPUs do not work directly on RAM, after all, but load data from it into caches. It's conceivable that the data could be loaded into a cache in encrypted form, decrypted, worked with, and then re-encrypted before being passed to RAM. But this approach, unfortunately, merely shifts the problem to one of protecting caches.

In other words, encrypting RAM is simply not feasible from a technical level, and this is not even to mention a number of other problems with the idea.

The Limitations

In addition to being extremely awkward from a systems architecture point of view, encrypted RAM would also have a number of disadvantages.

The most obvious of these is that it would be very, very slow. The efficacy of RAM is largely constrained by the speed at which it can be written and read, and in fact most of the advances in RAM technology over the past few decades have sought to improve these speeds. Having to encrypt all this data every time would make a machine running this kind of RAM insanely slow. As in it might literally drive one insane to attempt to use it.

Secondly, it's not obvious that encrypting RAM would be a good way of protecting data. Data is only in RAM, after all, because it’s being used. For most computers today, that means that it is being shared over a network, or at least that the host machine is networked. It's unlikely that an attacker would go to the effort of stealing the physical machine, and then go through a cold boot process, when the same data is likely to be much more easily accessible via a man in the middle attack.

The Bottom Line

This is not to say, of course, that in the neverending pursuit of security RAM encryption should not be explored. For industrial control systems that are vulnerable to physical intrusion, and in which operational speed is not an issue, RAM encryption might (just about) be a feasible solution.

But if you've come to this article looking for a way to protect your firms' computers when your employees inevitably leave them on the train, I've got some bad news for you. RAM encryption is not the solution. 

You should make sure that the hard disks of these machines are encrypted, of course, and have processes in place to verify that the anti-virus software is always up to date. You should also make sure that the employee's password is not on a sticky note on the keyboard. In other words, the data stored in RAM is the least of your worries.

Note: This blog article was written by a guest contributor for the purpose of offering a wider variety of content for our readers. The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of GlobalSign.

Share this Post