Proof of Concept of the project:
Panagiotis Papadopoulos, Giorgos Vasiliadis, Giorgos Christou, Evangelos Markatos, Sotiris Ioannidis,
"No Sugar but All the Taste! Memory Encryption Without Architectural Support", In Proceedings of European Symposium on Research in Computer Security (ESORICS 2017)
https://link.springer.com/chapter/10.1007/978-3-319-66399-9_20
Judge Alice uses in-memory sqlite3 database in an untrusted VM to store the names of all witnesses in the murder Case No 3134. Eve who works for the cloud company is paid by the main suspect to retrieve the list of witnesses and she is capable of cryo-freezing the physical RAM (cold boot) at any time.
- sqlite3_vanilla: sqlite3 v3.23.0 vanilla
- sqlite3_protected: sqlite3 v3.23.0 protected through memory encryption
- eve.sh: presents the data Eve will see the moment she performs cold boot
- alice.sh presents the data that Alice can after decrypting data.
make build
make
ruby patch.rb
sh eve.sh
in window one./sqlite3_vanilla
in-memory database in window two.read populate.sql
from inside sqlite2 cl./sqlite3_protected
in-memory database in window two.read populate.sql
from inside sqlite2 cl
make cleanall