In the age of WikiLeaks, Russian hacks and increased government surveillance, many computer users are feeling increasingly worried about how best to protect their personal information—even if they aren’t guarding state secrets.
Sweet dreams are made of this
“Protecting data is especially difficult when a computer goes to sleep, which happens when a laptop’s lid is closed, or after a certain period of user inactivity,” explains PhD candidate Lianying Zhao.
He explains that if a computer in this mode falls into the wrong hands, a malicious person can extract the data found in the machine’s random-access memory (RAM) in a number of technical ways.
“It’s been a known problem for several years, but no one’s proposed a viable way to solve it. Until now.”
You are getting sleepy …
Zhao developed the Hynoguard system with Mohammad Mannan, an associate professor with the Concordia Institute for Information Systems Engineering.,
It’s designed to protect “data-in-sleep.” When installed, the system encrypts the computer’s RAM before it enters sleep mode, and then decrypts the data upon waking with hardware-backed uncircumventible user re-authentication.
“The entire process is transparent to the user, who simply enters a regular ‘unlock’ password when the computer wakes up,” explains Mannan. “There’s almost no impact on usability. For an average computer with eight gigabytes of memory, the process only takes about a second.”
He and Zhao designed the system by carefully integrating password-based authentication with widely available hardware security features in modern consumer-grade computers. They unveiled their work at the 2016 ACM Conference on Computer and Communications Security this October in Vienna.
Coming to a laptop near you
Having just filed a provisional US patent for the system, Mannan and Zhao hope that members of the general population as well as corporate and state users will soon be able to use Hypnoguard to protect critical data.
“Professionals for whom security is paramount—people like government agents, journalists and businessmen—should benefit the most in terms of protecting secrets in RAM. If their computer is lost or stolen, or if they are forced to reveal their password, Hypnoguard will provide that extra layer of protection. And if it’s combined with Gracewipe, another of our security systems, both RAM and disk data will be safe against password guessing and coercion attacks.”
1. Read the Hypnoguard paper from the ACM Conference proceedings.