encrypted RAM at hardware-based level

grayway2

How would encrypted RAM works ?

What real benefits ?

Dont know much about it but it looks promising.

final

grayway2 How would encrypted RAM works ?

Memory encryption works by the device securely generating random encryption keys per-boot to encrypt the memory contents, which the CPU uses to access the encrypted memory when in use.

An example of this is Intel's Total Memory Encryption and AMD Secure Memory Encryption for desktops.

Additionally you can have hardware-based memory encryption that integrates with hardware virtualization to create separate encryption keys per virtual machine to isolate them.

grayway2 What real benefits ?

Memory encryption protects against advanced forensic analysis and physical attacks targeting memory. When a device is in use the RAM stores sensitive information such as derived encryption keys and data of in-use applications. Targeted attacks may involve using a cold-boot attack or creating specialist equipment to extract the RAM to attempt brute forcing/decrypting a device with disk encryption. Having a derived encryption key from memory allows a threat actor to brute force that key (if they know the key derivation parameters) with their only bottleneck being the computational strength they have and the security of the credential the key is derived from. Since they wouldn't need to interface with the device once they have keys, they aren't restricted by the OS throttling attempts or any security features that could erase the device.

With memory encryption, a threat would need to have both a highly resourceful and sophisticated attack to access the data in-use by the processor, this being exponentially more difficult to perform than a physical attack on the memory that it would almost not be worth attempting. It could be better to get data of the device through remote attacks instead.

An example of a similar attack involving RAM dumps to brute force the device is CVE-2024-29745 - which was used against Stock OS Pixels before April 2024. We reported this vulnerability: https://discuss.grapheneos.org/d/11860-vulnerabilities-exploited-in-the-wild-fixed-based-on-grapheneos-reports

While we have other features that protect against similar attacks such as automatic inactivity reboots and zeroing of freed memory, encrypted RAM would compliment the other features very well. It is something we'd like to see mobile devices have in the future, especially future GrapheneOS devices.

You can find info of current features at: https://grapheneos.org/features#exploit-mitigations
https://grapheneos.org/features#clearing-sensitive-data-from-memory

grayway2

final does the ram has to be embedded in the CPU so memory encryption become possible ?

When do you expect to see this technology on pixels ?

It would likely be the end of AFU exploit right ? I mean it looks to be extremely resourceful to bypass so the device will perform an auto reboot before an actor can deploy the necessary resources to do something.

final

grayway2 does the ram has to be embedded in the CPU so memory encryption become possible ?

grayway2 When do you expect to see this technology on pixels ?

We don't know, it's just something we would like to see.

grayway2 It would likely be the end of AFU exploit right ? I mean it looks to be extremely resourceful to bypass so the device will perform an auto reboot before an actor can deploy the necessary resources to do something.

Individual security features don't fix everything and are designed for protecting against a specific type of attack, for memory encryption it would close out the attack surface for physical extraction of memory. It wouldn't do much to protect against exploitation of the operating system i.e. sophisticated zero-click exploits or bypassing the lock screen of an AFU device. For example if the stock Android OS devices suddenly got memory encryption today but did not change anything else, Cellebrite would still be able to extract data: https://osservatorionessuno.org/blog/2025/03/a-deep-dive-into-cellebrite-android-support-as-of-february-2025/#the-february-2025-support-matrix

GrapheneOS provides far greater protection in all of those fronts that the stock OS does not. Automatic reboot would also likely restart the device and make the miniscule window of opportunity impossible even in the default time, but bonus points to reduce the timer down if you wish - it would have to be premeditated and known about from the start.

grayway2

final thank you for taking the time to explain everything.

tV0gr

AFAIK on desktop the technology seems to be underused, and not every BIOS supports it. For TMK, only a few SKU has it enabled, and for AMD only the epyc 4004 series (and up) clearly has it listed, and it seems that the ryzen pro supports it as well.

What I was hoping to do with it was to confine devices such as ethernet adaptor to their own VM, with the goal to add an extra layer and better protect against rdma and dma attacks, and (hopefully) better contain low-level attack on such devices. Turns out my network adapter would need to support virtual functions which it doesn't; the integrated graphics seems to have support for it but it seems the BIOS does not.

Since I have clear indication that that the firmware quality is not what I expected (reading my logs was enough to trigger a BIOS update) I am planning to go that route after upgrading to a more capable motherboard, and I expect to still need a discrete network adaptor to properly support it.

My assumption is that as-is a would-be attacker would find exploiting misconfiguration (or lack of configuration thereof) much easier to exploit, and ecrypted memory won't protect against it much. It's possible that I am a few command lines away from doing it but so far it's doing something similar to this is more complicated than expected. https://www.linux-kvm.org/images/d/d7/Mktme_kvm_forum_2018.pdf

BTW, this is the notification I get at boot telling me that encrypted memory is enabled "kernel: x86/mktme: No known encryption algorithm is supported (..)". I suspect that even more hardening is possible, once it gets more mainstream.