Observing the user during early boot should not be sufficient to defeat the protection offered by Anti Evil Maid (AEM). Using time based one-time passwords instead of simple static secret text helps avoid screen observation based attacks. Installation of the improved AEM on removable media along with usage of Linux Unified Key Setup (LUKS) key files deters keyboard observation, as an attacker would also need to seize the boot media. These enhancements are then made even stronger by adding revokable TPM assisted anti-replay protection for AEM secrets.

Organization

Student

Patrik Hagara

Mentors

  • Rusty Bird
close

2017