covert and side channel attacks and defenses
play

Covert and Side Channel Attacks and Defenses Mengjia Yan Fall 2020 - PowerPoint PPT Presentation

Nov 28, 2023 •356 likes •1.03k views

Covert and Side Channel Attacks and Defenses Mengjia Yan Fall 2020 Based on slides from Christopher W. Fletcher Reminder Lab assignment will be released 09/21 Monday Recommend to read Cache missing for fun and profit. (2005).

  1. Covert and Side Channel Attacks and Defenses Mengjia Yan Fall 2020 Based on slides from Christopher W. Fletcher

  2. Reminder • Lab assignment will be released 09/21 Monday • Recommend to read ”Cache missing for fun and profit.” (2005). • Check out the presentation schedule on course website • 7 slots empty, volunteer or invited speaker or Mengjia/Miles 6.888 L4-Covert and Side Channels 2

  3. Resources • Side channel tutorial website • https://sites.google.com/view/arch-sec/home • External resources • Mastik, a toolkit for uarch side channels: https://cs.adelaide.edu.au/~yval/Mastik/ • Survey on microarchitectural timing attacks: https://eprint.iacr.org/2016/613.pdf • Survey on transient execution attacks: https://arxiv.org/abs/1811.05441 6.888 L4-Covert and Side Channels 3

  4. What is Covert and Side Channel? Covert channel: • Intended communication between two or more security parties Side channel: • Unintended communication between two or more security parties 6.888 L4-Covert and Side Channels 4

  5. What is Covert and Side Channel? Covert channel: • Intended communication between two or more security parties Side channel: • Unintended communication between two or more security parties In both cases: • Communication should not be possible, following system semantics • The communication medium is not designed to be a communication channel 6.888 L4-Covert and Side Channels 4

  6. What is Covert and Side Channel? Covert channel: • Intended communication between two or more security parties Side channel: • Unintended communication between two or more security parties In both cases: • Communication should not be possible, following system semantics • The communication medium is not designed to be a communication channel Covert channel can show “best case” leakage 6.888 L4-Covert and Side Channels 4

  7. Scope CIA: Confidentiality, Integrity, Availability 6.888 L4-Covert and Side Channels 5

  8. Scope CIA: Confidentiality, Integrity, Availability Confidentiality: was data being computed upon not revealed to an un-permitted party? Integrity: was the computation performed correctly, returning the correct result? Availability: did the computational resource carry out the task at all? 6.888 L4-Covert and Side Channels 5

  9. Scope CIA: Confidentiality, Integrity, Availability Confidentiality/Privacy Confidentiality: was data being computed upon not revealed to an un-permitted party? Integrity: was the computation performed correctly, returning the correct result? Availability: did the computational resource carry out the task at all? 6.888 L4-Covert and Side Channels 5

  10. Scope CIA: Confidentiality, Integrity, Availability Confidentiality/Privacy Side/covert channels Confidentiality: was data being computed upon not revealed to an un-permitted party? Integrity: was the computation performed correctly, returning the correct result? Availability: did the computational resource carry out the task at all? 6.888 L4-Covert and Side Channels 5

  11. Scope CIA: Confidentiality, Integrity, Availability Confidentiality/Privacy Side/covert channels Confidentiality: was data being computed upon not revealed to an un-permitted party? Microarchitectural channels Integrity: was the computation performed correctly, returning the correct result? Availability: did the computational resource carry out the task at all? 6.888 L4-Covert and Side Channels 5

  12. Side Channels Are Almost Everywhere

  13. Daily Life Examples • Acoustic side channels • Monitor keystrokes • You only need: a cheap microphone + an ML model 6.888 L4-Covert and Side Channels 7

  14. Daily Life Examples • Acoustic side channels • Monitor keystrokes • You only need: a cheap microphone + an ML model • Network traffic contention side channel • If you want to be an active attacker, try stress test 6.888 L4-Covert and Side Channels 7

  15. “Hear” The Screen frequency time Sound Spectogram Genkin et. al. Synesthesia: Detecting Screen Content via Remote Acoustic Side Channels. S&P’19 6.888 L4-Covert and Side Channels 8

  16. “Hear” The Screen (A) is the LCD panel, (B) is the screen’s digital logic and image rendering board and, (C) is the screen’s power supply board. 6.888 L4-Covert and Side Channels 9

  17. Network Side Channels • Website Fingerprinting Lescisin et. al. Tools for Active and Passive Network Side-Channel Detection for Web Applications. WOOT’18 Cai et. al. Touching from a distance: Website fingerprinting attacks and defenses. CCS’12. 6.888 L4-Covert and Side Channels 10

  18. Network Side Channels • Website Fingerprinting • Response dependent: • iSideWith.com • Real-time feedback: • Google Search auto-complete Lescisin et. al. Tools for Active and Passive Network Side-Channel Detection for Web Applications. WOOT’18 Cai et. al. Touching from a distance: Website fingerprinting attacks and defenses. CCS’12. 6.888 L4-Covert and Side Channels 10

  19. Physical v.s. Timing v.s. uArch Channel • What can the adversary observe? 6.888 L4-Covert and Side Channels 11

  20. Physical v.s. Timing v.s. uArch Channel • What can the adversary observe? Physical channels Power, EM, sound, etc. Processor Victim Attacker requires measurement equipment à physical access 6.888 L4-Covert and Side Channels 11

  21. Physical v.s. Timing v.s. uArch Channel • What can the adversary observe? Timing channels Physical channels Power, EM, sound, etc. Processor Processor Response time Victim Victim Attacker requires measurement Attacker may be remote (e.g., equipment à physical access over an internet connection) 6.888 L4-Covert and Side Channels 11

  22. Physical v.s. Timing v.s. uArch Channel • What can the adversary observe? Microarchitectural Timing channels Physical channels channels Microarch events (e.g., timing, perf. Power, EM, counters, etc.) sound, etc. Processor Processor Processor Response Victim time Victim Victim Attacker Attacker requires measurement Attacker may be remote (e.g., Attacker may be remote, equipment à physical access over an internet connection) or be co-located 6.888 L4-Covert and Side Channels 11

  23. Power Analysis from https://en.wikipedia.org/wiki/Power_analysis 6.888 L4-Covert and Side Channels 12

  24. Victim Application: RSA • Square-and-multiply based exponentiation Input : base b , modulo m , exponent e = ( e n −1 ... e 0 ) 2 Output : b e mod m r = 1 for i = n −1 down to 0 do r = sqr ( r ) r = mod ( r , m ) if e i == 1 then r = mul ( r , b ) r = mod ( r , m ) end end return r 6.888 L4-Covert and Side Channels 13

  25. Victim Application: RSA • Square-and-multiply based exponentiation Input : base b , modulo m , exponent e = ( e n −1 ... e 0 ) 2 Output : b e mod m r = 1 for i = n −1 down to 0 do r = sqr ( r ) r = mod ( r , m ) if e i == 1 then r = mul ( r , b ) r = mod ( r , m ) end end return r 6.888 L4-Covert and Side Channels 13

  26. Power Analysis 6.888 L4-Covert and Side Channels 14

  27. Power Analysis • Various signal processing techniques to de-noise. • More advanced: differential power analysis (DPA) 6.888 L4-Covert and Side Channels 14

  28. Benign Usage: Non-intrusive Software Monitoring • How to efficiently monitor application for anomaly detection? Sehatbakhsh et al. Spectral Profiling: Observer-Effect-Free Profiling by Monitoring EM Emanations. MICRO’16 6.888 L4-Covert and Side Channels 15

  29. Benign Usage: Non-intrusive Software Monitoring • How to efficiently monitor application for anomaly detection? Sehatbakhsh et al. Spectral Profiling: Observer-Effect-Free Profiling by Monitoring EM Emanations. MICRO’16 6.888 L4-Covert and Side Channels 15

  30. What can you do with these channels? • Violate privilege boundaries • Inter-process communication • Infer an application’s secret • (Semi-Invasive) application profiling 6.888 L4-Covert and Side Channels 16

  31. What can you do with these channels? • Violate privilege boundaries • Inter-process communication • Infer an application’s secret • (Semi-Invasive) application profiling Different from traditional software or physical attacks: • Stealthy. Sophisticated mechanisms needed to detect channel • Usually no permanent indication one has been exploited 6.888 L4-Covert and Side Channels 16

  32. uArch Side Channels

  33. Recap: Process Isolation Process 1 Physical Address Space Page Table per process (limited by DRAM size) VA 4KB PA 4KB Process 2 4KB 4KB Virtual Address Space (Programmer's View) 6.888 L4-Covert and Side Channels 18

  34. Recap: Process Isolation Process 1 Physical Address Space Page Table per process (limited by DRAM size) VA 4KB PA 4KB Process 2 4KB 4KB How to communicate across processes? Virtual Address Space (Programmer's View) 6.888 L4-Covert and Side Channels 18

  35. Normal Cross-process Communication include <socket.h> void send(bit msg) { socket.send(msg); } bit recv() { return socket.recv(msg); } 6.888 L4-Covert and Side Channels 19

  36. Normal Cross-process Communication include <socket.h> How to communication void send(bit msg) { without letting OS know? socket.send(msg); } bit recv() { return socket.recv(msg); } 6.888 L4-Covert and Side Channels 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Covert and Side Channel Attacks and Defenses Mengjia Yan Fall 2020 Based on slides from

Covert and Side Channel Attacks and Defenses Mengjia Yan Fall 2020 Based on slides from

Covert and Side Channel Attacks and Defenses Mengjia Yan Fall 2020 Based on slides from Christopher W. Fletcher Reminder Lab assignment will be released 09/21 Monday Recommend to read Cache missing for fun and profit. (2005).

562 views • 38 slides
Side-Channel Attacks and Defenses for SGX and SEV Yinqian Zhang Associate Professor Computer

Side-Channel Attacks and Defenses for SGX and SEV Yinqian Zhang Associate Professor Computer

Open Source Enclave Workshop 2019 Side-Channel Attacks and Defenses for SGX and SEV Yinqian Zhang Associate Professor Computer Science &amp; Engineering The Ohio State University Userland TEEs on Commodity Processors Application VM VM

154 views • 14 slides
+ Side Channel and Covert Channel A1acks on Microkernel

+ Side Channel and Covert Channel A1acks on Microkernel

+ Side Channel and Covert Channel A1acks on Microkernel Architectures WAMOS 2015 Advanced Opera3ng Systems Hochschule RheinMain Alexander Baumgrtner and

539 views • 25 slides
Covert and Side Channels Robert Brotzman-Smith Covert Channels Any communication channel that

Covert and Side Channels Robert Brotzman-Smith Covert Channels Any communication channel that

Covert and Side Channels Robert Brotzman-Smith Covert Channels Any communication channel that can be exploited by a process to transfer information in a manner that violates the systems security policy US DoD 1985 Basically a

1.04k views • 67 slides
Systems Security: Side-channel attacks Stjepan Picek s.picek@tudelft.nl Delft University of

Systems Security: Side-channel attacks Stjepan Picek s.picek@tudelft.nl Delft University of

Systems Security: Side-channel attacks Stjepan Picek s.picek@tudelft.nl Delft University of Technology, The Netherlands May 6, 2018 Outline 1 Side-channels 2 Implementation Attacks 3 Side-channel Attacks 4 Fault Injection 2 / 48

824 views • 48 slides
Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . . . 1 / 18

Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . . . 1 / 18

I SAP Towards Side-channel Secure AE Christoph Dobraunig, Maria Eichlseder, Stefan Mangard, Florian Mendel, Thomas Unterluggauer FSE 2017 www.iaik.tugraz.at Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . .

635 views • 30 slides
Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . . . 1 / 21

Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . . . 1 / 21

I SAP Towards Side-channel Secure AE Christoph Dobraunig, Maria Eichlseder, Stefan Mangard, Florian Mendel, Thomas Unterluggauer ESC 2017 www.iaik.tugraz.at Introduction Problem: side-channel attacks Countermeasures: hiding, masking, TI . .

476 views • 33 slides
Randomness as countermeasures against Side Channel Attacks Nadia El Mrabet

Randomness as countermeasures against Side Channel Attacks Nadia El Mrabet

Randomness as countermeasures against Side Channel Attacks Nadia El Mrabet nadia.el-mrabet@emse.fr Mines St Etienne WRACH2019, April 17, 2019 Side channel attacks Physical counter measures Algorithmic counter measures Arithmetical

900 views • 36 slides
Behind the Scene of Side Channel Attacks ASIACRYPT 2013 Victor LOMNE, Emmanuel PROUFF and Thomas

Behind the Scene of Side Channel Attacks ASIACRYPT 2013 Victor LOMNE, Emmanuel PROUFF and Thomas

Behind the Scene of Side Channel Attacks ASIACRYPT 2013 Victor LOMNE, Emmanuel PROUFF and Thomas ROCHE ANSSI (French Network and Information Security Agency) Thursday, December 3rd, 2013 Side Channel Attacks (SCA)| Linear Regression Attack

340 views • 32 slides
SIDE-CHANNEL ATTACKS ON HARDWARE IMPLEMENTATIONS OF CRYPTOGRAPHIC ALGORITHMS Sddka Berna

SIDE-CHANNEL ATTACKS ON HARDWARE IMPLEMENTATIONS OF CRYPTOGRAPHIC ALGORITHMS Sddka Berna

SIDE-CHANNEL ATTACKS ON HARDWARE IMPLEMENTATIONS OF CRYPTOGRAPHIC ALGORITHMS Sddka Berna Ors Yal cn Istanbul Technical University Department of Electronics and Communication Engineering Introduction A side-channel analysis attack

1.81k views • 99 slides
Performing Low-cost Electromagnetic Side-channel Attacks using RTL-SDR and Neural Networks

Performing Low-cost Electromagnetic Side-channel Attacks using RTL-SDR and Neural Networks

Performing Low-cost Electromagnetic Side-channel Attacks using RTL-SDR and Neural Networks Pieter Robyns Motivation and introduction Motivation Information about performing EM side-channel attacks using SDR is quite scarce A few

758 views • 42 slides
HOST Differential Power Attacks ECE 525 Side-Channel Attacks Cryptographic algorithms assume

HOST Differential Power Attacks ECE 525 Side-Channel Attacks Cryptographic algorithms assume

HOST Differential Power Attacks ECE 525 Side-Channel Attacks Cryptographic algorithms assume that secret keys are utilized by implementations of the algorithm in a secure fashion, with access only allowed through the I/Os Unfortunately,

363 views • 12 slides
Elliptic Curve Cryptography on Embedded Devices Scalar Multiplication and Side-Channel Attacks

Elliptic Curve Cryptography on Embedded Devices Scalar Multiplication and Side-Channel Attacks

Elliptic Curves Side-Channel Countermeasures Conclusion Elliptic Curve Cryptography on Embedded Devices Scalar Multiplication and Side-Channel Attacks Vincent Verneuil 1 , 2 1 Inside Secure 2 Institut de Math ematiques de Bordeaux S

2.22k views • 188 slides
AUTOMATED SOFTWARE PROTECTION FOR THE MASSES AGAINST SIDE-CHANNEL ATTACKS PHISIC 2018 |

AUTOMATED SOFTWARE PROTECTION FOR THE MASSES AGAINST SIDE-CHANNEL ATTACKS PHISIC 2018 |

Nicolas Belleville Damien Courouss Karine Heydemann Henri-Pierre Charles AUTOMATED SOFTWARE PROTECTION FOR THE MASSES AGAINST SIDE-CHANNEL ATTACKS PHISIC 2018 | Belleville Nicolas INTRODUCTION Focus on power/EM based side channel

535 views • 31 slides
AUTOMATED SOFTWARE PROTECTION FOR THE MASSES AGAINST SIDE-CHANNEL ATTACKS SIDE CHANNEL ATTACKS

AUTOMATED SOFTWARE PROTECTION FOR THE MASSES AGAINST SIDE-CHANNEL ATTACKS SIDE CHANNEL ATTACKS

Nicolas Belleville 1 Damien Courouss 1 Karine Heydemann 2 1 Univ Grenoble Alpes, CEA, List, F-38000 Grenoble, France Henri-Pierre Charles 1 firstname.lastname@cea.fr 2 Sorbonne Universit, CNRS, LIP6, F-75005, Paris, France

715 views • 53 slides
Provable Security against Side-Channel Attacks Matthieu Rivain matthieu.rivain@cryptoexperts.com

Provable Security against Side-Channel Attacks Matthieu Rivain matthieu.rivain@cryptoexperts.com

Provable Security against Side-Channel Attacks Matthieu Rivain matthieu.rivain@cryptoexperts.com MCrypt Seminar Aug. 11th 2014 Outline 1 Introduction 2 Modeling side-channel leakage 3 Achieving provable security against SCA

1.62k views • 92 slides
Open-Channel SSDs Matjas Bjrling LinuxCon North America 2015 1 Solid State Drives H i g h

Open-Channel SSDs Matjas Bjrling LinuxCon North America 2015 1 Solid State Drives H i g h

Open-Channel SSDs Matjas Bjrling LinuxCon North America 2015 1 Solid State Drives H i g h T h r o u g h p u t + L o w L a t e n c y P a r a l l e l i s m + C o n t r o l l e r Why Open-Channel

442 views • 16 slides
Channel Bindings draft-ietf-nfsv4-channel-bindings-00.txt Nicolas.Williams@sun.com NOTE: The

Channel Bindings draft-ietf-nfsv4-channel-bindings-00.txt Nicolas.Williams@sun.com NOTE: The

Channel Bindings draft-ietf-nfsv4-channel-bindings-00.txt Nicolas.Williams@sun.com NOTE: The slides have not been modified since the presentation made at the 58 th IETF SAAG meeting, but notes have been added. NOTE: One slide has been added

517 views • 20 slides
Users Executive Committee (UEC) Report Jiyeon Han (Pittsburgh) on behalf of UEC June. 18th / New

Users Executive Committee (UEC) Report Jiyeon Han (Pittsburgh) on behalf of UEC June. 18th / New

Users Executive Committee (UEC) Report Jiyeon Han (Pittsburgh) on behalf of UEC June. 18th / New Perspective What is the Users Executive Committee? The purpose of the UEC : Provide a forum for discussion of scientific and

439 views • 21 slides
Shaping research for the years to come the next EU Framework Programme for R&amp;I and other

Shaping research for the years to come the next EU Framework Programme for R&amp;I and other

Shaping research for the years to come the next EU Framework Programme for R&amp;I and other policies GSSI 17.6.20 LC outline/timeline evaluation of the previous FPs HE support from Framework&amp;Spe EIC towards the expert

1.15k views • 71 slides
some channel models Input X P(y|x) output Y transition probabilities memoryless: - output at

some channel models Input X P(y|x) output Y transition probabilities memoryless: - output at

some channel models Input X P(y|x) output Y transition probabilities memoryless: - output at time i depends only on input at time i - input and output alphabet finite Example: binary symmetric channel (BSC) 1-p Error Source 0 0 E p Y

528 views • 23 slides
Resistive Memories Marwen Zorgui, Mohammed E. Fouda, Zhiying Wang, Ahmed Eltawil, and Fadi Kurdahi

Resistive Memories Marwen Zorgui, Mohammed E. Fouda, Zhiying Wang, Ahmed Eltawil, and Fadi Kurdahi

Polar Coding for Selector-less Resistive Memories Marwen Zorgui, Mohammed E. Fouda, Zhiying Wang, Ahmed Eltawil, and Fadi Kurdahi University of California, Irvine Non-Volatile Memories Workshop, Mar 11, 2019 Agenda Varying Sneak Path in

441 views • 16 slides
NDN-RTC and Experimental Library Func:onality Peter Gusev NDNComm, March 2017 Flume Slack

NDN-RTC and Experimental Library Func:onality Peter Gusev NDNComm, March 2017 Flume Slack

NDN-RTC and Experimental Library Func:onality Peter Gusev NDNComm, March 2017 Flume Slack channels + Skype with DVR Conversa:onal group channels Publish audio/video within the text chat context Seamless DVR-like playback and

502 views • 19 slides
Formal Modeling in Cognitive Science 1 Noisy Channel Model Channel Capacity Lecture 29: Noisy

Formal Modeling in Cognitive Science 1 Noisy Channel Model Channel Capacity Lecture 29: Noisy

Noisy Channel Model Noisy Channel Model Kullback-Leibler Divergence Kullback-Leibler Divergence Cross-entropy Cross-entropy Formal Modeling in Cognitive Science 1 Noisy Channel Model Channel Capacity Lecture 29: Noisy Channel Model and

236 views • 5 slides

More recommend