eliminating cache based timing attacks with instruction
play

Eliminating cache-based timing attacks with instruction-based - PowerPoint PPT Presentation

Aug 31, 2022 •323 likes •936 views

Eliminating cache-based timing attacks with instruction-based scheduling Deian Stefan , Pablo Buiras, Edward Z. Yang, Amit Levy, David Terei, Alejandro Russo, and David Mazires Motivation: IFC Web platforms Platforms allow 3rd-party developers

  1. Eliminating cache-based timing attacks with instruction-based scheduling Deian Stefan , Pablo Buiras, Edward Z. Yang, Amit Levy, David Terei, Alejandro Russo, and David Mazières

  2. Motivation: IFC Web platforms Platforms allow 3rd-party developers to build apps that use our personal data ➤ Extend the websites beyond original intent!

  3. Motivation: IFC Web platforms Platforms allow 3rd-party developers to build apps that use our personal data ^and sometimes leak ➤ Extend the websites beyond original intent!

  4. Motivation: IFC Web platforms editor ... Challenge: can we ensure address photo apps don’t leak data? book Current approach: DAC Platform ➤ Restrict what data app can access Cannot guarantee what app does with data

  5. Motivation: IFC Web platforms editor ... Challenge: can we ensure address photo apps don’t leak data? book Current approach: DAC Platform ✗ ➤ Restrict what data app can access Cannot guarantee what app does with data

  6. Motivation: IFC Web platforms editor ... Challenge: can we ensure address photo apps don’t leak data? book Current approach: DAC Platform ➤ Restrict what data app can access Cannot guarantee what app does with data

  7. Motivation: IFC Web platforms editor ... Challenge: can we ensure address photo apps don’t leak data? book Current approach: DAC Platform ➤ Restrict what data app can access Cannot guarantee what app does with data

  8. Motivation: IFC Web platforms editor ... Challenge: can we ensure address photo apps don’t leak data? book Current approach: DAC Platform ➤ Restrict what data app can access ✦ All your contacts Cannot guarantee what app does with data

  9. Motivation: IFC Web platforms editor ... Challenge: can we ensure address photo apps don’t leak data? book Name: Joe Smith Nick: Small J Occupation: N/A Current approach: DAC Platform ➤ Restrict what data app can access ✦ All your contacts Cannot guarantee what app does with data

  10. Motivation: IFC Web platforms Name: Jullian Assange Nick: Big J Occupation: make U.S. gov unhappy editor ... Challenge: can we ensure address photo apps don’t leak data? book Name: Joe Smith Nick: Small J Occupation: N/A Current approach: DAC Platform ➤ Restrict what data app can access ✦ All your contacts Cannot guarantee what app does with data

  11. Motivation: IFC Web platforms Name: Jullian Assange Nick: Big J Occupation: make U.S. gov unhappy editor ... Challenge: can we ensure address photo apps don’t leak data? book Name: Joe Smith Nick: Small J Occupation: N/A Current approach: DAC Platform ➤ Restrict what data app can access ✦ All your contacts Cannot guarantee what app does with data

  13. Motivation: IFC Web platforms Solution: Information flow editor ... control Web platform: Hails address photo book Hails IFC enforcement: Hails platform ➤ Restrict what data app can access with clearance ➤ Restrict who app can communicate with depending on data it reads

  14. Motivation: IFC Web platforms Solution: Information flow editor ... control Web platform: Hails address photo book Hails IFC enforcement: Hails platform ➤ Restrict what data app can access with clearance IFC: Can app read sensitive ➤ Restrict who app can data from the database? communicate with depending on data it reads

  15. Motivation: IFC Web platforms Solution: Information flow editor ... control Web platform: Hails address photo book Name: Joe Smith Nick: Small J Occupation: N/A Hails IFC enforcement: Hails platform ➤ Restrict what data app can access with clearance IFC: Can app read sensitive ➤ Restrict who app can data from the database? communicate with depending on data it reads

  16. Motivation: IFC Web platforms Name: Jullian Assange Nick: Big J Occupation: make U.S. gov unhappy Solution: Information flow editor ... control Web platform: Hails address photo book Name: Joe Smith Nick: Small J Occupation: N/A Hails IFC enforcement: Hails platform ➤ Restrict what data app can access with clearance IFC: Can app read sensitive ➤ Restrict who app can data from the database? communicate with depending on data it reads

  17. Motivation: IFC Web platforms Name: Jullian Assange Nick: Big J Occupation: make U.S. gov unhappy Solution: Information flow editor ... control Web platform: Hails address photo book Name: Joe Smith Nick: Small J Occupation: N/A Hails IFC enforcement: Hails platform ➤ Restrict what data app IFC: Can app write can access with clearance sensitive data to nsa.gov? IFC: Can app read sensitive ➤ Restrict who app can data from the database? communicate with depending on data it reads

  18. Motivation: IFC Web platforms Name: Jullian Assange Nick: Big J ✗ Occupation: make U.S. gov unhappy Solution: Information flow editor ... control Web platform: Hails address photo book Name: Joe Smith Nick: Small J Occupation: N/A Hails IFC enforcement: Hails platform ➤ Restrict what data app IFC: Can app write can access with clearance sensitive data to nsa.gov? IFC: Can app read sensitive ➤ Restrict who app can data from the database? communicate with depending on data it reads

  19. Hails Web-platform framework wiki.gitstar.com • Hails is built atop the LIO learnbyhacking.org Hails framework www.gitstar.com ➤ Concurrent, dynamic, Hails framework ≀≀ ≀ LIO IFC system ≀ language-level IFC system Hails framework ≀≀ ≀ LIO IFC system ≀ GHC Haskell Runtime ≀≀ ≀ LIO IFC system ≀ • Hails apps are LIO programs GHC Haskell Runtime GHC Haskell Runtime ➤ Access database, filesystem, network, etc. according to IFC

  20. Challenge: covert channels • Malicious apps will try to leak data through any means, including covert channels ➤ E.g., termination, internal timing, and external timing channels • LIO addresses these channels at the language level Theorem: Termination-sensitive non-interference ➤ Confidentiality and integrity of data is preserved regardless of the timing/termination behavior of threads

  21. Challenge: covert channels • Malicious apps will try to leak data through any means, including covert channels ➤ E.g., termination, internal timing, and external timing channels ✗ • LIO addresses these channels at the language level Theorem: Termination-sensitive non-interference ➤ Confidentiality and integrity of data is preserved regardless of the timing/termination behavior of threads

  22. Reality check Cache Rules Everything Around Me • Not modeling hardware features ➠ theorem only holds for ideal execution machine • Can usually exploit system by leveraging features not captured by model ➤ E.g., finite memory, disk-head location, CPU- bus, translation look-aside buffer, L1-L3 caches Focus: hardware-level caches

  23. Cache-based attack Cache lowArray := fillArray( ) if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output output := A 1: 2: output := B

  24. Cache-based attack Cache lowArray := fillArray( ) Run 1 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: 2:

  25. Cache-based attack Cache lowArray := fillArray( ) Run 1 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: 2:

  26. Cache-based attack Cache lowArray := fillArray( ) Run 1 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: A output := A 2:

  27. Cache-based attack Cache lowArray := fillArray( ) Run 1 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: A output := A 2:

  28. Cache-based attack Cache lowArray := fillArray( ) Run 1 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: A output := A 2:

  29. Cache-based attack Cache lowArray := fillArray( ) Run 1 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: B A output := A 2: output := B

  30. Cache-based attack Cache lowArray := fillArray( ) Run 2 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: B A output := A 2:

  31. Cache-based attack Cache lowArray := fillArray( ) Run 2 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: B A output := A 2: B output := B

  32. Cache-based attack Cache lowArray := fillArray( ) Run 2 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: B A output := A 2: A B output := B output := A

  33. Cache-based attack Cache lowArray := fillArray( ) Run 2 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: B A output := A 2: A B output := B Directly encodes / . output := A

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr.

Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr.

Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr. Principal Software Engineer 2019/02/19 What are cache based attacks ? In cryptography In cryptographic operations, leaking the internal state of a

338 views • 8 slides
Cache-Timing Attacks Matteo BOCCHI System Research & Applications STMicroelectronics S.r.l.

Cache-Timing Attacks Matteo BOCCHI System Research & Applications STMicroelectronics S.r.l.

Cache-Timing Attacks Matteo BOCCHI System Research & Applications STMicroelectronics S.r.l. 2018/12/06 Agenda 2 STM32 Nucleo Boards STM32 Firewall Cache-Timing Attack Evict&Time vs. MbedTLS AES on STM32

477 views • 20 slides
CACHE-TIMING ATTACKS ON RSA KEY GENERATION Conference on Cryptographic Hardware and Embedded

CACHE-TIMING ATTACKS ON RSA KEY GENERATION Conference on Cryptographic Hardware and Embedded

CACHE-TIMING ATTACKS ON RSA KEY GENERATION Conference on Cryptographic Hardware and Embedded Systems (CHES) 2019 Alejandro Cabrera Aldaya 1 , Cesar Pereida Garca 2 , Luis Manuel Alvarez Tapia 1 , Billy Bob Brumley 2 , {aldaya,

371 views • 21 slides
Cache-timing attacks http://cr.yp.to/papers.html #cachetiming , 2005: D. J. Bernstein This

Cache-timing attacks http://cr.yp.to/papers.html #cachetiming , 2005: D. J. Bernstein This

Cache-timing attacks http://cr.yp.to/papers.html #cachetiming , 2005: D. J. Bernstein This paper reports successful Thanks to: extraction of a complete AES key University of Illinois at Chicago from a network server NSF CCR9983950 on

1.28k views • 91 slides
DAWG : A Defense Against Cache Timing Attacks in Speculative Execution Processors Vladimir

DAWG : A Defense Against Cache Timing Attacks in Speculative Execution Processors Vladimir

DAWG : A Defense Against Cache Timing Attacks in Speculative Execution Processors Vladimir Kiriansky, Ilia Lebedev, Saman Amarasinghe, Srinivas Devadas, Joel Emer {vlk, ilebedev, saman, devadas, emer}@csail.mit.edu MICRO'18

949 views • 78 slides
Discussion: Remote Timing Attacks are Practical 600.624 2/11/05 Outline Why are timing

Discussion: Remote Timing Attacks are Practical 600.624 2/11/05 Outline Why are timing

Discussion: Remote Timing Attacks are Practical 600.624 2/11/05 Outline Why are timing attacks important? Clarifications Zero-One Gap / Neighborhood Size etc. Problems Questions Extensions Contribution Discussion

645 views • 26 slides
System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud Taesoo Kim, Marcus

System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud Taesoo Kim, Marcus

System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud Taesoo Kim, Marcus Peinado, Gloria Mainar-Ruiz MIT CSAIL Microsoft Research Security is a big concern in cloud adoption Why are cache-based side channel

588 views • 38 slides
Mitigating Software Instrumentation Cache Effects in Measurement-Based Timing Analysis 1 Enrique

Mitigating Software Instrumentation Cache Effects in Measurement-Based Timing Analysis 1 Enrique

Mitigating Software Instrumentation Cache Effects in Measurement-Based Timing Analysis 1 Enrique Daz 1,2 , Jaume Abella 2 , Enrico Mezzetti 2 , 4 Irune Agirre 3 , Mikel Azkarate-Askasua 3 , 2 Tullio Vardanega 4 , Francisco J. Cazorla 2,5 5 3

545 views • 25 slides
The Clock is Still Ticking: Timing Attacks in the Modern Web Tom Van Goethem, Wouter Joosen,

The Clock is Still Ticking: Timing Attacks in the Modern Web Tom Van Goethem, Wouter Joosen,

The Clock is Still Ticking: Timing Attacks in the Modern Web Tom Van Goethem, Wouter Joosen, Nick Nikiforakis Background: Timing attacks Introduced by Felten et al. in 2000. A side-channel attack analyzing the time that it takes to a

642 views • 21 slides
A Time Predictable Instruction Cache for a Java Processor Martin Schoeberl Overview

A Time Predictable Instruction Cache for a Java Processor Martin Schoeberl Overview

A Time Predictable Instruction Cache for a Java Processor Martin Schoeberl Overview Motivation Cache Performance Java Properties Method Cache WCET Analysis Results Conclusion, Future Work JOP Method Cache 2

533 views • 25 slides
Cache Timing Side-Channel Vulnerability Checking with Computation Tree Logic Shuwen Deng , Wenjie

Cache Timing Side-Channel Vulnerability Checking with Computation Tree Logic Shuwen Deng , Wenjie

Cache Timing Side-Channel Vulnerability Checking with Computation Tree Logic Shuwen Deng , Wenjie Xiong and Jakub Szefer Yale University HASP June 2, 2018 Memory System Cache Memory CPU Typical set-associative cache sets ways cache

640 views • 25 slides
S CATTER C ACHE : Thwarting Cache Attacks via Cache Set Randomization Werner, Unterluggauer,

S CATTER C ACHE : Thwarting Cache Attacks via Cache Set Randomization Werner, Unterluggauer,

S CATTER C ACHE : Thwarting Cache Attacks via Cache Set Randomization Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard August 15, 2019 Graz University of Technology What is S CATTER C ACHE ? www.tugraz.at Alternative design for n-way

460 views • 27 slides
Design and Implementation of an Espionage Network for Cache- based Side Channel Attacks on AES

Design and Implementation of an Espionage Network for Cache- based Side Channel Attacks on AES

Design and Implementation of an Espionage Network for Cache- based Side Channel Attacks on AES Bholanath Roy Research Scholar Advanced Encryption Standard(AES) Design of an Espionage Network : Attack Architecture Espionage Infrastructure

435 views • 4 slides
Motivations Instruction cache (icache) misses can FICO drastically decrease code performance a

Motivations Instruction cache (icache) misses can FICO drastically decrease code performance a

Motivations Instruction cache (icache) misses can FICO drastically decrease code performance a Fast Instruction Cache Optimizer The problem is even more important for 1-level direct mapped caches Author: Marco Garatti On Lx ST210 the icache

477 views • 4 slides
Improving the Energy and Execution Efficiency of a Small Instruction Cache by Using an

Improving the Energy and Execution Efficiency of a Small Instruction Cache by Using an

Improving the Energy and Execution Efficiency of a Small Instruction Cache by Using an Instruction Register File Stephen Hines, Gary Tyson, David Whalley Computer Science Dept. Florida State University September 30, 2005 Introduction

424 views • 38 slides
Cache attacks: From side channels to fault attacks Clmentine Maurice CNRS, Rennes, France

Cache attacks: From side channels to fault attacks Clmentine Maurice CNRS, Rennes, France

Cache attacks: From side channels to fault attacks Clmentine Maurice CNRS, Rennes, France November 16, 2017 Cryptacus Workshop, Nijmegen, Netherlands the attacker only needs unprivileged execution on the victims machine

1.99k views • 164 slides
The Command Line Matthew Bender CMSC Command Line Workshop October 23 Matthew Bender (2015)

The Command Line Matthew Bender CMSC Command Line Workshop October 23 Matthew Bender (2015)

The Command Line Matthew Bender CMSC Command Line Workshop October 23 Matthew Bender (2015) The Command Line October 23 1 / 17 Text Editors Section 1 Text Editors Matthew Bender (2015) The Command Line October 23 2 / 17 Text Editors

328 views • 20 slides
Refactoring C++ with Clang Or how to make C++ more fun than Java Manuel Klimek - Google We care

Refactoring C++ with Clang Or how to make C++ more fun than Java Manuel Klimek - Google We care

Refactoring C++ with Clang Or how to make C++ more fun than Java Manuel Klimek - Google We care about... We care about... Performance We care about... Performance Productivity We care about... Performance Productivity

1.46k views • 65 slides
Cost-Effective Integration of MKM Semantic Services into Editing Environments CICM 2012

Cost-Effective Integration of MKM Semantic Services into Editing Environments CICM 2012

Cost-Effective Integration of MKM Semantic Services into Editing Environments CICM 2012 Constantin Jucovschi Jacobs University July 10, 2012 Motivation Service-Editor Integrations Call for Action Service + Editor integration Better

500 views • 27 slides
Writing simple programs Functions The input-compute-output pattern Writing functions

Writing simple programs Functions The input-compute-output pattern Writing functions

As you arrive: 1. Start up your computer and plug it in 2. Log into Angel and go to CSSE 120 3. Do the Attendance Widget the PIN is on the board 4. Go to the course Schedule Page From your bookmark , or from the Lessons tab in Angel 5.

758 views • 38 slides
Towards a Uniform User Interface for Editing Data Shapes Ben De Meester ,

Towards a Uniform User Interface for Editing Data Shapes Ben De Meester ,

Towards a Uniform User Interface for Editing Data Shapes Ben De Meester , ben.demeester@ugent.be, @Ben__DM Pieter Heyvaert, Anastasia Dimou, and Ruben Verborgh IDLab, Department of Electronics and Information Systems, Ghent University

392 views • 16 slides
Image Composite Editor (ICE) Created by the Microsoft Research Computational Photography Group

Image Composite Editor (ICE) Created by the Microsoft Research Computational Photography Group

Image Composite Editor (ICE) Created by the Microsoft Research Computational Photography Group Image Composite Editor (ICE) Given a set of overlapping photographs of a scene shot from a single camera location, the app creates a

1.81k views • 32 slides
Summary To learn how to set up a container-based platform, called Docker, for use in all class

Summary To learn how to set up a container-based platform, called Docker, for use in all class

1 Due: Today, 11:59 pm CMPSC 300 Bioinformatics Fall 2019 Lab 1: Installing Software and a Written Reflection Summary To learn how to set up a container-based platform, called Docker, for use in all class activities, labs and practicals. To

580 views • 8 slides
FOSDEM Sylvestre Ledru / February 2nd, 2013 Professional Services & Support for Scilab,

FOSDEM Sylvestre Ledru / February 2nd, 2013 Professional Services & Support for Scilab,

FOSDEM Sylvestre Ledru / February 2nd, 2013 Professional Services & Support for Scilab, Free Open Source Software for Numerical Computation Sylvestre Ledru Operation manager at Scilab Enterprises Responsible of GNU/Linux & Mac

669 views • 41 slides

More recommend