hardening application
play

Hardening Application Security using Intel SGX Max Plauth, Frederik - PowerPoint PPT Presentation

Oct 18, 2023 •106 likes •423 views

Hardening Application Security using Intel SGX Max Plauth, Frederik T eschke, Daniel Richter, and Andreas Polze Operating Systems & Middleware Group Hasso Plattner Institute at University of Potsdam, Germany Motivation data security:

  1. Hardening Application Security using Intel SGX Max Plauth, Frederik T eschke, Daniel Richter, and Andreas Polze Operating Systems & Middleware Group Hasso Plattner Institute at University of Potsdam, Germany

  2. Motivation ▪ data security: encryption ▪ securely transporting data ▪ secure data processing 2 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  3. Motivation ▪ trusted computing approaches ▪ Trusted Platform Modules ▪ ARM’s TrustZone ▪ Intel’s Software Guard Extensions (SGX) 3 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  4. Motivation Intel SGX ▪ not widely utilized ▪ high complexity ▪ needs profound knowledge in fields of cryptography, operating systems, and hardware design ▪ our goal: practical perspective, approaching the challenges of trusted computing from a software engineer’s point of view ▪ helper library overcoming hurdles of integrating SGX API with code base ▪ case study: porting existing applications to run inside SGX enclaves 4 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  5. Background 5 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  6. Background Software Guard Extensions ▪ implemented entirely CPU hardware ▪ exposed by instruction set extensions ▪ Enclave ▪ encrypted, process-like memory regions ▪ code, stack + heap memory ▪ decrypt memory when loading into CPU cache ▪ protected from being accessed by privileged code ▪ even from code in System Management Mode (SMM) and Direct Memory Access (DMA)

  7. Background Intel SGX Enclaves 7 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  8. Background Intel SGX Enclaves 8 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  9. Background Intel SGX Enclaves ▪ untrusted operating system ▪ scheduling & memory allocation ▪ setting up an enclave ▪ Enclave attestation ▪ each SGX-capable CPU has embedded cryptographic private key ▪ use this key + special group signature schema to attest state of Enclave ▪ remote attestation with “architectural enclaves” 9 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  10. Background Intel SGX Enclaves ▪ code in Enclaves may not execute certain calls ▪ calls that may case a VMEXIT, input/output instructions, calls requiring change of privilege levels ▪ multiple threads ▪ number must be statically defined ▪ maximum enclave size (memory) must be defined before initialization of Enclave 11 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  11. Enclave Development 12 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  12. Enclave Development Software Development Kit ▪ SDK provided by Intel ▪ Windows + Linux ▪ language support: C and C++ ▪ interface definition: Enclave Definition Language (EDL) ▪ trusted library: helper functions ▪ subset of standard C library (e.g. without file input/output) ▪ random number generation, cryptographic primitives, key exchange and data sealing ▪ debug mode: all protection mechanisms disabled ▪ simulation mode: if SGX hardware is absent ▪ complete authoring chain

  13. Enclave Development Enclave Definition Language ▪ trusted section ( E-call , enclave calls) ▪ proxies are generated for the untrusted wrapper ▪ untrusted section ( O-call , outside of enclave calls) ▪ proxies are generated for the enclave ▪ parameter marshalling ▪ direction of data flow ▪ pass-by-value (recommended) & pass-by-reference ▪ annotations (size, sizefunc, count) for pointer arguments 14 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  14. Enclave Development Enclave Definition Language 15 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  15. SGX Helper Library 16 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  16. SGX Helper Library ▪ enable easier and faster prototyping ▪ contains scripts and wrapper functions to make working with the SDK easier: ▪ Generation of O-call Proxies ▪ Error Code Handling ▪ Easy-to-Use Encryption ▪ Transparent Encryption of Input/Output ▪ available for public use: https://github.com/ftes/sgx-lib

  17. SGX Helper Library Generation of O-Call Proxies ▪ O-call proxies – shim inside Enclave to proxy calls to outside world ▪ provide trusted functions with original signature ▪ e.g. for directly linking against the C library implementation ▪ different signatures in EDL for calls with return values ▪ automate process of defining these proxies 18 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  18. SGX Helper Library Generation of O-Call Proxies ▪ SDK proxies deal with parameter handling ▪ untrusted library proxy delegates to the C library 19 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  19. SGX Helper Library Error Code Handling ▪ utility function to check return values ▪ looking up error codes scraped from Intel SDK’s sgx_error.h 20 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  20. SGX Helper Library Easy-to-Use Encryption ▪ some of SDK’s cryptography functions are cumbersome to use ▪ size of encrypted/sealed data not trivial to determine ▪ extensive wrapper for encryption 21 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  21. SGX Helper Library Transparent I/O Encryption ▪ transparent de- & encryption of input/output data – protects data operated on by legacy code without requiring any code modifications ▪ intercepting calls to C library for file input/output ▪ choose desired security level (at compile time) ▪ no security : plain file input/output ▪ encryption with custom key : use of symmetric encryption key ▪ data sealing (default): seals all input/output to the Enclaves identity 22 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  22. Case Study: KISSDB 23 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  23. Case Study: KISSDB ▪ hardening security of existing database management system using SGX ▪ interesting target for trusted computing ▪ stored data may be sensitive, requiring protection from the infrastructure, provider or other tenants ▪ avoid excessively complex code: KISSDB ▪ simple key/value store ▪ implemented in plain C using only file I/O functions ▪ https://github.com/adamierymenko/kissdb ▪ goal: protect data KISSDB operates on

  24. Case Study: KISSDB Design Decisions ▪ Enclave Design ▪ only move application code into enclave ▪ shim C library to utilize external host C library ▪ Scope of Enclaves ▪ no concurrency in KISSDB – one enclave per database ▪ Decomposition ▪ a single enclave used for all trusted functionality ▪ KISSB not sub-divided into trusted & non-trusted function and does not support data processing ▪ Unencrypted Metadata ▪ metadata (header, hash tables) is not protected 25 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  25. Case Study: KISSDB Design Decisions ▪ Iterators ▪ allows to iterating through all values, several iterators per database in parallel ▪ iterator data (page number and offset) stored outside of the Enclave ▪ Encryption vs. Sealing ▪ sealing: encryption with key derived from Enclaves identity ▪ (user) encryption: empower user to specify key 26 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  26. Case Study: KISSDB Design Decisions ▪ hardened KISSSB architecture: 27 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  27. Case Study: KISSDB Unresolved Issues ▪ attestation & key-provisioning ▪ attest enclave’s identity and perform key exchange in a production setting ▪ file integrity & freshness ▪ use of cryptographic mechanisms to ensure file integrity (e.g. monotonic counters provided by SDK) ▪ cryptographic hash function ▪ KISSDB does not use cryptographic hash function ▪ file layout ▪ deterministic file layout (known plain text attacks) 29 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  28. Related Work 30 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  29. Enclave Design Alternatives ▪ library operating system inside enclave ▪ minimal enclave size with external C library ▪ untrusted system calls with internal C library

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Performant Security Hardening Steve Rutherford (srutherford@google.com) Googles

Performant Security Hardening Steve Rutherford (srutherford@google.com) Googles

Performant Security Hardening Steve Rutherford (srutherford@google.com) Googles Virtualization Security Team 1 Preface This talk is x86 and KVM centric 2 Outline Background Current Hardening Split Irqchip, PIT Prototype Hardening

884 views • 41 slides
Hurricane Hardening Hurricane Hardening Research Research Presentation to the Louisiana Public

Hurricane Hardening Hurricane Hardening Research Research Presentation to the Louisiana Public

Hurricane Hardening Hurricane Hardening Research Research Presentation to the Louisiana Public Service Commission May 4, 2007 Mark A. Jamison, PURC Director Leadership in Infrastructure Policy Leadership in Infrastructure Policy

487 views • 45 slides
Single Event Upset Hardening Single Event Upset Hardening by 'hijacking' the multi-VT by

Single Event Upset Hardening Single Event Upset Hardening by 'hijacking' the multi-VT by

Single Event Upset Hardening Single Event Upset Hardening by 'hijacking' the multi-VT by 'hijacking' the multi-VT flow during synthesis flow during synthesis Roland Weigand February 04, 2013 Design Automation Conference User Track European

394 views • 17 slides
Hardening Windows Applications Hardening Windows Applications olleB olle@toolcrypt.org The

Hardening Windows Applications Hardening Windows Applications olleB olle@toolcrypt.org The

www.toolcrypt.org Standing on the shoulders of the Blue Monster: Hardening Windows Applications Hardening Windows Applications olleB olle@toolcrypt.org The Toolcrypt Group www.toolcrypt.org www.toolcrypt.org Agenda Agenda Introduction

532 views • 32 slides
Anil Kurmus kur@zurich.ibm.com IBM Research - Zurich Outline 1. Background Hardening Kernel

Anil Kurmus kur@zurich.ibm.com IBM Research - Zurich Outline 1. Background Hardening Kernel

September 2016 BalCCon 2k16 Kernel Exploitation and Hardening Why we could have nice things! (using Split Kernel) Anil Kurmus kur@zurich.ibm.com IBM Research - Zurich Outline 1. Background Hardening Kernel Vulnerabilities Kernel

1.07k views • 39 slides
Agenda Linux security 1. System hardening 2. Technical audits 3. Automation 2 Michael Boelen

Agenda Linux security 1. System hardening 2. Technical audits 3. Automation 2 Michael Boelen

Agenda Linux security 1. System hardening 2. Technical audits 3. Automation 2 Michael Boelen 3 Linux security Areas Core Resources Services Environment System Hardening Boot Process Accounting Database Forensics Containers

821 views • 34 slides
Hardening WordPress (or, How Not To Get Hacked And What To Do When You Are) Gregory Ray dot

Hardening WordPress (or, How Not To Get Hacked And What To Do When You Are) Gregory Ray dot

Hardening WordPress (or, How Not To Get Hacked And What To Do When You Are) Gregory Ray dot gray inc. @dotgray Sunday, March 15, 15 Resources Codex.WordPress.org / Hardening_WordPress Blog.Sucuri.net / WordPress Security WPSecure.net /

608 views • 32 slides
Hardening the Firefox browser Preventing unwanted background traffic to Google, Pocket and hidden

Hardening the Firefox browser Preventing unwanted background traffic to Google, Pocket and hidden

Hardening the Firefox browser Preventing unwanted background traffic to Google, Pocket and hidden telemetry to Mozilla Per Foyer per@foyer.se 10 10 Cryptoparty 201911-R1 Hardening Firefox: Method To harden Firefox we need to: 1. Adjust

470 views • 14 slides
Vacuum: 12GeV Hardening Anthony DiPette Installation / Vacuum Group Leader 7/16/2015 Vacuum:

Vacuum: 12GeV Hardening Anthony DiPette Installation / Vacuum Group Leader 7/16/2015 Vacuum:

Vacuum: 12GeV Hardening Anthony DiPette Installation / Vacuum Group Leader 7/16/2015 Vacuum: 12GeV Hardening Vacuum Improvements & Status Synchrotron Radiation Effects Vacuum Spares Page 2 Vac Improvements - Linac Viewer

309 views • 13 slides
Hardening PHP - Some basic security measures. Antonio Bonifati

Hardening PHP - Some basic security measures. Antonio Bonifati

Hardening PHP - Some basic security measures. Antonio Bonifati <http://ninuzzo.freehostia.com> ABSTRACT A summary of the most important PHP settings aimed at improving security of PHP web servers. Whenever you have to harden a PHP

615 views • 5 slides
Practical Password Hardening based on TLS Constantinos Diomedous and Elias Athanasopoulos

Practical Password Hardening based on TLS Constantinos Diomedous and Elias Athanasopoulos

Practical Password Hardening based on TLS Constantinos Diomedous and Elias Athanasopoulos University of Cyprus 1 How authentication works today? 2 How web services protect passwords? Cryptographically secure hash functions One way

538 views • 22 slides
A brief presentation of ASELT In Process Control . The HBU induction heating for hardening needs

A brief presentation of ASELT In Process Control . The HBU induction heating for hardening needs

ASELT srl Montebello Vicentino (VI) A brief presentation of ASELT In Process Control . The HBU induction heating for hardening needs to be monitored very strictly in order to reach a product in conformance. The ASELT IPC is a new generation

450 views • 9 slides
A totally new approach to measuring the degree of hardening of UV cured resins AcroEdge Co., Ltd

A totally new approach to measuring the degree of hardening of UV cured resins AcroEdge Co., Ltd

A totally new approach to measuring the degree of hardening of UV cured resins AcroEdge Co., Ltd C.E.O. Kenichi Nakamune Non-contact Non-destructive Even when samples are inserted in glass or film, such as film bonding with UV curing resin,

188 views • 7 slides
Security AutoSecure Router HardeningAutomagically The process of turning off unnecessary

Security AutoSecure Router HardeningAutomagically The process of turning off unnecessary

Security AutoSecure Router HardeningAutomagically The process of turning off unnecessary services is called hardening a router to prevent attacks or exploits. The basic steps of router hardening are: 1) Administratively shut down

102 views • 8 slides
Hardening your systems against litigation Alexander Muentz, Esq LISA '07 Overview Why

Hardening your systems against litigation Alexander Muentz, Esq LISA '07 Overview Why

Hardening your systems against litigation Alexander Muentz, Esq LISA '07 Overview Why litigation should be considered an IT risk Overview of litigation How you can help or hurt Some examples What works and doesn't work Your logo here 2

706 views • 22 slides
Securing your in-ear fitness coach: Challenges in hardening next generation wearables Kavya

Securing your in-ear fitness coach: Challenges in hardening next generation wearables Kavya

Securing your in-ear fitness coach: Challenges in hardening next generation wearables Kavya Racharla Sumanth Naropanth Who are we? Kavya Racharla Security Research Manager Sports Group, Intel Oracle & Qualcomm

826 views • 48 slides
Position Paper: Challenges Towards Securing Hardware-assisted Execution Environments Zhenyu Ning 1

Position Paper: Challenges Towards Securing Hardware-assisted Execution Environments Zhenyu Ning 1

Position Paper: Challenges Towards Securing Hardware-assisted Execution Environments Zhenyu Ning 1 Fengwei Zhang 1 Weisong Shi 1 Larry Shi 2 1 Wayne State University 2 University of Houston November 21, 2019 1 Overview of The Talk Motivation

575 views • 24 slides
Canadian Society of Internal Medicine Annual Meeting 2018 Banff, AB MEDICAL ASSISTANCE IN DYING

Canadian Society of Internal Medicine Annual Meeting 2018 Banff, AB MEDICAL ASSISTANCE IN DYING

Canadian Society of Internal Medicine Annual Meeting 2018 Banff, AB MEDICAL ASSISTANCE IN DYING (MAID) Dr. Kim Wiebe WRHA & CAMAP CSIM Annual Meeting 2018 The following presentation represents the views of the speaker at the time of the

397 views • 28 slides
E Actors: an actor-based programming framework for Intel SGX Dr.-Eng. V. A. Sartakov 01.02.2x20

E Actors: an actor-based programming framework for Intel SGX Dr.-Eng. V. A. Sartakov 01.02.2x20

E Actors: an actor-based programming framework for Intel SGX Dr.-Eng. V. A. Sartakov 01.02.2x20 Imperial College London Plan Why do we need another framework? The framework Fundamentals Messaging System Components Benchmark Examples

527 views • 38 slides
EndBox: Scalable M iddlebox Functions Using Client-Side Trusted Execution Image CC-BY-SA

EndBox: Scalable M iddlebox Functions Using Client-Side Trusted Execution Image CC-BY-SA

Institute of Operating Systems and Computer Networks EndBox: Scalable M iddlebox Functions Using Client-Side Trusted Execution Image CC-BY-SA Victorgrigas David Goltzsche, 1 Signe Rsch, 1 Manuel Nieke, 1 Sbastien Vaucher, 2 Nico Weichbrodt, 1

630 views • 46 slides
Disclaimer Jim is employed by Diversey. His expenses to attend this meeting (travel,

Disclaimer Jim is employed by Diversey. His expenses to attend this meeting (travel,

2019-11-19 Bending The Rules Without Breaking the Principles Jim Gauthier, MLT, CIC Senior Clinical Advisor, Infection Prevention Disclaimer Jim is employed by Diversey. His expenses to attend this meeting (travel, accommodation, and

667 views • 31 slides
Ausgew ahlte Kapitel der Systemsoftware Skalierbare und energiebewusste Datenzentren Tobias

Ausgew ahlte Kapitel der Systemsoftware Skalierbare und energiebewusste Datenzentren Tobias

Ausgew ahlte Kapitel der Systemsoftware Skalierbare und energiebewusste Datenzentren Tobias Distler, Benedict Herzog, Michael Eischer Lehrstuhl f ur Informatik 4 Verteilte Systeme und Betriebssysteme Friedrich-Alexander-Universit at

155 views • 13 slides
29/07/2012 School of Biotechnology and Food Technology - Hanoi University of Science and

29/07/2012 School of Biotechnology and Food Technology - Hanoi University of Science and

29/07/2012 School of Biotechnology and Food Technology - Hanoi University of Science and Technology HANOI UNIVERSITY OF SCIENCE AND TECHNOLOGY School of Biotechnology and Food Technology - Hanoi University of Science and Technology

56 views • 5 slides
IB 1A5 (=E1R86), 1L1 (=E1R05) , IIB E2R40 , 2011 L6 URL

IB 1A5 (=E1R86), 1L1 (=E1R05) , IIB E2R40 , 2011 L6 URL

IB 1A5 (=E1R86), 1L1 (=E1R05) , IIB E2R40 , 2011 L6 URL : http://clsl.hi.h.kyoto-u.ac.jp/~kkuroda/lectures/11B-KU/KU-2011B-L06-slides.pdf ( ) substituting for

682 views • 44 slides

More recommend