leaky processors and the rise of hardware based trusted
play

Leaky Processors and the RISE of Hardware-Based Trusted Computing Jo - PowerPoint PPT Presentation

Nov 30, 2022 •161 likes •952 views

Leaky Processors and the RISE of Hardware-Based Trusted Computing Jo Van Bulck imec-DistriNet, KU Leuven jo.vanbulck@cs.kuleuven.be jovanbulck 1st RISE Annual Conference, November 14, 2018 A primer on software security Secure program:

  1. Leaky Processors and the RISE of Hardware-Based Trusted Computing Jo Van Bulck ↸ imec-DistriNet, KU Leuven � jo.vanbulck@cs.kuleuven.be � jovanbulck 1st RISE Annual Conference, November 14, 2018

  2. A primer on software security Secure program: convert all input to expected output INPUT OUTPUT 1 / 21

  3. A primer on software security Buffer overflow vulnerabilities: trigger unexpected behavior INPUT OUTPUT 1 / 21

  4. A primer on software security Safe languages & formal verification: preserve expected behavior INPUT OUTPUT 1 / 21

  5. A primer on software security Side-channels: observe side-effects of the computation INPUT OUTPUT 1 / 21

  6. A primer on software security Constant-time code: eliminate secret-dependent side-effects INPUT OUTPUT 1 / 21

  7. A primer on software security Transient execution: HW optimizations do not respect SW abstractions (!) INPUT OUTPUT 1 / 21

  9. Evolution of “side-channel attack” occurrences in Google Scholar 4000 3000 2000 DO WE JUST SUCK AT... COMPUTERS? YUP. ESPECIALLY SHARED ONES. 1000 1990 1994 1998 2002 2006 2010 2014 2018 Based on github.com/Pold87/academic-keyword-occurrence and xkcd.com/1938/ 2 / 21

  10. Evolution of “side-channel attack” occurrences in Google Scholar 4000 3000 2000 DO WE JUST SUCK AT... COMPUTERS? YUP. ESPECIALLY SHARED ONES. 1000 1990 1994 1998 2002 2006 2010 2014 2018 Based on github.com/Pold87/academic-keyword-occurrence and xkcd.com/1938/ 2 / 21

  11. The bigger picture: The RISE of hardware-based trusted computing 25000 "trusted computing" evolution 15000 "side-channel attack" evolution 5000 1990 1994 1998 2002 2006 2010 2014 2018 Based on github.com/Pold87/academic-keyword-occurrence 3 / 21

  12. The bigger picture: The RISE of hardware-based trusted computing Intel SGX 25000 CHERI TrustLite Sancus "trusted computing" evolution TPM 15000 Flicker ARM TrustZone "side-channel attack" evolution 5000 1990 1994 1998 2002 2006 2010 2014 2018 Based on github.com/Pold87/academic-keyword-occurrence 3 / 21

  13. The bigger picture: The RISE of hardware-based trusted computing Intel SGX 25000 CHERI TrustLite Sancus "trusted computing" evolution TPM 15000 Flicker ARM TrustZone "side-channel attack" evolution 5000 1990 1994 1998 2002 2006 2010 2014 2018 Based on github.com/Pold87/academic-keyword-occurrence 3 / 21

  15. Enclaved execution attack surface: TCB reduction https://informationisbeautiful.net/visualizations/million-lines-of-code/ 4 / 21

  16. Enclaved execution attack surface: TCB reduction App App Enclave app OS kernel Hypervisor TPM CPU Mem HDD Intel SGX promise: hardware-level isolation and attestation 4 / 21

  17. Enclaved execution attack surface: Privileged side-channel attacks App App Enclave app OS kernel Hypervisor TPM CPU Mem HDD Untrusted OS → new class of powerful side-channels 4 / 21

  18. Enclaved execution attack surface: Privileged side-channel attacks App App Enclave app OS kernel Hypervisor TPM CPU Mem HDD Untrusted OS → new class of powerful side-channels Xu et al. “Controlled-channel attacks: Deterministic side-channels for untrusted operating systems”, IEEE S&P 2015 [XCP15] 4 / 21

  19. Enclaved execution attack surface: Privileged side-channel attacks App App Enclave app OS kernel 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 IRQ latency Hypervisor Instruction (interrupt number) TPM CPU Mem HDD Untrusted OS → new class of powerful side-channels Van Bulck et al. “Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary CPU Interrupt Logic”, CCS 2018 [VBPS18] 4 / 21

  20. Enclaved execution attack surface: Transient execution attacks App App Enclave app OS kernel Hypervisor TPM CPU Mem HDD Trusted CPU → exploit microarchitectural bugs/design flaws Van Bulck et al. “Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution”, USENIX 2018 [VBMW + 18] 4 / 21

  22. Out-of-order and speculative execution Key discrepancy: Programmers write sequential instructions 5 / 21

  23. Out-of-order and speculative execution Key discrepancy: Programmers write sequential instructions Modern CPUs are inherently parallel ⇒ Speculatively execute instructions ahead of time 5 / 21

  24. Out-of-order and speculative execution Key discrepancy: Programmers write sequential instructions Modern CPUs are inherently parallel Over fl ow ⇒ Speculatively execute instructions ahead of time Roll-back exception Best-effort: What if triangle fails? → Commit in-order, roll-back square . . . But side-channels may leave traces (!) 5 / 21

  26. Transient execution attacks: Welcome to the world of fun! CPU executes ahead of time in transient world Success → commit results to normal world � Fail → discard results, compute again in normal world � 6 / 21

  27. Transient execution attacks: Welcome to the world of fun! CPU executes ahead of time in transient world Success → commit results to normal world � Fail → discard results, compute again in normal world � Transient world (microarchitecture) may temp bypass architectural software intentions: Control flow prediction Delayed exception handling 6 / 21

  28. Transient execution attacks: Welcome to the world of fun! Key finding of 2018 ⇒ Transmit secrets from transient to normal world Transient world (microarchitecture) may temp bypass architectural software intentions: Control flow prediction Delayed exception handling 6 / 21

  29. Transient execution attacks: Welcome to the world of fun! Key finding of 2018 ⇒ Transmit secrets from transient to normal world Transient world (microarchitecture) may temp bypass architectural software intentions: Speculative buffer overflow/ROP CPU access control bypass 6 / 21

  31. Meltdown: Transiently encoding unauthorized memory Unauthorized access 7 / 21

  32. Meltdown: Transiently encoding unauthorized memory Unauthorized access Transient out-of-order window oracle array secret idx 7 / 21

  33. Meltdown: Transiently encoding unauthorized memory Unauthorized access Transient out-of-order window Exception (discard architectural state) 7 / 21

  34. Meltdown: Transiently encoding unauthorized memory Unauthorized access Transient out-of-order window Exception handler oracle array cache hit 7 / 21

  35. Mitigating Meltdown: Unmap kernel addresses from user space OS software fix for faulty hardware ( ↔ future CPUs) 8 / 21

  36. Mitigating Meltdown: Unmap kernel addresses from user space OS software fix for faulty hardware ( ↔ future CPUs) Unmap kernel from user virtual address space → Unauthorized physical addresses out-of-reach (˜cookie jar) user unmapped context switch user switch address space kernel context switch SMAP+SMEP kernel Gruss et al. “KASLR is dead: Long live KASLR”, ESSoS 2017 [GLS + 17] 8 / 21

  38. Rumors: Meltdown immunity for SGX enclaves? “[enclaves] remain protected and completely secure” — International Business Times, February 2018 “[enclave memory accesses] redirected to an abort page, which has no value” — Anjuna Security, Inc., March 2018 9 / 21

  39. Rumors: Meltdown immunity for SGX enclaves? https://wired.com and https://arstechnica.com 9 / 21

  40. Building Foreshadow 10 / 21

  41. Building Foreshadow L1 terminal fault challenges Foreshadow can read unmapped physical addresses from the cache (!) 10 / 21

  42. Challenge: Reading unmapped secrets with Foreshadow Untrusted world view Intra-enclave view Enclaved memory reads 0xFF Access enclaved + unprotected memory 11 / 21

  43. Challenge: Reading unmapped secrets with Foreshadow Untrusted world view Intra-enclave view Enclaved memory reads 0xFF Access enclaved + unprotected memory SGXpectre in-enclave code abuse 11 / 21

  44. Challenge: Reading unmapped secrets with Foreshadow Untrusted world view Intra-enclave view Enclaved memory reads 0xFF Access enclaved + unprotected memory Meltdown “bounces back” ( ∼ mirror) SGXpectre in-enclave code abuse 11 / 21

  45. Building Foreshadow: Evade SGX abort page semantics Note: SGX MMU sanitizes untrusted address translation SGX? Abort page semantics: An attempt to read from a non-existent or disallowed resource returns all ones for data (abort page). An attempt to write to a non-existent or disallowed physical resource is dropped. This behavior is unrelated to exception type abort (the others being Fault and Trap). https://software.intel.com/en-us/sgx-sdk-dev-reference-enclave-development-basics 12 / 21

  46. Building Foreshadow: Evade SGX abort page semantics Straw man: (Transient) accesses in non-enclave mode are dropped SGX? Abort page semantics: An attempt to read from a non-existent or disallowed resource returns all ones for data (abort page). An attempt to write to a non-existent or disallowed physical resource is dropped. This behavior is unrelated to exception type abort (the others being Fault and Trap). https://software.intel.com/en-us/sgx-sdk-dev-reference-enclave-development-basics 12 / 21

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Execution Secure Processors Eurocrypt May 1 st , 2017 Rafael Pass, Elaine Shi, Florian Tramr

Execution Secure Processors Eurocrypt May 1 st , 2017 Rafael Pass, Elaine Shi, Florian Tramr

Formal Abstractions for Attested Execution Secure Processors Eurocrypt May 1 st , 2017 Rafael Pass, Elaine Shi, Florian Tramr Trusted hardware: Different communities, different world views 2 Trusted hardware: Different communities,

929 views • 72 slides
Leaky Processors: Stealing Your Secrets with Foreshadow Jo Van Bulck imec-DistriNet, KU Leuven

Leaky Processors: Stealing Your Secrets with Foreshadow Jo Van Bulck imec-DistriNet, KU Leuven

Leaky Processors: Stealing Your Secrets with Foreshadow Jo Van Bulck imec-DistriNet, KU Leuven jo.vanbulck@cs.kuleuven.be jovanbulck OWASP BeNeLux-Days, November 30, 2018 A primer on software security Secure program: convert all input

1.27k views • 77 slides
Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides

Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides

Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklins 712 lecture, Fall 2006) Trusted Computing Hardware What can you do if you have trusted hardware?

315 views • 27 slides
Lecturer: Francesco Quaglia Hardware insights Pipelining and superscalar processors

Lecturer: Francesco Quaglia Hardware insights Pipelining and superscalar processors

Advanced Operating Systems MS degree in Computer Engineering University of Rome Tor Vergata Lecturer: Francesco Quaglia Hardware insights Pipelining and superscalar processors Speculative hardware Multi-processors and

1.72k views • 144 slides
Trusted Platform Modules and Hardware-based Security Andreas Nilsson Masters Student at Nada,

Trusted Platform Modules and Hardware-based Security Andreas Nilsson Masters Student at Nada,

Trusted Platform Modules and Hardware-based Security Andreas Nilsson Masters Student at Nada, KTH Pointsec Mobile Technologies TPM Introduction Microcontroller affixed to the motherboard. Cryptographic functions like key storage

834 views • 35 slides
TEE Boot Procedure with Crypto-accelerators in RISC-V Processors Authors: Ckristian Duran,

TEE Boot Procedure with Crypto-accelerators in RISC-V Processors Authors: Ckristian Duran,

TEE Boot Procedure with Crypto-accelerators in RISC-V Processors Authors: Ckristian Duran, Trong-Thuc Hoang, Akira Tsukamoto, Kuniyasu Suzaki, and Cong-Kha Pham Outline Motivation Hardware Structure for Trusted Execution Environments

470 views • 33 slides
Contents Contents Mobile Phones Generations Hardware Requirements for Hardware Requirements

Contents Contents Mobile Phones Generations Hardware Requirements for Hardware Requirements

Contents Contents Mobile Phones Generations Hardware Requirements for Hardware Requirements for Common Hardware Backbone Hardware Requirements for Actual Cellular Cellular Processors Cellular Processors Processors The Ideal

745 views • 4 slides
Lecturer: Francesco Quaglia Hardware insights Pipelining and superscalar processors

Lecturer: Francesco Quaglia Hardware insights Pipelining and superscalar processors

Advanced Operating Systems (and System Security) MS degree in Computer Engineering University of Rome Tor Vergata Lecturer: Francesco Quaglia Hardware insights Pipelining and superscalar processors Speculative hardware

1.82k views • 155 slides
Secure Hardware HOW CAN WE PROTECT OUR HARDWARE ??? HOW CAN OUR HARDWARE PROTECT ITSELF ??? 1

Secure Hardware HOW CAN WE PROTECT OUR HARDWARE ??? HOW CAN OUR HARDWARE PROTECT ITSELF ??? 1

Secure Hardware HOW CAN WE PROTECT OUR HARDWARE ??? HOW CAN OUR HARDWARE PROTECT ITSELF ??? 1 OReilly 2 Trusted or Trustworthy? An object is trusted if and only if it operates as expected An object is trustworthy if and only if it is

707 views • 45 slides
Motivation for Multithreaded Architectures Processors not executing code at their hardware

Motivation for Multithreaded Architectures Processors not executing code at their hardware

Motivation for Multithreaded Architectures Processors not executing code at their hardware potential late 70s: performance lost to memory latency 90s: performance not in line with the increasingly complex parallel hardware as

591 views • 32 slides
SGX BigMatrix A Practical Encrypted Data Analytic Framework with Trusted Processors Fahad Shaon

SGX BigMatrix A Practical Encrypted Data Analytic Framework with Trusted Processors Fahad Shaon

UT DALLAS Erik%Jonsson%School%of%Engineering%&%Computer%Science SGX BigMatrix A Practical Encrypted Data Analytic Framework with Trusted Processors Fahad Shaon Murat Kantarcioglu Zhiqiang Lin Latifur Khan The University of Texas at

865 views • 55 slides
& Trusted Computing Erik Poll Digital Security Radboud University Nijmegen Classic

& Trusted Computing Erik Poll Digital Security Radboud University Nijmegen Classic

Hardware Security Trusted Execution Environments (TEEs) & Trusted Computing Erik Poll Digital Security Radboud University Nijmegen Classic hardware-backed security solutions smartcard for users HSM (Hardware Security Module) in

774 views • 63 slides
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian Tramr (joint work with Dan Boneh) Intel, Santa Clara August 30 th 2018 Trusted execution of ML: 3 motivating scenarios 1. Outsourced ML Data

781 views • 21 slides
TRUSTED MEMORY Software-Based O-Chip Memory Protection for RISC-V Trusted Execution

TRUSTED MEMORY Software-Based O-Chip Memory Protection for RISC-V Trusted Execution

TRUSTED MEMORY Software-Based O-Chip Memory Protection for RISC-V Trusted Execution Environments Gui Andrade Krste Asanovi Dayeol Lee David Kohlbrenner Dawn Song University of California, Berkeley TRUSTED MEMORY? Securing data/code

703 views • 48 slides
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware F LORIAN T

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware F LORIAN T

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware F LORIAN T RAMR & D AN B ONEH ICLR, New Orleans May 7 th 2019 2 Securely outsourcing ML inference with hardware isolation - Intel SGX input X -

554 views • 10 slides
Parallel Streaming Computation on Error-Prone Processors Yavuz Yetim, Margaret Martonosi, Sharad

Parallel Streaming Computation on Error-Prone Processors Yavuz Yetim, Margaret Martonosi, Sharad

Parallel Streaming Computation on Error-Prone Processors Yavuz Yetim, Margaret Martonosi, Sharad Malik Hardware Errors on the Rise Soft Errors Due to Cosmic Rays Random Process Variation [Sierawski et al., 2011] [Khun et al., 2011] 25

500 views • 36 slides
Financial Results 6 August 2020 1H 2020 RESULTS ANNOUCEMENT | AUGUST 2020 1 Important Notice

Financial Results 6 August 2020 1H 2020 RESULTS ANNOUCEMENT | AUGUST 2020 1 Important Notice

1H 2020 Financial Results 6 August 2020 1H 2020 RESULTS ANNOUCEMENT | AUGUST 2020 1 Important Notice This document may contain forward-looking statements that involve assumptions, An investment in Units is subject to investment risks,

379 views • 18 slides
Q3 Investm ent Update October 25, 20 17 Russ Allen, CIO Disclosures Important Disclosures:

Q3 Investm ent Update October 25, 20 17 Russ Allen, CIO Disclosures Important Disclosures:

Q3 Investm ent Update October 25, 20 17 Russ Allen, CIO Disclosures Important Disclosures: This information is for discussion purposes only and is being furnished on October 25, 2017. This information is not to be re-transmitted in whole or

557 views • 44 slides
SMITHS GROUP PLC Annual Results 20 September 2019 2 SMITHS GROUP PLC Annual Results 2019

SMITHS GROUP PLC Annual Results 20 September 2019 2 SMITHS GROUP PLC Annual Results 2019

www.smiths.com SMITHS GROUP PLC Annual Results 20 September 2019 2 SMITHS GROUP PLC Annual Results 2019 DISCLAIMER This presentation contains certain statements that are forward-looking statements. They appear in a number of places

930 views • 44 slides
10701 Semi supervised learning Can Unlabeled Data improve supervised learning? Important

10701 Semi supervised learning Can Unlabeled Data improve supervised learning? Important

10701 Semi supervised learning Can Unlabeled Data improve supervised learning? Important question! In many cases, unlabeled data is plentiful, labeled data expensive Image classification (x=images from the web, y=image type) Text

886 views • 37 slides
Transient Execution Attacks: Lessons from Spectre, Meltdown, and Foreshadow Jo Van Bulck

Transient Execution Attacks: Lessons from Spectre, Meltdown, and Foreshadow Jo Van Bulck

Transient Execution Attacks: Lessons from Spectre, Meltdown, and Foreshadow Jo Van Bulck imec-DistriNet, KU Leuven jo.vanbulck@cs.kuleuven.be jovanbulck ISSE Brussels, November 6, 2018 A primer on software security Secure

897 views • 58 slides
The ideal versus the real: a brief history of secure isolatoo io virtual machioes aod cootaioers

The ideal versus the real: a brief history of secure isolatoo io virtual machioes aod cootaioers

The ideal versus the real: a brief history of secure isolatoo io virtual machioes aod cootaioers Allisoo Raodal University of Cambridge Except where otherwise ooted, liceosed uoder Creatve Commoos Atributoo ShareAlike 4.0 Ioteroatooal. Between

714 views • 35 slides
Foreshadow: speculative attacks on SGX and beyond Mark Silberstein Joint work with Jo Van Bulck,

Foreshadow: speculative attacks on SGX and beyond Mark Silberstein Joint work with Jo Van Bulck,

Foreshadow: speculative attacks on SGX and beyond Mark Silberstein Joint work with Jo Van Bulck, Marina Minkin , Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Thomas F. Wenisch, Yuval Yarom, and Raoul Strackx March 2019 Mark

1.07k views • 70 slides
Recent Surprises in the Simulation of Quantum Phase T ransitions Lei W ang, ETH Zrich

Recent Surprises in the Simulation of Quantum Phase T ransitions Lei W ang, ETH Zrich

Recent Surprises in the Simulation of Quantum Phase T ransitions Lei W ang, ETH Zrich Cologne 2015.04 Quantum Phase T ransitions H ( ) = H 0 + H 1 Quantum Temperature Where is the QCP ? Critical What are the phases ?

986 views • 44 slides

More recommend