the program counter security model automatic detection
play

The Program Counter Security Model: Automatic Detection and Removal - PowerPoint PPT Presentation

Jan 04, 2023 •304 likes •423 views

The Program Counter Security Model: Automatic Detection and Removal of Control-Flow Side Channel Attacks David Molnar , Matt Piotrowski, David Schultz, and David Wagner UC-Berkeley and MIT Regular Cryptographic Attacks Key k Idealized

  1. The Program Counter Security Model: Automatic Detection and Removal of Control-Flow Side Channel Attacks David Molnar , Matt Piotrowski, David Schultz, and David Wagner UC-Berkeley and MIT

  2. Regular Cryptographic Attacks Key k Idealized “box” computing cryptographic function f Input x f Output f(k,x)

  3. Side Channel Attacks Key k Real-world program P implementing function f Input x P Output f(k,x)

  4. Side Channel Attacks Key k Real-world program P implementing function f Input x P Output f(k,x) Side Information S

  5. Side Channel Attacks Key k Real-world program P implementing function f Input x P Output f(k,x) Side Information S Control-Flow Side Channel : S depends on control flow of P

  6. What We Do • Define “control-flow side information” • Detect potential control-flow attacks • Transform C code to remove attacks • Check compiled C code free of attacks

  7. Define Program Counter Model • Adversary sees transcript of all values of program counter (PC) in run of P (k,x) • States “contract” with hardware – Only PC transcript leaked on run of program – Could be none of today’s HW meets contract • Define security with simulation argument – Program is PC-secure if exists simulator that can “fake” PC transcripts without secret key k – Informally, adversary “learns nothing”

  8. Detect potential attacks • Use gcov to see code coverage for P (k,x) • Run P with many different keys k , same x • Different code coverage  potential attack • Example: PGP implementation of IDEA p = a * b; Over fixed x , 10,000 different keys k if (p) { b = low16(p); a = p >> 16; mean std mean max return (b – a) + (b < a); 27 0.03 26 27 } else if (a) { return 1 – a; 7 0.02 7 8 } else { return 1 – b; 0 0.02 0 1 } }

  9. Transform • C-to-C source transform If (n % 2) { m = -(n % 2); r = r * b; r = (m & (r * b)) | (~m & r); n = n – 1; n = (m & (n-1)) | (~m & n); } else { m = ~m; b = b * b; b = (m & (b * b)) | (~m & b); n = n/2; n = (m & (n/2)) | (~m & n); } • Transformed code provably PC-secure – For subset of C including most crypto code • ~5x slowdown, ~2x stack space

  10. Check • Will C compiler preserve PC-security? • We built static checker for x86 assembly • Check information flow between key, PC • Caught unsafe compilation of “!” by gcc – Even with –O0 flag • Found Intel compiler output PC-secure assembly even with optimizations

  11. Recap: 1) Formal security model for control-flow side channels 2) Automatic detection of potential control-flow attacks 3) C-to-C transform to remove attacks 4) Static x86 assembly checker verifies compiled code 5) Result: remove large class of side channel attacks (not all) Questions? dmolnar@eecs.berkeley.edu www.cs.berkeley.edu/~dmolnar/pcmodel-wip.ppt

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

TOTAL AIRSPACE SECURITY DroneTracker is the complete drone detection and counter-drone platform

TOTAL AIRSPACE SECURITY DroneTracker is the complete drone detection and counter-drone platform

TOTAL AIRSPACE SECURITY DroneTracker is the complete drone detection and counter-drone platform for all applications. www.dedrone.com www.dedrone.com 1 Be Prepared for Aerial Threats Incidents +++ Man Jailed for Using Drone to Fly

337 views • 12 slides
Online advertisement blocker detection: A look at the state of the art for counter-detection and

Online advertisement blocker detection: A look at the state of the art for counter-detection and

Context State of the art Motivation and objectives Proposal Implementation Results and conclusions Demonstration Online advertisement blocker detection: A look at the state of the art for counter-detection and a proof-of-concept for new

472 views • 26 slides
Automatic Disfluency Automatic Disfluency Detection in Multi-party Detection in Multi-party

Automatic Disfluency Automatic Disfluency Detection in Multi-party Detection in Multi-party

German Research Center for Artificial Intelligence GmbH Automatic Disfluency Automatic Disfluency Detection in Multi-party Detection in Multi-party www.amiproject.org Conversations Conversations Feast, 30th September 2009 , 30th September

322 views • 28 slides
Automatic Defect Detection Andrzej Wasylkowski Overview Automatic Defect Detection

Automatic Defect Detection Andrzej Wasylkowski Overview Automatic Defect Detection

Automatic Defect Detection Andrzej Wasylkowski Overview Automatic Defect Detection Horizontal Techniques Specification-checking Techniques Mining-based Techniques Mining Repositories Mining Traces Mining Source Code Mining

683 views • 44 slides
Intrusion Detection Systems CS 236 On-Line MS Program Networks and Systems Security Peter

Intrusion Detection Systems CS 236 On-Line MS Program Networks and Systems Security Peter

Intrusion Detection Systems CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 11 Page 1 CS 236 Online Outline Introduction Characteristics of intrusion detection systems Some sample intrusion detection

143 views • 12 slides
EE 109 Unit 15 Subroutines Program Counter and GPRs (especially $sp, $ra, and $fp) REVIEW OF

EE 109 Unit 15 Subroutines Program Counter and GPRs (especially $sp, $ra, and $fp) REVIEW OF

1 2 EE 109 Unit 15 Subroutines Program Counter and GPRs (especially $sp, $ra, and $fp) REVIEW OF RELEVANT CONCEPTS Stacks 3 4 Review of Program Counter GPR's Used for Subroutine Support Assembler Name Reg. Number Description PC is

70 views • 6 slides
Automatic verification of counter systems via domain-specific multi-result supercompilation

Automatic verification of counter systems via domain-specific multi-result supercompilation

Automatic verification of counter systems via domain-specific multi-result supercompilation Andrei V. Klimov Ilya G. Klyuchnikov Sergei A. Romanenko Keldysh Institute of Applied Mathematics Russian Academy of Sciences 2012-07 / Meta 2012

843 views • 40 slides
Computer Security Foundations What is Security? Attacker Assets Threat Counter- measure

Computer Security Foundations What is Security? Attacker Assets Threat Counter- measure

IN3210 Network Security Computer Security Foundations What is Security? Attacker Assets Threat Counter- measure Computer Security Security of computers and networks Protection of digital assets Axioms of Computer Security:

240 views • 23 slides
Automatic Key Detection Computer Music Seminar Leon Wittwer June 28, 2017 Table of Contents

Automatic Key Detection Computer Music Seminar Leon Wittwer June 28, 2017 Table of Contents

Automatic Key Detection Computer Music Seminar Leon Wittwer June 28, 2017 Table of Contents Introduction Theory of Tonality and Key Key Detection Symbolic key detection Audio Key Detection Approach in Thesis Music Playing Conclusion 1

380 views • 36 slides
Decidable Problems for Counter Systems Day 5 Model-Checking Counter Systems St ephane Demri

Decidable Problems for Counter Systems Day 5 Model-Checking Counter Systems St ephane Demri

Decidable Problems for Counter Systems Day 5 Model-Checking Counter Systems St ephane Demri demri@lsv.ens-cachan.fr LSV, ENS Cachan, CNRS, INRIA ESSLLI 2010, Copenhagen, August 2010 Plan of the talk Previous lectures: CS,

823 views • 59 slides
FORCES TO COUNTER AN INCIDENT OF NUCLEAR SECURITY Cesar Romao System for the Protection of the

FORCES TO COUNTER AN INCIDENT OF NUCLEAR SECURITY Cesar Romao System for the Protection of the

PREPAREDNESS, READINESS AND INTEROPERABILITY OF CONTINGENCY FORCES TO COUNTER AN INCIDENT OF NUCLEAR SECURITY Cesar Romao System for the Protection of the Brazilian Nuclear Program Physical Protection System Process Amendment to the CPPNM

841 views • 14 slides
Timing Behavior Anomaly Detection for Automatic Failure Detection and Diagnosis Research visit at

Timing Behavior Anomaly Detection for Automatic Failure Detection and Diagnosis Research visit at

Timing Behavior Anomaly Detection for Automatic Failure Detection and Diagnosis Research visit at Charles Univerity Prague Matthias Rohr matthias.rohr@informatik.uni-oldenburg.de Graduate School TrustSoft, Software Engineering Group Department

969 views • 82 slides
Review: Program Execution Registers program counter, stack pointer, . . . Memory

Review: Program Execution Registers program counter, stack pointer, . . . Memory

Threads and Concurrency 1 Review: Program Execution Registers program counter, stack pointer, . . . Memory program code program data program stack containing procedure activation records CPU fetches and executes

699 views • 24 slides
Stack 2 Program Counter and GPRs (especially $sp, $ra, and $fp) REVIEW OF RELEVANT CONCEPTS 3

Stack 2 Program Counter and GPRs (especially $sp, $ra, and $fp) REVIEW OF RELEVANT CONCEPTS 3

1 EE 109 Unit 11 Subroutines and Stack 2 Program Counter and GPRs (especially $sp, $ra, and $fp) REVIEW OF RELEVANT CONCEPTS 3 Review of Program Counter PC is used to fetch an instruction PC contains the address of the next

693 views • 35 slides
Sidan 1 The Register File Zero ext . Branch 32 word (32 bit) registers. logic 0 A ALU

Sidan 1 The Register File Zero ext . Branch 32 word (32 bit) registers. logic 0 A ALU

Basic Building Blocks The Program Counter There is a special register inside the processor. Multiplexer Adder Demultiplexer Big enough to hold an instruction address (32 bits). Called the program counter (PC). + Computer

607 views • 5 slides
U.S. Counter-Piracy Program Policies and Regulations for US Commercial Fleet 1 US Government

U.S. Counter-Piracy Program Policies and Regulations for US Commercial Fleet 1 US Government

U.S. Counter-Piracy Program Policies and Regulations for US Commercial Fleet 1 US Government Interagency Counter-Piracy Action Plan CP Steering Group - Chaired by DOD/DOS and members from DHS (USCG), DOT (MARAD), and DOJ U.S. National

112 views • 8 slides
Use of Markov Chains to Design an Agent Bidding Strategy for Continuous Double Auctions Sunju

Use of Markov Chains to Design an Agent Bidding Strategy for Continuous Double Auctions Sunju

Use of Markov Chains to Design an Agent Bidding Strategy for Continuous Double Auctions Sunju Park Management Science and Information Systems Department Rutgers Business School, Rutgers University Edmund H. Durfee Artificial Intelligence

841 views • 24 slides
Speaking notes for Safety Culture Assessment: What are we trying to Achieve? Slide 16

Speaking notes for Safety Culture Assessment: What are we trying to Achieve? Slide 16

APPEA National oil and gas safety conference 7 August 2013 Speaking notes for National Program: Safety culture improvement initiatives in the offshore petroleum industry Joelle Mitchell Technical Officer Human Factors Slide 4 Why safety

201 views • 4 slides
AfgREN Connectivity and Training Report Introduction Afghanistan Research and Educational

AfgREN Connectivity and Training Report Introduction Afghanistan Research and Educational

AfgREN Connectivity and Training Report Introduction Afghanistan Research and Educational Network (AfgREN) More than 30 public universities connected to the Internet, trough fiber optic and microwave media. ISPs: Afghan Telecom and

1.84k views • 12 slides
SCARSDALE PUBLIC SCHOOLS 2017 Bond Project Planning October 19, 2017 2017 Bond Project Planning

SCARSDALE PUBLIC SCHOOLS 2017 Bond Project Planning October 19, 2017 2017 Bond Project Planning

SCARSDALE PUBLIC SCHOOLS 2017 Bond Project Planning October 19, 2017 2017 Bond Project Planning Update Introductions D istrict Drew Patrick - Assistant Superintendent for HR and Leadership Development Eric Rauschenbach Director of Special

582 views • 13 slides
CO CORB RBIN IN BLO BLOCK CK DA DARIEN, CONNECTICUT RIEN, CONNECTICUT Town of Darien

CO CORB RBIN IN BLO BLOCK CK DA DARIEN, CONNECTICUT RIEN, CONNECTICUT Town of Darien

CO CORB RBIN IN BLO BLOCK CK DA DARIEN, CONNECTICUT RIEN, CONNECTICUT Town of Darien Environmental Protection Commission Prepared by: Baywater Properties Corbin Block Development Darien, Connecticut CORB CO RBIN IN BLO BLOCK CK

534 views • 19 slides
JPSS: SBN (AWIPS Products) Brian Gockel Acting NWS Ground Readiness Project Manager NOAA/NWS

JPSS: SBN (AWIPS Products) Brian Gockel Acting NWS Ground Readiness Project Manager NOAA/NWS

JPSS: SBN (AWIPS Products) Brian Gockel Acting NWS Ground Readiness Project Manager NOAA/NWS Office of Observations April 29, 2015 JPSS: SBN (AWIPS Products) - Topics S-NPP/JPSS Product Flow to AWIPS NOAAPort SBN S-NPP/JPSS Products

387 views • 11 slides
Aspects on the Flow-Level Performance of Wireless Fading Channels Amr Rizk in parts joint work

Aspects on the Flow-Level Performance of Wireless Fading Channels Amr Rizk in parts joint work

10 00 11 01 Aspects on the Flow-Level Performance of Wireless Fading Channels Amr Rizk in parts joint work with K. Mahmood, Y. Jiang, N. Becker and M. Fidler Institute of Communications Technology Leibniz Universitt Hannover, Germany

568 views • 21 slides
BCNU/MOH/HEABC, AND IMPLEMENTATION PLAN 2015 Presented at leadership conference 2015 Gayle

BCNU/MOH/HEABC, AND IMPLEMENTATION PLAN 2015 Presented at leadership conference 2015 Gayle

REPLACEMENT GRIEVANCE SETTLEMENT AGREEMENT BETWEEN BCNU/MOH/HEABC, AND IMPLEMENTATION PLAN 2015 Presented at leadership conference 2015 Gayle Duteil, BCNU President May 13, 2015 INTRODUCTION AND BACKGROUND 2 BACKGROUND As a result of

750 views • 50 slides

More recommend