transient side channels
play

Transient Side Channels Mengjia Yan Fall 2020 Based on slides from - PowerPoint PPT Presentation

Sep 08, 2022 •661 likes •1.46k views

Transient Side Channels Mengjia Yan Fall 2020 Based on slides from Christopher W. Fletcher Reminder 1 st paper review due midnight on 09/27 (before the next lecture) You will receive an invitation from HotCRP

  1. Transient Side Channels Mengjia Yan Fall 2020 Based on slides from Christopher W. Fletcher

  2. Reminder • 1 st paper review due midnight on 09/27 (before the next lecture) • You will receive an invitation from HotCRP • https://mit-6888-fa20.hotcrp.com/ 6.888 L6-Transient Side Channels 2

  3. Micro-architecture Side Channels secret-dependent execution A Channel (a micro-architecture structure) Victim Attacker Kiriansky et al. DAWG: a defense against cache timing attacks in speculative execution processors. MICRO’18 6.888 L6-Transient Side Channels 3

  4. Micro-architecture Side Channels secret-dependent execution A Channel (a micro-architecture structure) Victim Attacker X {Cache, DRAM, TLB, NoC, etc.} {Transient, Non-transient} Kiriansky et al. DAWG: a defense against cache timing attacks in speculative execution processors. MICRO’18 6.888 L6-Transient Side Channels 3

  5. Recap: 5-stage Pipeline 0x4 Add we rs1 rs2 rd1 we PC addr ws IR addr rdata ALU wdrd2 rdata GPRs Data Inst. Memory Memory Imm wdata Ext Write-Back Execute Memory Decode, Reg. Fetch I-Fetch (WB) (EX) (MA) (ID) (IF) 6.888 L6-Transient Side Channels 4

  6. 5-stage Pipeline 0x4 Add we rs1 rs2 rd1 we addr PC ws IR addr rdata ALU wdrd2 rdata GPRs Data Inst. Memory Imm Memory wdata Ext I-Fetch Write-Back Decode, Reg. Fetch Execute Memory (IF) (WB) (EX) (ID) (MA) time t0 t1 t2 t3 t4 t5 t6 t7 . . . . instruction1 IF 1 ID 1 EX 1 MA 1 WB 1 instruction2 IF 2 ID 2 EX 2 MA 2 WB 2 instruction3 IF 3 ID 3 EX 3 MA 3 WB 3 instruction4 IF 4 ID 4 EX 4 MA 4 WB 4 instruction5 IF 5 ID 5 EX 5 MA 5 WB 5 6.888 L6-Transient Side Channels 5

  7. 5-stage Pipeline 0x4 Add we rs1 rs2 rd1 we addr PC ws IR addr rdata ALU wdrd2 rdata GPRs Data Inst. Memory Imm Memory wdata Ext I-Fetch Write-Back Decode, Reg. Fetch Execute Memory (IF) (WB) (EX) (ID) (MA) time t0 t1 t2 t3 t4 t5 t6 t7 . . . . instruction1 IF 1 ID 1 EX 1 MA 1 WB 1 instruction2 IF 2 ID 2 EX 2 MA 2 WB 2 instruction3 IF 3 ID 3 EX 3 MA 3 WB 3 instruction4 IF 4 ID 4 EX 4 MA 4 WB 4 instruction5 IF 5 ID 5 EX 5 MA 5 WB 5 6.888 L6-Transient Side Channels 5

  8. 5-stage Pipeline 0x4 Add we rs1 rs2 rd1 we addr PC ws IR addr rdata ALU wdrd2 rdata GPRs Data Inst. Memory Imm Memory wdata Ext I-Fetch Write-Back Decode, Reg. Fetch Execute Memory (IF) (WB) (EX) (ID) (MA) • In-order execution: • Execute instructions according to the program order time t0 t1 t2 t3 t4 t5 t6 t7 . . . . instruction1 IF 1 ID 1 EX 1 MA 1 WB 1 instruction2 IF 2 ID 2 EX 2 MA 2 WB 2 instruction3 IF 3 ID 3 EX 3 MA 3 WB 3 instruction4 IF 4 ID 4 EX 4 MA 4 WB 4 instruction5 IF 5 ID 5 EX 5 MA 5 WB 5 6.888 L6-Transient Side Channels 5

  9. Data Hazard and Control Hazard time t0 t1 t2 t3 t4 t5 t6 t7 . . . . Loop: …… LD(R1, 0, R2) IF 1 ID 1 EX 1 MA 1 WB 1 ADD(R2, 10, R3) IF 2 ID 2 EX 2 MA 2 WB 2 BNE(R3, Loop) IF 3 ID 3 EX 3 MA 3 WB 3 …… 6.888 L6-Transient Side Channels 6

  10. Resolving Hazards • Stall or Bypass time t0 t1 t2 t3 t4 t5 t6 t7 . . . . Loop: …… LD(R1, 1, R2) IF 1 ID 1 EX 1 MA 1 WB 1 ADD(R2, 10, R3) IF 2 ID 2 EX 2 MA 2 WB 2 BNE(R3, Loop) IF 3 ID 3 EX 3 MA 3 WB 3 …… • Speculation (e.g., branch predictor) • Guess a value and continue executing anyway • When actual value is available, two cases • Guessed correctly à do nothing • Guessed incorrectly à restart with correct value (roll back) 6.888 L6-Transient Side Channels 7

  11. Branch Predictor • Predict Taken/Not taken • Not taken: PC+4 • Taken: need to know target address 6.888 L6-Transient Side Channels 8

  12. Branch Predictor • Predict Taken/Not taken • Not taken: PC+4 • Taken: need to know target address • Predict target address • Branch target buffer (BTB) • Map <current PC, target PC> 6.888 L6-Transient Side Channels 8

  13. Branch Predictor • Predict Taken/Not taken • Not taken: PC+4 • Taken: need to know target address • Predict target address • Branch target buffer (BTB) • Map <current PC, target PC> • Use history information to setup the predictor 6.888 L6-Transient Side Channels 8

  14. Complex In-order Pipeline ALU Mem IF ID Issue WB Fadd GPRs FPRs Fmul Fdiv • Need complex bypass/stall/kill paths 6.888 L6-Transient Side Channels 9

  15. Complex In-order Pipeline ALU Mem IF ID Issue WB Fadd GPRs FPRs Fmul Fdiv • Need complex bypass/stall/kill paths • In real systems, EX/MA can take multiple cycles 6.888 L6-Transient Side Channels 9

  16. Out-of-order Execution • When the pipeline is stalled, find something else to do time t0 t1 t2 t3 t4 t5 t6 t7 ALU Mem IF ID Issue WB Fadd GPRs FPRs Fmul Fdiv 6.888 L6-Transient Side Channels 10

  17. Out-of-order Execution • When the pipeline is stalled, find something else to do time t0 t1 t2 t3 t4 t5 t6 t7 ALU Mem IF ID Issue WB LD(R1, 1, R2) IF 1 ID 1 EX 1 MA 1 MA 1 MA 1 MA 1 WB 1 Fadd GPRs ADD( R3 , 10, R4) IF 2 ID 2 EX 2 MA 2 WB 2 FPRs Fmul SUB(R4, 10, R5) IF 3 ID 3 EX 3 MA 3 WB 3 …… Fdiv 6.888 L6-Transient Side Channels 10

  18. Out-of-order Execution • When the pipeline is stalled, find something else to do • When we do out-of-order execution, we are speculating that previous instructions do not cause exception time t0 t1 t2 t3 t4 t5 t6 t7 ALU Mem IF ID Issue WB LD(R1, 1, R2) IF 1 ID 1 EX 1 MA 1 MA 1 MA 1 MA 1 WB 1 Fadd GPRs ADD( R3 , 10, R4) IF 2 ID 2 EX 2 MA 2 WB 2 FPRs Fmul SUB(R4, 10, R5) IF 3 ID 3 EX 3 MA 3 WB 3 …… Fdiv 6.888 L6-Transient Side Channels 10

  19. Out-of-order Execution • When the pipeline is stalled, find something else to do • When we do out-of-order execution, we are speculating that previous instructions do not cause exception • If instruction n is speculative instruction, instruction n+i is also speculative time t0 t1 t2 t3 t4 t5 t6 t7 ALU Mem IF ID Issue WB LD(R1, 1, R2) IF 1 ID 1 EX 1 MA 1 MA 1 MA 1 MA 1 WB 1 Fadd GPRs ADD( R3 , 10, R4) IF 2 ID 2 EX 2 MA 2 WB 2 FPRs Fmul SUB(R4, 10, R5) IF 3 ID 3 EX 3 MA 3 WB 3 …… Fdiv 6.888 L6-Transient Side Channels 10

  20. Speculative & Out-of-Order Execution Update predictors Branch Prediction In-Order Decode & Commit PC Fetch Rename (head of ROB) In-Order 11

  21. Speculative & Out-of-Order Execution Update predictors Branch Prediction In-Order Decode & Commit PC Fetch Rename (head of ROB) In-Order Physical Reg. File Physical Reg. File FALU …… ALU MEM Execute 11

  22. Speculative & Out-of-Order Execution Update predictors Branch Prediction Out-of-Order In-Order Decode & Reorder Buffer Commit PC Fetch Rename (ROB) (head of ROB) In-Order Physical Reg. File Physical Reg. File FALU …… ALU MEM Execute 11

  23. Speculative & Out-of-Order Execution Update predictors Branch Prediction Out-of-Order In-Order Decode & Reorder Buffer Commit PC Fetch Rename (ROB) (head of ROB) In-Order Physical Reg. File Physical Reg. File Dispatch logic: Detect data dependency, FALU …… issue instructions to execute ALU MEM Execute 11

  24. Speculative & Out-of-Order Execution Update predictors Branch Resolution Branch Prediction Out-of-Order In-Order Decode & Reorder Buffer Commit PC Fetch Rename (ROB) (head of ROB) In-Order Physical Reg. File Physical Reg. File Dispatch logic: Detect data dependency, FALU …… issue instructions to execute ALU MEM Execute 11

  25. Speculative & Out-of-Order Execution Update predictors Branch kill Resolution Branch kill kill Prediction kill Out-of-Order In-Order Decode & Reorder Buffer Commit PC Fetch Rename (ROB) (head of ROB) In-Order Physical Reg. File Physical Reg. File Dispatch logic: Detect data dependency, FALU …… issue instructions to execute ALU MEM Execute 11

  26. Terminology A speculative instruction may squash. When executed, can change uArch state • 6.888 L6-Transient Side Channels 12

  27. Terminology A speculative instruction may squash. When executed, can change uArch state • A Transient instruction will squash, i.e., will not commit. A Non-Transient instruction will not squash, i.e., will eventually retire. 6.888 L6-Transient Side Channels 12

  28. Terminology A speculative instruction may squash. When executed, can change uArch state • A Transient instruction will squash, i.e., will not commit. A Non-Transient instruction will not squash, i.e., will eventually retire. That is, transient instructions are unreachable on a non-speculative microarchitecture. 6.888 L6-Transient Side Channels 12

  29. General Attack Schema Attacker Victim Access secret recv() transmit (secret) Channel 6.888 L6-Transient Side Channels 13

  30. General Attack Schema Attacker Victim Access secret recv() transmit (secret) Channel • The difference between transient and non-transient side channels • Whether the secret access or transmitter execution is transient 6.888 L6-Transient Side Channels 13

  31. Meltdown & Spectre

  32. Kernel/User Pages Virtual memory 0x00000000 • In x86, a process’s virtual address space Kernel pages includes kernel pages, but kernel pages are only accessible in kernel mode • For performance purpose • Avoids switching page tables on context switches User pages 6.888 L6-Transient Side Channels 15 0xffffffff

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Non-transient Side Channels Mengjia Yan Fall 2020 6.888 L5-Non-transient Side Channels 1 Lab

Non-transient Side Channels Mengjia Yan Fall 2020 6.888 L5-Non-transient Side Channels 1 Lab

Non-transient Side Channels Mengjia Yan Fall 2020 6.888 L5-Non-transient Side Channels 1 Lab Assignment Handout on course website Each (regular) student will receive an email Solo or 2-person group Individual GitHub repo

1.24k views • 102 slides
Non-transient Side Channels Mengjia Yan Fall 2020 6.888 L5-Non-transient Side Channels 1 Lab

Non-transient Side Channels Mengjia Yan Fall 2020 6.888 L5-Non-transient Side Channels 1 Lab

Non-transient Side Channels Mengjia Yan Fall 2020 6.888 L5-Non-transient Side Channels 1 Lab Assignment Handout on course website Each (regular) student will receive an email Solo or 2-person group Individual GitHub repo

978 views • 42 slides
Outline Side and covert channels Transient execution CSci 5271 Introduction to Computer

Outline Side and covert channels Transient execution CSci 5271 Introduction to Computer

Outline Side and covert channels Transient execution CSci 5271 Introduction to Computer Security Transient execution and kernel isolation: Meltdown Day 11: Side Channels and Transient Execution Stephen McCamant Transient execution and kernel

496 views • 4 slides
Transient Side Channels Mengjia Yan Fall 2020 Based on slides from Christopher W. Fletcher

Transient Side Channels Mengjia Yan Fall 2020 Based on slides from Christopher W. Fletcher

Transient Side Channels Mengjia Yan Fall 2020 Based on slides from Christopher W. Fletcher Reminder 1 st paper review due midnight on 09/27 (before the next lecture) You will receive an invitation from HotCRP

561 views • 27 slides
Side Channels and Covert Channels Daniel Bosk Department of Information and Communication Systems

Side Channels and Covert Channels Daniel Bosk Department of Information and Communication Systems

Side Channels Covert Channels References Side Channels and Covert Channels Daniel Bosk Department of Information and Communication Systems (ICS), Mid Sweden University, Sundsvall. 1st May 2017 Daniel Bosk MIUN ICS Side Channels and Covert

689 views • 32 slides
Screaming Ch Channels When Electromagnetic Side Channels Meet Radio Transceivers Giovanni

Screaming Ch Channels When Electromagnetic Side Channels Meet Radio Transceivers Giovanni

Screaming Ch Channels When Electromagnetic Side Channels Meet Radio Transceivers Giovanni Camurati, Sebastian Poeplau, Marius Muench, Tom Hayes, Aurlien Francillon Whats this all about? - A nov novel attack ex exploiting g EM side

886 views • 77 slides
Covert and Side Channels Robert Brotzman-Smith Covert Channels Any communication channel that

Covert and Side Channels Robert Brotzman-Smith Covert Channels Any communication channel that

Covert and Side Channels Robert Brotzman-Smith Covert Channels Any communication channel that can be exploited by a process to transfer information in a manner that violates the systems security policy US DoD 1985 Basically a

1.04k views • 67 slides
Outline Transient execution covert channels (contd) OS trust and assurance CSci 5271

Outline Transient execution covert channels (contd) OS trust and assurance CSci 5271

Outline Transient execution covert channels (contd) OS trust and assurance CSci 5271 Introduction to Computer Security Announcements intermission Transient Execution, OS Assurance, and Networks Brief introduction to networking Stephen

554 views • 7 slides
Palomar Transient Factory and the Search for Progenitors Channels of SNe Ia Peter Nugent, Chris

Palomar Transient Factory and the Search for Progenitors Channels of SNe Ia Peter Nugent, Chris

Palomar Transient Factory and the Search for Progenitors Channels of SNe Ia Peter Nugent, Chris Frohmaier &amp; Mark Sullivan Motivation SNe govern the heavy element production of the Universe and cycle matter in galaxies. - A SN rate provides

463 views • 27 slides
FUCHSIA: Data-Driven Debugging for Functional Side Channels Saeid Tizpaz-Niari* , Pavol Cerny,

FUCHSIA: Data-Driven Debugging for Functional Side Channels Saeid Tizpaz-Niari* , Pavol Cerny,

FUCHSIA: Data-Driven Debugging for Functional Side Channels Saeid Tizpaz-Niari* , Pavol Cerny, Ashutosh Trivedi *University of Colorado Boulder Functional Case Motivation Side Channels Studies Functional Case Motivation Side Channels

366 views • 24 slides
Side Channels CS 161: Computer Security Prof. David Wagner April 23, 2013 UI Side Channel

Side Channels CS 161: Computer Security Prof. David Wagner April 23, 2013 UI Side Channel

Side Channels CS 161: Computer Security Prof. David Wagner April 23, 2013 UI Side Channel Snooping Scenario: Ann the Attacker works in a building across the street from Victor the Victim. Late one night Ann can see Victor hard at work in

727 views • 44 slides
CSE 127: I ntroduction to Security Lecture 16: Side Channels and Constant-Time Code Nadia

CSE 127: I ntroduction to Security Lecture 16: Side Channels and Constant-Time Code Nadia

CSE 127: I ntroduction to Security Lecture 16: Side Channels and Constant-Time Code Nadia Heninger and Deian Stefan UCSD Fall 2019 Some material from Dan Boneh, Stefan Savage Reminder: Side-channel attacks You saw before how timing

1.37k views • 81 slides
Nomad : Mitigating Arbitrary Cloud Side Channels via Provider-Assisted Migration Soo-Jin Moon,

Nomad : Mitigating Arbitrary Cloud Side Channels via Provider-Assisted Migration Soo-Jin Moon,

Nomad : Mitigating Arbitrary Cloud Side Channels via Provider-Assisted Migration Soo-Jin Moon, Vyas Sekar Michael K. Reiter Co-residency side-channel attacks in clouds Stealing secrets (e.g., keys) VM VM VM Machine Machine Many

1.03k views • 69 slides
Loose Ends: Side Channels, Government Surveillance &amp; Targeted

Loose Ends: Side Channels, Government Surveillance &amp; Targeted

CSE 484 / CSE M 584: Computer Security and Privacy Loose Ends: Side Channels, Government Surveillance &amp; Targeted Attacks Spring 2015 Franziska

622 views • 27 slides
Off-Path Round Trip Time Measurement via TCP/IP Side Channels Geoffrey Alexander and Jedidiah R.

Off-Path Round Trip Time Measurement via TCP/IP Side Channels Geoffrey Alexander and Jedidiah R.

Off-Path Round Trip Time Measurement via TCP/IP Side Channels Geoffrey Alexander and Jedidiah R. Crandall University of New Mexico, USA How do you measure something? Interact directly T ake samples Multiple tests 2 Problem How

533 views • 26 slides
Isolation and side-channels Nadia Heninger and Deian Stefan Some slides adopted from John

Isolation and side-channels Nadia Heninger and Deian Stefan Some slides adopted from John

CSE 127: Computer Security Isolation and side-channels Nadia Heninger and Deian Stefan Some slides adopted from John Mitchell, Dan Boneh, and Stefan Savage Today Lecture objectives: Understand basic principles for building secure systems

1.08k views • 78 slides
Load/Store Instructions Address computation: RD := M(sext(imm)+RS1) means: RD M [ adr ]

Load/Store Instructions Address computation: RD := M(sext(imm)+RS1) means: RD M [ adr ]

Load/Store Instructions Address computation: RD := M(sext(imm)+RS1) means: RD M [ adr ] where adr = mod( R RS 1 + sext 32 ( imm ) , 2 32 ) . Load/Store-instructions: Load/Store Semantics RD := M(sext(imm)+RS1) lw

229 views • 5 slides
Bitwise Operations, Loops and using the terminal Eric McCreath Integer Operations rPeANUt has a

Bitwise Operations, Loops and using the terminal Eric McCreath Integer Operations rPeANUt has a

Bitwise Operations, Loops and using the terminal Eric McCreath Integer Operations rPeANUt has a standard set of integer operations that work on 2s complement 32 signed integers. These are: addition add &lt;RS1&gt; &lt;RS2&gt; &lt;RD&gt;

1.26k views • 8 slides
CMPSC 497: Software Fault Isolation Trent Jaeger Systems and Internet Infrastructure

CMPSC 497: Software Fault Isolation Trent Jaeger Systems and Internet Infrastructure

CMPSC 497: Software Fault Isolation Trent Jaeger Systems and Internet Infrastructure Security (SIIS) Lab Computer Science and Engineering Department Pennsylvania State University Systems and Internet Infrastructure Security Laboratory

705 views • 34 slides
This Unit: Single-Cycle Datapath App App App Datapath storage elements System software

This Unit: Single-Cycle Datapath App App App Datapath storage elements System software

This Unit: Single-Cycle Datapath App App App Datapath storage elements System software MIPS Datapath CIS 371 MIPS Control Mem CPU I/O Computer Organization and Design Unit 4: Single-Cycle Datapath Based on slides by Prof. Amir

287 views • 14 slides
Decision Properties of Regular Languages General Discussion of Properties The Pumping

Decision Properties of Regular Languages General Discussion of Properties The Pumping

Decision Properties of Regular Languages General Discussion of Properties The Pumping Lemma Membership, Emptiness, Etc. 1 Properties of Language Classes A language class is a set of languages. We have one example: the regular

883 views • 56 slides
Scalability Visibility Windows Update Certification [&amp; Client] Intent: when

Scalability Visibility Windows Update Certification [&amp; Client] Intent: when

Reliability WaaS Scalability Visibility Windows Update Certification [&amp; Client] Intent: when Targeting should the driver Classification Signing and Ranking be offered? Who validations should receive it?

687 views • 31 slides
Lisa Randall, Harvard University Entering LHC Era Entering LHC Era Many challenges as LHC

Lisa Randall, Harvard University Entering LHC Era Entering LHC Era Many challenges as LHC

Lisa Randall, Harvard University Entering LHC Era Entering LHC Era Many challenges as LHC approaches Many challenges as LHC approaches Critical questions: Critical questions: Are we optimizing existing searches? Are we

560 views • 44 slides
Design and Implementatjon of a Dynamic Informatjon Flow Tracking Architecture to Secure a RISC-V

Design and Implementatjon of a Dynamic Informatjon Flow Tracking Architecture to Secure a RISC-V

Design and Implementatjon of a Dynamic Informatjon Flow Tracking Architecture to Secure a RISC-V Core for IoT Applicatjons Christjan Palmiero , Giuseppe Di Guglielmo , Luciano Lavagno , Luca P. Carloni Politecnico Di Torino

218 views • 18 slides

More recommend