trusted hardware
play

Trusted Hardware Sai Krishna Deepak Maram, CS 6410 Move to a - PowerPoint PPT Presentation

Nov 23, 2023 •294 likes •591 views

Trusted Hardware Sai Krishna Deepak Maram, CS 6410 Move to a Cloud-based model User apps User apps PaaS Software Software Cloud Provider manages the Hypervisor Hypervisor stack OS OS Move to a Cloud-based model Privileged User apps

  1. Trusted Hardware Sai Krishna Deepak Maram, CS 6410

  2. Move to a Cloud-based model User apps User apps PaaS Software Software Cloud Provider manages the Hypervisor Hypervisor stack OS OS

  3. Move to a Cloud-based model Privileged User apps code Software Software Malicious cloud provider? Hypervisor Hypervisor OS OS

  4. Can you trust the cloud? - Huge Trusted Computing Base (TCB) - Cloud Provider’s software - Management stack - Sysadmins

  5. What do we want?

  6. Shielded Execution using SGX Confidentiality : The execution state is Privileged SGX unobservable to the rest of the system. code Enclave Software Integrity : If the program completes, its output is Cloud Provider the same as a correct execution on a reference manages the Hypervisor platform stack OS

  7. Is shielded execution sufficient?

  8. Remote attestation Goal: Allow cryptographic verification that specific software has been loaded within an ● enclave While an enclave is initialized, its contents is cryptographically hashed by the CPU ○ forming the enclave’s measurement Generated using a key burnt on the SGX chip ● Root of trust: Intel ○ Enclave Intel attestation service (IAS) for verification ○ Initialization SGX Private key Chip Private key Intel Measurement Public key IAS hash

  9. How does SGX achieve this?

  10. Memory protection - EPC (Enclave Page Cache) - A separate region in physical memory - All enclave pages reside here - Hardware tracks meta info corresponding to each page Virtualized -

  11. Memory protection - EPC (Enclave Page Cache): A separate region in physical memory - Encrypted and integrity-protected before writing to the main memory - Same page table as the underlying OS - Access checks are performed to ensure any other application (not even other enclaves) can access an enclave’s data

  12. Execution lifecycle (high-level) - Loading stage: Performed by untrusted code - Enclave is initialized by copying code/data into EPC Pages - At the end of which, contents are hashed to compute enclave’s measurement hash - Enclave mode: - Special instructions to create an enclave, add pages to enclave and exit an enclave - Similar to switching from user to kernel mode - Secure mechanisms to handle interrupts (or) page faults to protect from OS exception handlers

  13. Before SGX?

  14. Trusted Platform Module (TPM) Attestation-based ● Can be used with commodity systems ● Weak security ● Much bigger TCB than SGX: Measurement hash covers all the OS modules and device drivers ○ Very hard to keep an up-to-date list of the hashes ○ Many more attacks.... ○

  15. How to port legacy applications into SGX?

  16. Developing applications in SGX - Untrusting OS: Makes it harder - Any function call (or) syscall made outside the enclave are not guaranteed to return - Even if data returns, enclave cannot trust the data returned

  17. Haven - Haven design goals: - Mutual distrust b/w guest and host - Run legacy apps inside SGX without any modifications - Application interacts only with LibOS - Assumes libOS is carefully implemented - Shield module interacts with the untrusted host OS

  18. How Haven handles Iago attacks Iago attacks: “Malicious kernel attempts to subvert an isolated application by exploiting its assumption of correct OS behaviour, for example when using the results of system calls” LibOS: Implement entire OS as part of the Trusted Computing Base . Limits the interaction of enclave app with the actual OS, thus reducing the attack surface.

  20. LibOS and Exokernels Both bring OS level functionalities to the user space, but for what reasons? - Efficiency in Exokernel: “Move OS functionality to the user space to grant more flexibility” - Security in Haven’s LibOS: “Move OS functionality into the enclave to reduce attack space”

  21. Haven Performance - 35% - 65% slowdown - Depends on the exact use case -

  22. Haven influencing SGX

  23. Haven influencing SGX design - Dynamic memory allocation - SGX does not allow addition of enclave pages after the creation of enclave - Exception Handling - SGX does not allow handling of all exceptions - Some other limitations Fixed in v2.0

  24. SGX: What’s new? Latest v2.3 ● Trusted randomness, other crypto operations ○ File abstractions inside an enclave ○ Baidu’s Rust SGX SDK ● Dockerized ○ Runs a simulated version on machines without SGX chip as well ○

  25. Is SGX secure? Sophisticated side channel attacks ● Foreshadow - Usenix’18 ● Speculative execution ○

  26. Trusted hardware makes the attacker’s job costly

  27. Discussion Haven - Exokernel connection to Haven - Impact of Haven and why it’s not more widely used? SGX - Does trusted hardware solve the problem of security in the cloud? - Can SGX still be useful in face of side channel attacks?

  28. Thank you! References: 1. Haven, Slides 2. Intel SGX explained

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Secure Hardware HOW CAN WE PROTECT OUR HARDWARE ??? HOW CAN OUR HARDWARE PROTECT ITSELF ??? 1

Secure Hardware HOW CAN WE PROTECT OUR HARDWARE ??? HOW CAN OUR HARDWARE PROTECT ITSELF ??? 1

Secure Hardware HOW CAN WE PROTECT OUR HARDWARE ??? HOW CAN OUR HARDWARE PROTECT ITSELF ??? 1 OReilly 2 Trusted or Trustworthy? An object is trusted if and only if it operates as expected An object is trustworthy if and only if it is

707 views • 45 slides
Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides

Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides

Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklins 712 lecture, Fall 2006) Trusted Computing Hardware What can you do if you have trusted hardware?

315 views • 27 slides
& Trusted Computing Erik Poll Digital Security Radboud University Nijmegen Classic

& Trusted Computing Erik Poll Digital Security Radboud University Nijmegen Classic

Hardware Security Trusted Execution Environments (TEEs) & Trusted Computing Erik Poll Digital Security Radboud University Nijmegen Classic hardware-backed security solutions smartcard for users HSM (Hardware Security Module) in

774 views • 63 slides
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian Tramr (joint work with Dan Boneh) Intel, Santa Clara August 30 th 2018 Trusted execution of ML: 3 motivating scenarios 1. Outsourced ML Data

781 views • 21 slides
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware F LORIAN T

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware F LORIAN T

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware F LORIAN T RAMR & D AN B ONEH ICLR, New Orleans May 7 th 2019 2 Securely outsourcing ML inference with hardware isolation - Intel SGX input X -

554 views • 10 slides
Protecting Password Databases using Trusted Hardware Klaudia Krawiecka, Andrew Paverd, N.

Protecting Password Databases using Trusted Hardware Klaudia Krawiecka, Andrew Paverd, N.

Protecting Password Databases using Trusted Hardware Klaudia Krawiecka, Andrew Paverd, N. Asokan Aalto University, Finland This work was supported by the Cloud Security Services (CloSer) project funded by Tekes - the Finnish Funding

351 views • 20 slides
Efficient and Fair MPC using Blockchain and Trusted Hardware Souradyuti Paul Ananya Shrivastava

Efficient and Fair MPC using Blockchain and Trusted Hardware Souradyuti Paul Ananya Shrivastava

Efficient and Fair MPC using Blockchain and Trusted Hardware Souradyuti Paul Ananya Shrivastava (IIT Bhilai) (IIT Gandhinagar) Latincrypt 2019 Santiago, Chile October 3, 2019 Outline Multiparty Computation (MPC) Security

613 views • 22 slides
Leaky Processors and the RISE of Hardware-Based Trusted Computing Jo Van Bulck imec-DistriNet,

Leaky Processors and the RISE of Hardware-Based Trusted Computing Jo Van Bulck imec-DistriNet,

Leaky Processors and the RISE of Hardware-Based Trusted Computing Jo Van Bulck imec-DistriNet, KU Leuven jo.vanbulck@cs.kuleuven.be jovanbulck 1st RISE Annual Conference, November 14, 2018 A primer on software security Secure program:

952 views • 79 slides
Trusted Platform Modules and Hardware-based Security Andreas Nilsson Masters Student at Nada,

Trusted Platform Modules and Hardware-based Security Andreas Nilsson Masters Student at Nada,

Trusted Platform Modules and Hardware-based Security Andreas Nilsson Masters Student at Nada, KTH Pointsec Mobile Technologies TPM Introduction Microcontroller affixed to the motherboard. Cryptographic functions like key storage

834 views • 35 slides
Hardware Enclaves & In Intel SGX CS261 Hardware Enclaves HW abstractions for

Hardware Enclaves & In Intel SGX CS261 Hardware Enclaves HW abstractions for

Hardware Enclaves & In Intel SGX CS261 Hardware Enclaves HW abstractions for distributing trusted execution to untrusted platforms 2 Hardware Enclaves HW abstractions for distributing trusted execution to untrusted platforms

1.06k views • 18 slides
Tr I nc: Small Trusted Hardware for Large Distributed Systems Dave Levin University of Maryland

Tr I nc: Small Trusted Hardware for Large Distributed Systems Dave Levin University of Maryland

Tr I nc: Small Trusted Hardware for Large Distributed Systems Dave Levin University of Maryland John R. Douceur Jacob R. Lorch Microsoft Research Thomas Moscibroda Trust in distributed systems Selfish Malicious Participants Participants

1.62k views • 124 slides
RustZone: Writing Trusted Applications in Rust Eric Evenchick Black Hat Asia 2018 About Me

RustZone: Writing Trusted Applications in Rust Eric Evenchick Black Hat Asia 2018 About Me

RustZone: Writing Trusted Applications in Rust Eric Evenchick Black Hat Asia 2018 About Me Principal Research Consultant @ Atredis Partners Founder, Developer of Open Source Hardware Things @ Linklayer Labs Outline Trusted

847 views • 30 slides
Authenticated Storage Using Small Trusted Hardware Hsin-Jung Yang, Victor Costan, Nickolai

Authenticated Storage Using Small Trusted Hardware Hsin-Jung Yang, Victor Costan, Nickolai

Authenticated Storage Using Small Trusted Hardware Hsin-Jung Yang, Victor Costan, Nickolai Zeldovich, and Srini Devadas Massachusetts Institute of Technology November 8th, CCSW 2013 Cloud Storage Model Cloud Storage Requirements Privacy

1.11k views • 55 slides
STAN Current State and Future Work Scalable Hardware-Aided Trusted Data Management Nico

STAN Current State and Future Work Scalable Hardware-Aided Trusted Data Management Nico

STAN Current State and Future Work Scalable Hardware-Aided Trusted Data Management Nico Weichbrodt, 2019-09-03/04 Moving Databases to the Cloud Everyone moves to the cloud Higher scalability and availability But: no trust in the cloud

502 views • 15 slides
Execution Secure Processors Eurocrypt May 1 st , 2017 Rafael Pass, Elaine Shi, Florian Tramr

Execution Secure Processors Eurocrypt May 1 st , 2017 Rafael Pass, Elaine Shi, Florian Tramr

Formal Abstractions for Attested Execution Secure Processors Eurocrypt May 1 st , 2017 Rafael Pass, Elaine Shi, Florian Tramr Trusted hardware: Different communities, different world views 2 Trusted hardware: Different communities,

929 views • 72 slides
Hardware Enclave Attacks CS261 Threat Model of Hardware Enclaves Intel Attestation Process

Hardware Enclave Attacks CS261 Threat Model of Hardware Enclaves Intel Attestation Process

Hardware Enclave Attacks CS261 Threat Model of Hardware Enclaves Intel Attestation Process Service Untrusted (IAS) Enclave Enclave Code Trusted Process Process Enclave Other Data Enclave OS and/or Hypervisor Off-chip devices 2

531 views • 24 slides
VC3: Trustworthy Data Analytics in the Cloud using SGX Felix Schuster , Manuel Costa, Cedric

VC3: Trustworthy Data Analytics in the Cloud using SGX Felix Schuster , Manuel Costa, Cedric

VC3: Trustworthy Data Analytics in the Cloud using SGX Felix Schuster , Manuel Costa, Cedric Fournet, Christos Gkantsidis Marcus Peinado, Gloria Mainar-Ruiz, Mark Russinovich Microsoft Research Outline Introduction Background

567 views • 18 slides
A Broadside Register Clock Broadside D Q register N N Clock Q0 D D0 Q1 D1 D Q2 D2

A Broadside Register Clock Broadside D Q register N N Clock Q0 D D0 Q1 D1 D Q2 D2

A Broadside Register Clock Broadside D Q register N N Clock Q0 D D0 Q1 D1 D Q2 D2 D Q(N-1) D(N-1) D 1 A broadside two-to-one multiplexor Select N N DT Y DF N MUX2 Select DT0 Y0 DF0 DT1 Y1 DF1 DT(N-1) Y(N-1)

633 views • 62 slides
Activities related to monolithic and vertically Activities related to monolithic and vertically

Activities related to monolithic and vertically Activities related to monolithic and vertically

Activities related to monolithic and vertically Activities related to monolithic and vertically integrated pixel detector at CERN Michael Campbell Michael Campbell PH-ESE CERN Outline Outline Low cost bump bonding CERN MPW service

349 views • 24 slides
Separation of Variables Legendre Equations Bernd Schr oder logo1 Bernd Schr oder

Separation of Variables Legendre Equations Bernd Schr oder logo1 Bernd Schr oder

Introduction in a Spherically Symmetric Geometry Separating Spherical Coordinates Obtaining the Legendre Equation Separation of Variables Legendre Equations Bernd Schr oder logo1 Bernd Schr oder Louisiana Tech University,

950 views • 77 slides
Trusted Execution Environments Chester Rebeiro IIT Madras Some of the slides borrowed from

Trusted Execution Environments Chester Rebeiro IIT Madras Some of the slides borrowed from

Trusted Execution Environments Chester Rebeiro IIT Madras Some of the slides borrowed from Intel; CDACH; ARM 1 Previously in SSE We looked at techniques to run an untrusted code safely System Run Program Here If misbehaves Kill it

976 views • 50 slides
Game Over: Quantifying and Simulating Unsustainable Fiscal Policy Richard W. Evans Laurence J.

Game Over: Quantifying and Simulating Unsustainable Fiscal Policy Richard W. Evans Laurence J.

Intro Model with shut down Tax regime switch: 80% Tax regime switch: 30% Conclusion Game Over: Quantifying and Simulating Unsustainable Fiscal Policy Richard W. Evans Laurence J. Kotlikoff Kerk L. Phillips December 2011 Evans, Kotlikoff,

545 views • 30 slides
Implementing the three-particle quantization condition: a progress report Steve Sharpe

Implementing the three-particle quantization condition: a progress report Steve Sharpe

Implementing the three-particle quantization condition: a progress report Steve Sharpe University of Washington S. Sharpe, ``Progress on implementing the three-particle quantization condition, FLQCD19, YITP , 4/25/2019 / 61 1 3-

1.11k views • 82 slides
The meeting begins at 19:00 PM Wednesday July 8 th 2015 A Review of Various Risk Measures

The meeting begins at 19:00 PM Wednesday July 8 th 2015 A Review of Various Risk Measures

1 The meeting begins at 19:00 PM Wednesday July 8 th 2015 A Review of Various Risk Measures Norman Booth Dont Put Coal in Your Rocket Engine Scott Juds 2 Wednesday July 8 th 2015 But First A Short Review of

439 views • 43 slides

More recommend