who watches the watchmen utilizing performance monitors
play

Who watches the watchmen?: Utilizing Performance Monitors for - PowerPoint PPT Presentation

Feb 26, 2023 •116 likes •637 views

Who watches the watchmen?: Utilizing Performance Monitors for Compromising keys of RSA on Intel Platforms Sarani Bhattacharya and Debdeep Mukhopadhyay Indian Institute of Technology Kharagpur CHES 2015 September 15, 2015 CHES 2015 Sarani

  1. Who watches the watchmen?: Utilizing Performance Monitors for Compromising keys of RSA on Intel Platforms Sarani Bhattacharya and Debdeep Mukhopadhyay Indian Institute of Technology Kharagpur CHES 2015 September 15, 2015 CHES 2015 Sarani Bhattacharya Who watches the watchmen? 1 / 34

  2. Overview of the talk Introduction Motivation of the problem Exponentiation primitives for Public key cryptography Modelling branch misses as side-channel Formally modeling success probability Experimental validation Conclusion CHES 2015 Sarani Bhattacharya Who watches the watchmen? 2 / 34

  3. Introduction Hardware performance counters (HPCs) are a set of special-purpose registers to store the counts of hardware-related activities within the microprocessor. CHES 2015 Sarani Bhattacharya Who watches the watchmen? 3 / 34

  4. Introduction Hardware performance counters (HPCs) are a set of special-purpose registers to store the counts of hardware-related activities within the microprocessor. Hence HPCs can be utilized for both attacks and their countermeasures. CHES 2015 Sarani Bhattacharya Who watches the watchmen? 3 / 34

  5. Introduction Hardware performance counters (HPCs) are a set of special-purpose registers to store the counts of hardware-related activities within the microprocessor. Hence HPCs can be utilized for both attacks and their countermeasures. Asymmetric-key cryptographic algorithms when implemented on systems with branch predictors, are subjected to side-channel attacks exploiting the deterministic branch predictor behaviour due to their key-dependent input sequences. CHES 2015 Sarani Bhattacharya Who watches the watchmen? 3 / 34

  6. Objective of the work This work shows that HPCs, which are used as performance monitors (watchmen) in modern computer systems can be utilized to retrieve the secret keys by reasonably modelled adversaries. CHES 2015 Sarani Bhattacharya Who watches the watchmen? 4 / 34

  7. Objective of the work This work shows that HPCs, which are used as performance monitors (watchmen) in modern computer systems can be utilized to retrieve the secret keys by reasonably modelled adversaries. The attack exploits the characteristics of branch predictor and shows formally that the leakage of the key increases with the ability of the attacker to model the predictor more accurately. CHES 2015 Sarani Bhattacharya Who watches the watchmen? 4 / 34

  8. Objective of the work This work shows that HPCs, which are used as performance monitors (watchmen) in modern computer systems can be utilized to retrieve the secret keys by reasonably modelled adversaries. The attack exploits the characteristics of branch predictor and shows formally that the leakage of the key increases with the ability of the attacker to model the predictor more accurately. We claim that branch misses from HPCs are indeed more significant side-channels compared to timing. CHES 2015 Sarani Bhattacharya Who watches the watchmen? 4 / 34

  9. Why should we consider HPCs for security analysis? Results from HPCs are treated as an accurate representations of events occurring in hardware [1], [2]. CHES 2015 Sarani Bhattacharya Who watches the watchmen? 5 / 34

  10. Why should we consider HPCs for security analysis? Results from HPCs are treated as an accurate representations of events occurring in hardware [1], [2]. This occurs when the overhead introduced by performance counter interfaces does not dominate the event counts. CHES 2015 Sarani Bhattacharya Who watches the watchmen? 5 / 34

  11. Why should we consider HPCs for security analysis? Results from HPCs are treated as an accurate representations of events occurring in hardware [1], [2]. This occurs when the overhead introduced by performance counter interfaces does not dominate the event counts. The accuracy depends upon the interface used, the application and the event being measured [1]. CHES 2015 Sarani Bhattacharya Who watches the watchmen? 5 / 34

  12. Exploiting Hardware Performance Counters HPC L1 and L2 D-cache miss counters have been exploited as side-channels in [3] for performing timing based cache attacks on symmetric-key algorithms, like AES. CHES 2015 Sarani Bhattacharya Who watches the watchmen? 6 / 34

  13. Exploiting Hardware Performance Counters HPC L1 and L2 D-cache miss counters have been exploited as side-channels in [3] for performing timing based cache attacks on symmetric-key algorithms, like AES. On the other hand, in [4] data from performance counters are used to develop a malware detector in hardware using machine learning techniques. CHES 2015 Sarani Bhattacharya Who watches the watchmen? 6 / 34

  14. Exploiting Hardware Performance Counters HPC L1 and L2 D-cache miss counters have been exploited as side-channels in [3] for performing timing based cache attacks on symmetric-key algorithms, like AES. On the other hand, in [4] data from performance counters are used to develop a malware detector in hardware using machine learning techniques. While in [5], a new Virtual Machine Monitor (VMM) named NumChecker is proposed, which exploits HPCs to detect kernel root- kits in a guest Virtual Machine. CHES 2015 Sarani Bhattacharya Who watches the watchmen? 6 / 34

  15. Performance Monitoring over the years In [6], profiling HPCs are referred to be accessible in high-privilege modes. But since the advent of Linux-Perf for userspace Program Analysis [7], [8] this highly accurate performance monitoring information are available to Linux users from supercomputers to embedded systems. CHES 2015 Sarani Bhattacharya Who watches the watchmen? 7 / 34

  16. Performance Monitoring over the years In [6], profiling HPCs are referred to be accessible in high-privilege modes. But since the advent of Linux-Perf for userspace Program Analysis [7], [8] this highly accurate performance monitoring information are available to Linux users from supercomputers to embedded systems. Oprofile- a system-wide sampling profiler by Levon which was included into Linux 2.5.43 in 2002. CHES 2015 Sarani Bhattacharya Who watches the watchmen? 7 / 34

  17. Performance Monitoring over the years In [6], profiling HPCs are referred to be accessible in high-privilege modes. But since the advent of Linux-Perf for userspace Program Analysis [7], [8] this highly accurate performance monitoring information are available to Linux users from supercomputers to embedded systems. Oprofile- a system-wide sampling profiler by Levon which was included into Linux 2.5.43 in 2002. PAPI implementation for Linux uses the perfctr Linux patch an event-monitoring device driver to enable access to the counters. CHES 2015 Sarani Bhattacharya Who watches the watchmen? 7 / 34

  18. Performance Monitoring over the years In [6], profiling HPCs are referred to be accessible in high-privilege modes. But since the advent of Linux-Perf for userspace Program Analysis [7], [8] this highly accurate performance monitoring information are available to Linux users from supercomputers to embedded systems. Oprofile- a system-wide sampling profiler by Levon which was included into Linux 2.5.43 in 2002. PAPI implementation for Linux uses the perfctr Linux patch an event-monitoring device driver to enable access to the counters. In 2009, event named ‘perf’ subsystem was added to the Linux kernel, and makes user access to performance counters less clumsy, without kernel patches or recompiles [9]. CHES 2015 Sarani Bhattacharya Who watches the watchmen? 7 / 34

  19. Performance Monitoring over the years In [6], profiling HPCs are referred to be accessible in high-privilege modes. But since the advent of Linux-Perf for userspace Program Analysis [7], [8] this highly accurate performance monitoring information are available to Linux users from supercomputers to embedded systems. Oprofile- a system-wide sampling profiler by Levon which was included into Linux 2.5.43 in 2002. PAPI implementation for Linux uses the perfctr Linux patch an event-monitoring device driver to enable access to the counters. In 2009, event named ‘perf’ subsystem was added to the Linux kernel, and makes user access to performance counters less clumsy, without kernel patches or recompiles [9]. Greatest advantage of Perf event [9] is the subsystem has been already included in the Linux kernel 2.6.31 as “Performance Counters for Linux”. CHES 2015 Sarani Bhattacharya Who watches the watchmen? 7 / 34

  20. Public key Cryptography CHES 2015 Sarani Bhattacharya Who watches the watchmen? 8 / 34

  21. Exponentiation and Underlying Multiplication Primitive Inputs( M ) are encrypted and decrypted by performing modular exponentiation with modulus N on public or private keys represented as n bit binary string. Square and Multiply Exponentiation Algorithm 1 : Binary version of Square and Multiply Exponentiation Algorithm S ← M ; for i from 1 to n − 1 do S ← S ∗ S mod N ; if d i = 1 then S ← S ∗ M mod N ; end end return S ; Conditional execution of instruction and their dependence on secret exponent is exploited by the simple power and timing side-channels [10]. CHES 2015 Sarani Bhattacharya Who watches the watchmen? 9 / 34

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

WHO WATCHES THE WATCHMEN? Protecting Operating System Reliability Mechanisms Bj orn D

WHO WATCHES THE WATCHMEN? Protecting Operating System Reliability Mechanisms Bj orn D

WHO WATCHES THE WATCHMEN? Protecting Operating System Reliability Mechanisms Bj orn D obel, Hermann H artig Hollywood, 10/07/2012 Splitting Systems Bank App DOpE VPFS Linux L4/Fiasco.OC Microkernel D obel, H artig,

420 views • 17 slides
Utilizing Performance Unit Tests To Increase Performance Awareness Vojtch Hork, Peter Libi,

Utilizing Performance Unit Tests To Increase Performance Awareness Vojtch Hork, Peter Libi,

Utilizing Performance Unit Tests To Increase Performance Awareness Vojtch Hork, Peter Libi, Luk Marek, Antonn Steinhauser and Petr Tma February 4, 2015 Charles University in Prague Motivation: Choosing a Plotting Library We need

618 views • 44 slides
Mike Arsenau Jeremy Llorence Watchmen . Day Two Discussion Discussion Questions and Answers: 1.

Mike Arsenau Jeremy Llorence Watchmen . Day Two Discussion Discussion Questions and Answers: 1.

Mike Arsenau Jeremy Llorence Watchmen . Day Two Discussion Discussion Questions and Answers: 1. Why does Moore see piracy as a better comic for the embedded narrative compared to other comics? What connections can we draw with Tales of the

176 views • 3 slides
Monitors & Condition Synchronisation controller DM519 Concurrent Programming 1 Monitors

Monitors & Condition Synchronisation controller DM519 Concurrent Programming 1 Monitors

Chapter 5 Monitors & Condition Synchronisation controller DM519 Concurrent Programming 1 Monitors & Condition Synchronisation Concepts : monitors (and controllers): encapsulated data + access procedures + mutual exclusion + condition

1.02k views • 45 slides
Outline Utilizing Diversity and Performance Introduction Measures for Ensemble Creation

Outline Utilizing Diversity and Performance Introduction Measures for Ensemble Creation

2009-03-24 Outline Utilizing Diversity and Performance Introduction Measures for Ensemble Creation Data Mining Predictive Modelling Ensembles Diversity Information Fusion Problem Statement Research and

654 views • 7 slides
Running and Utilizing the HUD Annual Performance Report (APR) How to Read and Utilize the Report

Running and Utilizing the HUD Annual Performance Report (APR) How to Read and Utilize the Report

Running and Utilizing the HUD Annual Performance Report (APR) How to Read and Utilize the Report Results in Order to Troubleshoot HMIS Data Quality for your Programs July 17 th , 2019 | 1:00 pm Agenda Goals of todays webinar Webinar

189 views • 16 slides
Adaptive Optimization using Hardware Performance Monitors Master Thesis by Mathias Payer

Adaptive Optimization using Hardware Performance Monitors Master Thesis by Mathias Payer

Adaptive Optimization using Hardware Performance Monitors Master Thesis by Mathias Payer Supervising Professor: Thomas Gross Supervising Assistant: Florian Schneider 1/21 Adaptive Optimization using HPM 1. Summary Tasks: - Interface for

428 views • 20 slides
Health & Wellness Alexis, Caroline, Ross, Jessica We met Kathy. Watches calories An avid

Health & Wellness Alexis, Caroline, Ross, Jessica We met Kathy. Watches calories An avid

INTERVIEWS and NEEDFINDING Health & Wellness Alexis, Caroline, Ross, Jessica We met Kathy. Watches calories An avid walker Faith cleans ones soul Group chat with family members (has 10 kids) We met Kathy. Watches calories An avid

492 views • 23 slides
Real Real- -Time Systems Time Systems Monitors Monitors Monitors: (Burns & Wellings,

Real Real- -Time Systems Time Systems Monitors Monitors Monitors: (Burns & Wellings,

EDA222/DIT160 Real-Time Systems, Chalmers/GU, 2008/2009 Lecture #7 Updated 2009-02-03 Real Real- -Time Systems Time Systems Monitors Monitors Monitors: (Burns & Wellings, Chapter 8.6) Monitors: (Burns & Wellings, Chapter 8.6)

290 views • 6 slides
An Efficient Performance Improvement Method Utilizing Specialized Functional Units in Behavioral

An Efficient Performance Improvement Method Utilizing Specialized Functional Units in Behavioral

An Efficient Performance Improvement Method Utilizing Specialized Functional Units in Behavioral Synthesis Tsuyoshi Sadakata, and Yusuke Matsunaga Kyusyu University, Japan Motivation Specialized Functional Units (SFUs) (e.g. Multiply-Acc

277 views • 10 slides
Utilizing the Latest Features of Intel's Performance Monitoring Unit Scalable Tools Workshop 2019

Utilizing the Latest Features of Intel's Performance Monitoring Unit Scalable Tools Workshop 2019

Utilizing the Latest Features of Intel's Performance Monitoring Unit Scalable Tools Workshop 2019 Michael Chynoweth Intel Fellow Contributors: Patrick Konsor, Sneha Gohad, Joe Olivas, Vishnu Naikawadi, Andi Kleen, Ahmad Yasin Agenda

420 views • 15 slides
Summer by the Sea Now for Cafe Curiosity Monitors: you have Chat about what you see 20 In a

Summer by the Sea Now for Cafe Curiosity Monitors: you have Chat about what you see 20 In a

Monitors: you have 5 mins INTRODUCTIONS Please take it in turns to introduce yourselves to each other. Choose a name for your team on the theme of Summer by the Sea Now for Cafe Curiosity Monitors: you have Chat about what you see 20

680 views • 11 slides
COMP31212: Concurrency Topics 4.1: Concurrency Patterns - Monitors Topic 4.1: Concurrency

COMP31212: Concurrency Topics 4.1: Concurrency Patterns - Monitors Topic 4.1: Concurrency

Topic 4.1: Concurrency Patterns: Monitors COMP31212: Concurrency Topics 4.1: Concurrency Patterns - Monitors Topic 4.1: Concurrency Patterns: Monitors Outline Topic 4.1: Concurrency Patterns: Monitors Monitors FSP Models-to-Java Monitors

672 views • 24 slides
Primary Proton Beam Profile Monitors -Segmented Secondary Emission Monitor- Outline Introduction

Primary Proton Beam Profile Monitors -Segmented Secondary Emission Monitor- Outline Introduction

Primary Proton Beam Profile Monitors -Segmented Secondary Emission Monitor- Outline Introduction Beam test at the KEK-PS Neutrino Beamline Summary Introduction Desired Performance of profile monitors at the J-PARC Neutrino beamline High

256 views • 13 slides
The Product When we started The 5TH, we only sold our minimal, unisex watches on the 5th of the

The Product When we started The 5TH, we only sold our minimal, unisex watches on the 5th of the

The Product When we started The 5TH, we only sold our minimal, unisex watches on the 5th of the month for 5 days. This meant that the rest of the month was spent generating and nurturing leads. While the direct-to-consumer watch space extremely

304 views • 29 slides
Lecture 4: Monitors Introduction (Operations & Signalling Mechanisms); The

Lecture 4: Monitors Introduction (Operations & Signalling Mechanisms); The

Lecture 4: Monitors Introduction (Operations & Signalling Mechanisms); The Readers-Writers Problem SR; Emulating Semaphores with Monitors & Vice Versa The Dining Philosophers problem in SR; The Sleeping Barber Problem;

494 views • 28 slides
22 nd International Systems and Software Product Line Conference Sep. 10-14, 2018 sponsors

22 nd International Systems and Software Product Line Conference Sep. 10-14, 2018 sponsors

Thorsten Berger Paulo Borba Associate Professor Professor Chalmers | University of Gothenburg Universidade Federal de Pernambuco Gothenburg, Sweden Recife, Brazil http://www.cse.chalmers.se/~bergert http://www.cin.ufpe.br/~phmb 22 nd

354 views • 21 slides
Simultaneous and sequential detection of multiple interacting change points Long Nguyen

Simultaneous and sequential detection of multiple interacting change points Long Nguyen

Simultaneous and sequential detection of multiple interacting change points Long Nguyen Department of Statistics University of Michigan Joint work with Ram Rajagopal (Stanford University) 1 Introduction Statistical inference in the

786 views • 39 slides
Designing and Developing Person-Based and Topic-Based Person-Based and Topic-Based Data

Designing and Developing Person-Based and Topic-Based Person-Based and Topic-Based Data

Designing and Developing Person-Based and Topic-Based Person-Based and Topic-Based Data Collection Instruments Emily A. Johnson Thomas C Melaney Thomas C. Melaney US Census Bureau, USA Summary The American Community Survey (ACS) tests

202 views • 16 slides
Trojans Modifying Soft-Processor Instruction Sequences Embedded in FPGA Bitstreams Ismail

Trojans Modifying Soft-Processor Instruction Sequences Embedded in FPGA Bitstreams Ismail

Trojans Modifying Soft-Processor Instruction Sequences Embedded in FPGA Bitstreams Ismail San, Nicole Fern, C etin Kaya Ko c and Kwang-Ting (Tim) Cheng University of California Santa Barbara Anadolu University FPL 2016 August 31,

72 views • 6 slides
Motivating Scenario I Card-based Cryptographic Protocols Using a Minimal Number of Cards

Motivating Scenario I Card-based Cryptographic Protocols Using a Minimal Number of Cards

Motivating Scenario I Card-based Cryptographic Protocols Using a Minimal Number of Cards Alexander Koch, Stefan Walzer, Kevin Hrtel [asiacrypt/KochWH15] DEPARTMENT OF INFORMATICS, INSTITUTE OF THEORETICAL INFORMATICS 1 2015-12-03 Koch,

780 views • 59 slides
Market connectedness: spillovers, information flow, and relative market entropy Ko c

Market connectedness: spillovers, information flow, and relative market entropy Ko c

Introduction Measuring spillovers using fevds Shock propagation Speed of shock digestion Empirical findings Conclusions Market connectedness: spillovers, information flow, and relative market entropy Ko c University, March 26, 2014

459 views • 28 slides
Refinement Proofs and Techniques Suha Orhun Mutluergil Koc University, Istanbul, Turkey

Refinement Proofs and Techniques Suha Orhun Mutluergil Koc University, Istanbul, Turkey

Refinement Proofs and Techniques Suha Orhun Mutluergil Koc University, Istanbul, Turkey Refinement In general: A concrete and complex system 1 refines the abstract system 2 iff 2 completely captures the behaviors of 1 .

453 views • 23 slides
Mathematical Background Chester Rebeiro February 15, 2017 Modular Arithmetic Division Theorem

Mathematical Background Chester Rebeiro February 15, 2017 Modular Arithmetic Division Theorem

Mathematical Background Chester Rebeiro February 15, 2017 Modular Arithmetic Division Theorem Let n be a positive integer Let a be any integer a / n leaves a quotient q and remainder r such that a = qn + r 0 r < n ; q = a

920 views • 66 slides

More recommend