a case for protecting computer games with sgx
play

A Case for Protecting Computer Games With SGX Erick Bauman and - PowerPoint PPT Presentation

Background Overview Detailed Design Case Study Conclusion A Case for Protecting Computer Games With SGX Erick Bauman and Zhiqiang Lin System and Software Security (S 3 ) Lab The University of Texas at Dallas December 12 th , 2016 Background


  1. Background Overview Detailed Design Case Study Conclusion A Case for Protecting Computer Games With SGX Erick Bauman and Zhiqiang Lin System and Software Security (S 3 ) Lab The University of Texas at Dallas December 12 th , 2016

  2. Background Overview Detailed Design Case Study Conclusion Outline Background 1 Overview 2 3 Detailed Design Case Study 4 Conclusion 5

  3. Outline Background 1 Overview 2 Detailed Design 3 Case Study 4 Conclusion 5

  4. Background Overview Detailed Design Case Study Conclusion Computer Games Large industry, market value of tens of billions Popular games have millions of players

  5. Background Overview Detailed Design Case Study Conclusion Cheat Prevention Cheating in multiplayer games serious concern for developers Small percentage of players can ruin experience for majority

  6. Background Overview Detailed Design Case Study Conclusion Cheat Prevention A million-dollar industry Difficult to defend against Cannot trust client machines Server-side integrity checks often have high overhead

  7. Background Overview Detailed Design Case Study Conclusion DRM Easy data duplication makes sharing applications trivial Many companies have strong interests in copy protection Piracy often costs billions in lost sales

  8. Background Overview Detailed Design Case Study Conclusion DRM: preventing circumvention of protection is hard Usually requires a trusted component on user’s machine Trusted component is protected by complex obfuscation, often quickly reverse-engineered Secrets are often too easily extracted without a way to truly secure them

  9. Background Overview Detailed Design Case Study Conclusion Background

  10. Background Overview Detailed Design Case Study Conclusion Intel SGX SGX’s secure enclaves provide strong guarantees to protect applications Isolated execution environment Contents unreadable by machine owner Protection enforced by hardware

  11. Background Overview Detailed Design Case Study Conclusion Why Intel SGX Operating Systems Hardware

  12. Background Overview Detailed Design Case Study Conclusion Why Intel SGX Operating Systems Hardware

  13. Background Overview Detailed Design Case Study Conclusion Why Intel SGX Operating Systems Hardware

  14. Background Overview Detailed Design Case Study Conclusion Why Intel SGX Operating Systems Hardware

  15. Background Overview Detailed Design Case Study Conclusion Why Intel SGX Operating Systems Hardware

  16. Background Overview Detailed Design Case Study Conclusion Why Intel SGX Operating Systems Hardware

  17. Background Overview Detailed Design Case Study Conclusion Why Intel SGX Operating Systems Linux Kernel Virtualization Hardware

  18. Background Overview Detailed Design Case Study Conclusion Why Intel SGX Operating Systems Linux Kernel Virtualization Hardware

  19. Background Overview Detailed Design Case Study Conclusion Why Intel SGX Operating Systems Linux Kernel Virtualization Hardware

  20. Background Overview Detailed Design Case Study Conclusion Why Intel SGX Operating Systems Linux Kernel Virtualization Hardware

  21. Background Overview Detailed Design Case Study Conclusion Why Intel SGX Operating Systems Linux Kernel Virtualization Hardware SGX

  22. Background Overview Detailed Design Case Study Conclusion Why Intel SGX Operating Systems Virtualization Hardware SGX

  23. Background Overview Detailed Design Case Study Conclusion Why Intel SGX Operating Systems Virtualization Hardware SGX

  24. Background Overview Detailed Design Case Study Conclusion Key SGX Features of Interest

  25. Outline Background 1 Overview 2 Detailed Design 3 Case Study 4 Conclusion 5

  26. Background Overview Detailed Design Case Study Conclusion Scope and Assumptions Scope: Computer Games Multiplayer games for cheat prevention Single and multiplayer games for DRM

  27. Background Overview Detailed Design Case Study Conclusion Scope and Assumptions Scope: Computer Games Multiplayer games for cheat prevention Single and multiplayer games for DRM Assumptions and Threat Model An attacker may have full control over all software except for trusted enclaves Attacker may access all memory, but not the processor We assume SGX itself is secure

  28. Background Overview Detailed Design Case Study Conclusion Protection Model Integrity: Crucial for Cheat Prevention Data Integrity Code Integrity Prevent disallowed Prevent modifications to data modifications to crucial code, e.g. Protect code that does modify data validation code Provide limited interface Move necessary for modifying data code to enclave

  29. Background Overview Detailed Design Case Study Conclusion Protection Model Confidentiality: Crucial for DRM Code Confidentiality Data Confidentiality More challenging than Any data decrypted inside code integrity enclave remains hidden Enclave code can be If data must be shown to read before enclave is user, it may potentially be instantiated extracted from memory without secure I/O Code must be dynamically decrypted in If code that touches data enclave at runtime can reside entirely inside enclave, data can remain Can result in complete hidden black box for user

  30. Background Overview Detailed Design Case Study Conclusion Protection Model Examples Integrity Confidentiality Data Game State: Media Content: Score, lives, orientation, map sounds, textures inventory items 3D models player position configuration data Code Integrity Checks: Game Logic: Velocity Checks Algorithms Collision Detection Scripts

  31. Background Overview Detailed Design Case Study Conclusion Desired Properties for Protected Content Isolated Enclaves prohibit certain instructions, e.g. system calls Enclave code must be isolated from the application code Data sent across enclave boundary must be copied Presents a challenge to port existing applications to SGX!

  32. Background Overview Detailed Design Case Study Conclusion Desired Properties for Protected Content Isolated Enclaves prohibit certain instructions, e.g. system calls Enclave code must be isolated from the application code Data sent across enclave boundary must be copied Presents a challenge to port existing applications to SGX! Crucial Enclaves have a limited amount of memory available An enclave too large for EPC will hurt performance The larger the code in enclave, the greater the risk of vulnerability or side channel

  33. Outline Background 1 Overview 2 Detailed Design 3 Case Study 4 Conclusion 5

  34. Background Overview Detailed Design Case Study Conclusion Protecting Integrity Key Ideas Multiplayer games must have one or more game servers Server-side integrity checks may be expensive SGX allows a single, one-time check of enclave integrity After attestation, all signed or encrypted messages from the enclave can be trusted without further checks Code and data inside enclave can therefore be trusted

  35. Background Overview Detailed Design Case Study Conclusion Protecting Integrity User Platform Application Authentication Server Enclave Game Server

  36. Background Overview Detailed Design Case Study Conclusion Protecting Integrity User Platform Application Authentication 1 Server Enclave Game Server

  37. Background Overview Detailed Design Case Study Conclusion Protecting Integrity User Platform Application Authentication 1 Server Enclave 2 Game Server

  38. Background Overview Detailed Design Case Study Conclusion Protecting Integrity User Platform Application Authentication 1 Server Enclave 2 3 Game Server

  39. Background Overview Detailed Design Case Study Conclusion Protecting Integrity User Platform Application Authentication 1 Server Enclave 2 3 4 Game Server

  40. Background Overview Detailed Design Case Study Conclusion Protecting Integrity: Recap User Platform Application Authentication 1 Server Enclave 2 3 4 Game Server Detailed Steps Start Remote Attestation 1 Verify Enclave 2 Share Credentials 3 Enclave Communicates with Game Server 4

  41. Background Overview Detailed Design Case Study Conclusion Protecting Confidentiality Key Ideas Content can be protected by encryption All data decrypted inside enclave is secure Key to decrypt content can be withheld until proof of purchase is given Authentication server gives decryption key only after successful attestation and license key is given After initial license check, enclave can seal key to allow resource decryption without contacting server

  42. Background Overview Detailed Design Case Study Conclusion Protecting Confidentiality User Platform Application User Interface Enclave Authentication Encrypted Server Resources File Encrypted Systems Sealed key Resource Files

  43. Background Overview Detailed Design Case Study Conclusion Protecting Confidentiality User Platform Application User Interface 1 Enclave Authentication Encrypted Server Resources File Encrypted Systems Sealed key Resource Files

  44. Background Overview Detailed Design Case Study Conclusion Protecting Confidentiality User Platform Application User Interface 1 Enclave 2 Authentication Encrypted Server Resources File Encrypted Systems Sealed key Resource Files

Recommend


More recommend