copycat controlled
play

CopyCat: Controlled Instruction-Level Attacks on Enclaves Daniel - PowerPoint PPT Presentation

Jan 21, 2023 •438 likes •1.13k views

CopyCat: Controlled Instruction-Level Attacks on Enclaves Daniel Moghimi Jo Van Bulck Nadia Heninger Frank Piessens Berk Sunar Intel Labs Sept. 10 2020 OS/Hypervisor Security Model App App App OS Trusted Hypervisor

  1. CopyCat: Controlled Instruction-Level Attacks on Enclaves • Daniel Moghimi • Jo Van Bulck • Nadia Heninger • Frank Piessens • Berk Sunar Intel Labs – Sept. 10 2020

  2. OS/Hypervisor Security Model App App App OS Trusted Hypervisor Hardware Traditional Security Model 2

  3. Trusted Execution Environment (TEE) – Intel SGX • Intel Software Guard eXtensions (SGX) App App App App App App OS OS Trusted Hypervisor Hypervisor Hardware Hardware Traditional Security Model Traditional Security Model 3

  4. Trusted Execution Environment (TEE) – Intel SGX • Intel Software Guard eXtensions (SGX) • Enclave: Hardware protected user-level software module • Mapped by the Operating System • Loaded by the user program • Authenticated and Encrypted by CPU App App App OS Hypervisor Hardware Traditional Security Model 4

  5. Trusted Execution Environment (TEE) – Intel SGX • Intel Software Guard eXtensions (SGX) • Enclave: Hardware protected user-level software module • Mapped by the Operating System • Loaded by the user program • Authenticated and Encrypted by CPU App App App App • Protects against system OS level adversary blocked Hypervisor blocked New Attacker Model: Hardware Hardware Attacker gets full control over OS Traditional Security Model 5

  6. Intel SGX Attack Taxonomy • Intel’s Responsibility SGX Attacks • Microcode Patches / Hardware mitigation • TCB Recovery Intel’s • Old Keys are Revoked Responsibility • Remote attestation succeeds only with mitigation. • Hyperthreading is out Foreshadow [1] • Remote Attestation Warning Plundervolt [2] [1] Van Bulck et al. "Foreshadow: Extracting the keys to the intel SGX kingdom with transient out-of-order execution." USENIX Security 2018. [2] Murdock et al. "Plundervolt: Software-based fault injection attacks against Intel SGX." IEEE S&P 2020. 6

  7. Intel SGX Attack Taxonomy • Intel’s Responsibility SGX Attacks • Microcode Patches / Hardware mitigation • TCB Recovery Intel’s Software Dev • Old Keys are Revoked Responsibility Responsibility • Remote attestation succeeds only with mitigation. • Hyperthreading is out Foreshadow [1] • Remote Attestation Warning Plundervolt [2] [1] Van Bulck et al. "Foreshadow: Extracting the keys to the intel SGX kingdom with transient out-of-order execution." USENIX Security 2018. [2] Murdock et al. "Plundervolt: Software-based fault injection attacks against Intel SGX." IEEE S&P 2020. 7

  8. Intel SGX Attack Taxonomy • Intel’s Responsibility SGX Attacks • Microcode Patches / Hardware mitigation • TCB Recovery Intel’s Software Dev • Old Keys are Revoked Responsibility Responsibility • Remote attestation succeeds only with mitigation. • Hyperthreading is out Foreshadow [1] µarch Side • Remote Attestation Warning Channel Plundervolt [2] • µarch Side Channel Cache [3][4][5] • Constant-time Coding Branch Predictors • Flushing and Isolating buffers [6][7] • Probabilistic Interrupt Latency [8] [1] Van Bulck et al. "Foreshadow: Extracting the keys to the intel SGX kingdom with transient out-of-order execution." USENIX Security 2018. [6] Evtyushkin, Dmitry, et al. "Branchscope: A new side-channel attack on directional branch predictor." ACM SIGPLAN 2018. [2] Murdock et al. "Plundervolt: Software-based fault injection attacks against Intel SGX." IEEE S&P 2020. [7] Lee, Sangho, et al. "Inferring fine-grained control flow inside {SGX} enclaves with branch shadowing." USENIX Security 2017. [3] Moghimi et al. "Cachezoom: How SGX amplifies the power of cache attacks." CHES 2017. [8] Van Bulck et al. "Nemesis: Studying microarchitectural timing leaks in rudimentary CPU interrupt logic." ACM CCS 2018. 8 [4] Brasser et al. "Software grand exposure:{SGX} cache attacks are practical." USENIX WOOT 2017. [5] Schwarz et al. "Malware guard extension: Using SGX to conceal cache attacks." DIMVA 2017.

  9. Intel SGX Attack Taxonomy • Intel’s Responsibility SGX Attacks • Microcode Patches / Hardware mitigation • TCB Recovery Intel’s Software Dev • Old Keys are Revoked Responsibility Responsibility • Remote attestation succeeds only with mitigation. • Hyperthreading is out Foreshadow [1] Deterministic µarch Side • Remote Attestation Warning Channel – Ctrl Channel Plundervolt [2] • µarch Side Channel Cache [3][4][5] Page Fault [9] • Constant-time Coding Branch Predictors A/D Bit [10] • Flushing and Isolating buffers [6][7] • Probabilistic Interrupt Latency [8] • Deterministic Attacks • Page Fault, A/D Bit, etc. (4kB Granularity) [1] Van Bulck et al. "Foreshadow: Extracting the keys to the intel SGX kingdom with transient out-of-order execution." USENIX Security 2018. [6] Evtyushkin, Dmitry, et al. "Branchscope: A new side-channel attack on directional branch predictor." ACM SIGPLAN 2018. [2] Murdock et al. "Plundervolt: Software-based fault injection attacks against Intel SGX." IEEE S&P 2020. [7] Lee, Sangho, et al. "Inferring fine-grained control flow inside {SGX} enclaves with branch shadowing." USENIX Security 2017. [3] Moghimi et al. "Cachezoom: How SGX amplifies the power of cache attacks." CHES 2017. [8] Van Bulck et al. "Nemesis: Studying microarchitectural timing leaks in rudimentary CPU interrupt logic." ACM CCS 2018. 9 [4] Brasser et al. "Software grand exposure:{SGX} cache attacks are practical." USENIX WOOT 2017. [9] Xu et al. "Controlled-channel attacks: Deterministic side channels for untrusted operating systems." IEEE S&P 2015. [5] Schwarz et al. "Malware guard extension: Using SGX to conceal cache attacks." DIMVA 2017. [10] Wang, Wenhao, et al. "Leaky cauldron on the dark land: Understanding memory side-channel hazards in SGX." ACM CCS 2017.

  10. CopyCat Attack 10

  11. CopyCat Attack • Malicious OS controls the interrupt handler NOP ADD XOR MUL DIV ADD MUL NOP NOP Enclave Time Execution Thread Starts 11

  12. CopyCat Attack • Malicious OS controls the interrupt handler IRQ Range NOP ADD XOR MUL DIV ADD MUL NOP NOP 𝑢 2 𝑢 1 Time 12

  13. CopyCat Attack • Malicious OS controls the interrupt handler IRQ Range 3 4 NOP ADD XOR MUL DIV ADD MUL NOP NOP 𝑢 2 𝑢 1 Time 13

  14. CopyCat Attack • Malicious OS controls the interrupt handler • A threshold to execute 1 or 0 instructions IRQ Range 0 1 NOP ADD XOR MUL DIV ADD MUL NOP NOP 𝑢 2 𝑢 1 Time 14

  15. CopyCat Attack • Malicious OS controls the interrupt handler • A threshold to execute 1 or 0 instructions IRQ Range 0 NOP ADD XOR MUL DIV ADD MUL NOP NOP 𝑢 2 𝑢 1 Time 15

  16. CopyCat Attack • Malicious OS controls the interrupt handler • A threshold to execute 1 or 0 instructions IRQ Range NOP ADD XOR MUL DIV ADD MUL NOP NOP 𝑢 2 𝑢 1 Time 16

  17. CopyCat Attack • Malicious OS controls the interrupt handler • A threshold to execute 1 or 0 instructions IRQ Range 1 NOP ADD XOR MUL DIV ADD MUL NOP NOP 𝑢 2 𝑢 1 Time 17

  18. CopyCat Attack • Malicious OS controls the interrupt handler • A threshold to execute 1 or 0 instructions IRQ Range 0 1 NOP ADD XOR MUL DIV ADD MUL NOP NOP 𝑢 2 𝑢 1 Time 18

  19. CopyCat Attack • Malicious OS controls the interrupt handler • A threshold to execute 1 or 0 instructions IRQ Range 0 1 NOP ADD XOR MUL DIV ADD MUL NOP NOP 𝑢 2 𝑢 1 Time 19

  20. CopyCat Attack • Malicious OS controls the interrupt handler • A threshold to execute 1 or 0 instructions IRQ Range 0 1 NOP ADD XOR MUL DIV ADD MUL NOP NOP 𝑢 2 𝑢 1 Time 20

  21. CopyCat Attack • Malicious OS controls the interrupt handler • A threshold to execute 1 or 0 instructions I got 15 IRQs. How many zeros? 21

Recommend

CopyCat: Controlled Instruction-Level Attacks on Enclaves Daniel Moghimi Jo Van Bulck

CopyCat: Controlled Instruction-Level Attacks on Enclaves Daniel Moghimi Jo Van Bulck

CopyCat: Controlled Instruction-Level Attacks on Enclaves Daniel Moghimi Jo Van Bulck Nadia Heninger Frank Piessens Berk Sunar Trusted Execution Environment (TEE) Intel SGX Intel Software Guard eXtensions (SGX) App

894 views • 42 slides
Count Controlled CSCI-UA.0002-008 Loops Count Controlled Loops A count controlled loop is a

Count Controlled CSCI-UA.0002-008 Loops Count Controlled Loops A count controlled loop is a

Introduction to Computer Programming Count Controlled CSCI-UA.0002-008 Loops Count Controlled Loops A count controlled loop is a repetition structure that iterates a specific number of times In contrast, a condition controlled loop iterates a

560 views • 39 slides
controlled with metformin over 28 days: a randomized, double-blind, placebo-controlled study.

controlled with metformin over 28 days: a randomized, double-blind, placebo-controlled study.

Efficacy and safety of ORMD-0801(Insulin Capsules) in patients with type 2 diabetes mellitus inadequately controlled with metformin over 28 days: a randomized, double-blind, placebo-controlled study. (ORA-D-007) Roy Eldor 1 , Joel Neutel 2 , Ken

241 views • 22 slides
GPS- -Controlled Hazardous Controlled Hazardous- - GPS Material Valve Material Valve

GPS- -Controlled Hazardous Controlled Hazardous- - GPS Material Valve Material Valve

GPS- -Controlled Hazardous Controlled Hazardous- - GPS Material Valve Material Valve Oklahoma State University BAE 4012 & 4001 Dr. Weckler & Dr. Brown Sponsor: Joe Hamilton, UniBridge Scale Systems Our Problem Our Problem

507 views • 25 slides
Controlled Exercise Strategies Controlled exercise is the basis of preparation for athletic

Controlled Exercise Strategies Controlled exercise is the basis of preparation for athletic

Controlled Exercise Strategies Controlled exercise is the basis of preparation for athletic competition and for rehabilitation. The incidence of athletic injury is directly related to fatigue. Fatigue can only be prevented (delayed) with

414 views • 5 slides
Kings Service Centre Information Classification: CONTROLLED Our Champions Information

Kings Service Centre Information Classification: CONTROLLED Our Champions Information

Information Classification: CONTROLLED Kings Service Centre Information Classification: CONTROLLED Our Champions Information Classification: CONTROLLED Our Key Successes Awareness sessions Free fruit Mental Health First Aider

83 views • 4 slides
Is it necessary to perform a controlled Is it necessary to perform a controlled cooling phase at

Is it necessary to perform a controlled Is it necessary to perform a controlled cooling phase at

Is it necessary to perform a controlled Is it necessary to perform a controlled cooling phase at the end of a conventional kiln drying process? y g p Knut Magnar Sandland Knut Magnar Sandland Ylva Steiner Henning Horn Henning Horn Norsk

350 views • 20 slides
Screening Controlled Substance Screening Controlled Substance Screening Controlled Substance

Screening Controlled Substance Screening Controlled Substance Screening Controlled Substance

Screening Controlled Substance Screening Controlled Substance Screening Controlled Substance Screening Controlled Substance Prescriptions For Legitimacy: Prescriptions For Legitimacy: The VIGIL System The VIGIL System David B. Brushwood,

1.06k views • 36 slides
C Session # 8 By: Saeed Haratian Fall 2015 Outlines Counter-Controlled Repetition

C Session # 8 By: Saeed Haratian Fall 2015 Outlines Counter-Controlled Repetition

Fundamentals of Programming C Session # 8 By: Saeed Haratian Fall 2015 Outlines Counter-Controlled Repetition Sentinel-Controlled Repetition Top-Down, Stepwise Refinement Counter-Controlled Repetition Consider the following

550 views • 25 slides
MEDICAL SOLUTIONS Controlled Power Company MEDICAL SOLUTIONS Controlled Power Company MEDICAL

MEDICAL SOLUTIONS Controlled Power Company MEDICAL SOLUTIONS Controlled Power Company MEDICAL

MEDICAL SOLUTIONS Controlled Power Company MEDICAL SOLUTIONS Controlled Power Company MEDICAL SOLUTIONS Controlled Power Company MEDICAL SOLUTIONS Controlled Power Company Centralized Emergency Lighting Inverters Controlled Power Company

532 views • 22 slides
Controlled studies and naturalistic driving the best of both worlds? Katja Kircher, Christer

Controlled studies and naturalistic driving the best of both worlds? Katja Kircher, Christer

Controlled studies and naturalistic driving the best of both worlds? Katja Kircher, Christer Ahlstrom, Olle Eriksson, Anna Vadeby & sa Forsman Semi-controlled studies Goal of this presentation: Describe and discuss

414 views • 8 slides
ORA-D-007: Randomized, Double-Blind, Placebo-Controlled Study to Assess the Safety and Efficacy of

ORA-D-007: Randomized, Double-Blind, Placebo-Controlled Study to Assess the Safety and Efficacy of

ORA-D-007: Randomized, Double-Blind, Placebo-Controlled Study to Assess the Safety and Efficacy of Multiple Oral Bedtime Doses of ORMD-0801 (Insulin Capsules) in Adult Patients with Type 2 Diabetes Mellitus who are Inadequately Controlled with

129 views • 10 slides
Overview of Controlled re-entry activities Tiago Soares 26/10/2017 ESA UNCLASSIFIED - For

Overview of Controlled re-entry activities Tiago Soares 26/10/2017 ESA UNCLASSIFIED - For

Overview of Controlled re-entry activities Tiago Soares 26/10/2017 ESA UNCLASSIFIED - For Official Use Outline - Why controlled re-entry? - What does it entail? Technical challenges - Current technology solution - Possible solutions and

236 views • 9 slides
St Erth Multi Modal Hub 4 th November 2019 Information Classification: CONTROLLED Information

St Erth Multi Modal Hub 4 th November 2019 Information Classification: CONTROLLED Information

Information Classification: CONTROLLED St Erth Multi Modal Hub 4 th November 2019 Information Classification: CONTROLLED Information Classification: CONTROLLED Stakeholders High number of external stakeholders throughout design development

167 views • 6 slides
Arduino and Android Controlled Rover Mechatronics I Arnds Magnsdttir & Vir

Arduino and Android Controlled Rover Mechatronics I Arnds Magnsdttir & Vir

Arduino and Android Controlled Rover Mechatronics I Arnds Magnsdttir & Vir Bjarkason 29.11.2012 Introduction The project name is Arduino and Android Controlled Rover Why? Its a rover that is controlled with both Arduino

722 views • 19 slides
MICHAEL GOFF CONTROLLED SUBSTANCE MONITORING PROGRAM ADMINISTRATOR 1 Controlled Substance

MICHAEL GOFF CONTROLLED SUBSTANCE MONITORING PROGRAM ADMINISTRATOR 1 Controlled Substance

WV BOARD OF PHARMACY WV BOARD OF PHARMACY MICHAEL GOFF CONTROLLED SUBSTANCE MONITORING PROGRAM ADMINISTRATOR 1 Controlled Substance Monitoring Program CSMP WVBOP CSMP 2 NEW CSMP UPGRADE FROM 95 VERSION TO ASAP 4.2 FORMAT (NEWEST

523 views • 16 slides
PIONEER: A Randomized, Double-Blind, Placebo-Controlled, Phase 2 Study of Avapritinib in Patients

PIONEER: A Randomized, Double-Blind, Placebo-Controlled, Phase 2 Study of Avapritinib in Patients

PIONEER: A Randomized, Double-Blind, Placebo-Controlled, Phase 2 Study of Avapritinib in Patients with Indolent or Smoldering Systemic Mastocytosis with Symptoms Inadequately Controlled with Standard Therapy Cem Akin, Hanneke Oude Elberink,

465 views • 19 slides
CO 2 Control MVHR MVHR time sensor controlled controlled Heating demand Ventilation losses

CO 2 Control MVHR MVHR time sensor controlled controlled Heating demand Ventilation losses

CO 2 Control MVHR MVHR time sensor controlled controlled Heating demand Ventilation losses Air exchange rate at 50 m2

571 views • 16 slides
Sandgate Controlled Parking Zone What are CPZs and why have them? An area where all kerbside

Sandgate Controlled Parking Zone What are CPZs and why have them? An area where all kerbside

Sandgate Controlled Parking Zone What are CPZs and why have them? An area where all kerbside space is controlled during set times. Increasing the amount of on- street parking space is rarely possible so the council has to try and

309 views • 13 slides
Boiling Curve Wall Temp. Controlled. Pool boiling curve for temperature controlled case with

Boiling Curve Wall Temp. Controlled. Pool boiling curve for temperature controlled case with

Boiling Curve Wall Temp. Controlled. Pool boiling curve for temperature controlled case with increasing temperature and decreasing temperature. Note that there is a hysteresis especially in the transition region. 4 Pool Boiling Curve

295 views • 7 slides
Remote controlled tractor TECHNICAL with attachments SPECIFICATIONS LV300 Green Climber: REMOTE

Remote controlled tractor TECHNICAL with attachments SPECIFICATIONS LV300 Green Climber: REMOTE

Remote controlled tractor TECHNICAL with attachments SPECIFICATIONS LV300 Green Climber: REMOTE CONTROLLED TRACTOR WITH FLAIL Capable of working on 60 slopes Extendable tracks Side-shifting of attachment Engine: EPA - TIER 4 final

219 views • 5 slides
CNL 2014 20-22 August, 2014 Galway, Ireland RuleCNL: a Controlled Natural Language for Business

CNL 2014 20-22 August, 2014 Galway, Ireland RuleCNL: a Controlled Natural Language for Business

Fourth Workshop on Controlled Natural Language CNL 2014 20-22 August, 2014 Galway, Ireland RuleCNL: a Controlled Natural Language for Business Rule Specifications Paul Brillant Feuto Njonko, Sylviane Cardey, Peter Greendfield and Walid El Abed

983 views • 29 slides
Lexpresso: a Controlled Natural Language Adam Saulwick Defence Science and Technology

Lexpresso: a Controlled Natural Language Adam Saulwick Defence Science and Technology

Lexpresso: a Controlled Natural Language Adam Saulwick Defence Science and Technology Organisation Fourth Workshop on Controlled Natural Language (CNL 2014) Galway 2022 August 2014 Outline Use case Input / Output & Interaction System

370 views • 23 slides
Back to Business Child Care Settings Not Schools Information Classification: CONTROLLED

Back to Business Child Care Settings Not Schools Information Classification: CONTROLLED

Information Classification: CONTROLLED Back to Business Child Care Settings Not Schools Information Classification: CONTROLLED Introduction From the 1 st of June the Government will be asking nurseries and other early years providers, including

877 views • 18 slides

More recommend