eliminating cache based timing attacks with instruction
play

Eliminating cache-based timing attacks with instruction-based - PowerPoint PPT Presentation

Aug 31, 2022 •323 likes •936 views

Eliminating cache-based timing attacks with instruction-based scheduling Deian Stefan , Pablo Buiras, Edward Z. Yang, Amit Levy, David Terei, Alejandro Russo, and David Mazires Motivation: IFC Web platforms Platforms allow 3rd-party developers

  1. Eliminating cache-based timing attacks with instruction-based scheduling Deian Stefan , Pablo Buiras, Edward Z. Yang, Amit Levy, David Terei, Alejandro Russo, and David Mazières

  2. Motivation: IFC Web platforms Platforms allow 3rd-party developers to build apps that use our personal data ➤ Extend the websites beyond original intent!

  3. Motivation: IFC Web platforms Platforms allow 3rd-party developers to build apps that use our personal data ^and sometimes leak ➤ Extend the websites beyond original intent!

  4. Motivation: IFC Web platforms editor ... Challenge: can we ensure address photo apps don’t leak data? book Current approach: DAC Platform ➤ Restrict what data app can access Cannot guarantee what app does with data

  5. Motivation: IFC Web platforms editor ... Challenge: can we ensure address photo apps don’t leak data? book Current approach: DAC Platform ✗ ➤ Restrict what data app can access Cannot guarantee what app does with data

  6. Motivation: IFC Web platforms editor ... Challenge: can we ensure address photo apps don’t leak data? book Current approach: DAC Platform ➤ Restrict what data app can access Cannot guarantee what app does with data

  7. Motivation: IFC Web platforms editor ... Challenge: can we ensure address photo apps don’t leak data? book Current approach: DAC Platform ➤ Restrict what data app can access Cannot guarantee what app does with data

  8. Motivation: IFC Web platforms editor ... Challenge: can we ensure address photo apps don’t leak data? book Current approach: DAC Platform ➤ Restrict what data app can access ✦ All your contacts Cannot guarantee what app does with data

  9. Motivation: IFC Web platforms editor ... Challenge: can we ensure address photo apps don’t leak data? book Name: Joe Smith Nick: Small J Occupation: N/A Current approach: DAC Platform ➤ Restrict what data app can access ✦ All your contacts Cannot guarantee what app does with data

  10. Motivation: IFC Web platforms Name: Jullian Assange Nick: Big J Occupation: make U.S. gov unhappy editor ... Challenge: can we ensure address photo apps don’t leak data? book Name: Joe Smith Nick: Small J Occupation: N/A Current approach: DAC Platform ➤ Restrict what data app can access ✦ All your contacts Cannot guarantee what app does with data

  11. Motivation: IFC Web platforms Name: Jullian Assange Nick: Big J Occupation: make U.S. gov unhappy editor ... Challenge: can we ensure address photo apps don’t leak data? book Name: Joe Smith Nick: Small J Occupation: N/A Current approach: DAC Platform ➤ Restrict what data app can access ✦ All your contacts Cannot guarantee what app does with data

  13. Motivation: IFC Web platforms Solution: Information flow editor ... control Web platform: Hails address photo book Hails IFC enforcement: Hails platform ➤ Restrict what data app can access with clearance ➤ Restrict who app can communicate with depending on data it reads

  14. Motivation: IFC Web platforms Solution: Information flow editor ... control Web platform: Hails address photo book Hails IFC enforcement: Hails platform ➤ Restrict what data app can access with clearance IFC: Can app read sensitive ➤ Restrict who app can data from the database? communicate with depending on data it reads

  15. Motivation: IFC Web platforms Solution: Information flow editor ... control Web platform: Hails address photo book Name: Joe Smith Nick: Small J Occupation: N/A Hails IFC enforcement: Hails platform ➤ Restrict what data app can access with clearance IFC: Can app read sensitive ➤ Restrict who app can data from the database? communicate with depending on data it reads

  16. Motivation: IFC Web platforms Name: Jullian Assange Nick: Big J Occupation: make U.S. gov unhappy Solution: Information flow editor ... control Web platform: Hails address photo book Name: Joe Smith Nick: Small J Occupation: N/A Hails IFC enforcement: Hails platform ➤ Restrict what data app can access with clearance IFC: Can app read sensitive ➤ Restrict who app can data from the database? communicate with depending on data it reads

  17. Motivation: IFC Web platforms Name: Jullian Assange Nick: Big J Occupation: make U.S. gov unhappy Solution: Information flow editor ... control Web platform: Hails address photo book Name: Joe Smith Nick: Small J Occupation: N/A Hails IFC enforcement: Hails platform ➤ Restrict what data app IFC: Can app write can access with clearance sensitive data to nsa.gov? IFC: Can app read sensitive ➤ Restrict who app can data from the database? communicate with depending on data it reads

  18. Motivation: IFC Web platforms Name: Jullian Assange Nick: Big J ✗ Occupation: make U.S. gov unhappy Solution: Information flow editor ... control Web platform: Hails address photo book Name: Joe Smith Nick: Small J Occupation: N/A Hails IFC enforcement: Hails platform ➤ Restrict what data app IFC: Can app write can access with clearance sensitive data to nsa.gov? IFC: Can app read sensitive ➤ Restrict who app can data from the database? communicate with depending on data it reads

  19. Hails Web-platform framework wiki.gitstar.com • Hails is built atop the LIO learnbyhacking.org Hails framework www.gitstar.com ➤ Concurrent, dynamic, Hails framework ≀≀ ≀ LIO IFC system ≀ language-level IFC system Hails framework ≀≀ ≀ LIO IFC system ≀ GHC Haskell Runtime ≀≀ ≀ LIO IFC system ≀ • Hails apps are LIO programs GHC Haskell Runtime GHC Haskell Runtime ➤ Access database, filesystem, network, etc. according to IFC

  20. Challenge: covert channels • Malicious apps will try to leak data through any means, including covert channels ➤ E.g., termination, internal timing, and external timing channels • LIO addresses these channels at the language level Theorem: Termination-sensitive non-interference ➤ Confidentiality and integrity of data is preserved regardless of the timing/termination behavior of threads

  21. Challenge: covert channels • Malicious apps will try to leak data through any means, including covert channels ➤ E.g., termination, internal timing, and external timing channels ✗ • LIO addresses these channels at the language level Theorem: Termination-sensitive non-interference ➤ Confidentiality and integrity of data is preserved regardless of the timing/termination behavior of threads

  22. Reality check Cache Rules Everything Around Me • Not modeling hardware features ➠ theorem only holds for ideal execution machine • Can usually exploit system by leveraging features not captured by model ➤ E.g., finite memory, disk-head location, CPU- bus, translation look-aside buffer, L1-L3 caches Focus: hardware-level caches

  23. Cache-based attack Cache lowArray := fillArray( ) if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output output := A 1: 2: output := B

  24. Cache-based attack Cache lowArray := fillArray( ) Run 1 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: 2:

  25. Cache-based attack Cache lowArray := fillArray( ) Run 1 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: 2:

  26. Cache-based attack Cache lowArray := fillArray( ) Run 1 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: A output := A 2:

  27. Cache-based attack Cache lowArray := fillArray( ) Run 1 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: A output := A 2:

  28. Cache-based attack Cache lowArray := fillArray( ) Run 1 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: A output := A 2:

  29. Cache-based attack Cache lowArray := fillArray( ) Run 1 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: B A output := A 2: output := B

  30. Cache-based attack Cache lowArray := fillArray( ) Run 2 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: B A output := A 2:

  31. Cache-based attack Cache lowArray := fillArray( ) Run 2 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: B A output := A 2: B output := B

  32. Cache-based attack Cache lowArray := fillArray( ) Run 2 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: B A output := A 2: A B output := B output := A

  33. Cache-based attack Cache lowArray := fillArray( ) Run 2 if friend == “Julian Assange” highArray := fillArray( ) Thread A Thread B readArray(lowArray) for 1..3 do skip output 1: B A output := A 2: A B output := B Directly encodes / . output := A

Recommend

Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr.

Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr.

Dealing with cache based attacks in cryptography Speculating on cache attacks Simo Sorce Sr. Principal Software Engineer 2019/02/19 What are cache based attacks ? In cryptography In cryptographic operations, leaking the internal state of a

338 views • 8 slides
Cache-Timing Attacks Matteo BOCCHI System Research & Applications STMicroelectronics S.r.l.

Cache-Timing Attacks Matteo BOCCHI System Research & Applications STMicroelectronics S.r.l.

Cache-Timing Attacks Matteo BOCCHI System Research & Applications STMicroelectronics S.r.l. 2018/12/06 Agenda 2 STM32 Nucleo Boards STM32 Firewall Cache-Timing Attack Evict&Time vs. MbedTLS AES on STM32

477 views • 20 slides
CACHE-TIMING ATTACKS ON RSA KEY GENERATION Conference on Cryptographic Hardware and Embedded

CACHE-TIMING ATTACKS ON RSA KEY GENERATION Conference on Cryptographic Hardware and Embedded

CACHE-TIMING ATTACKS ON RSA KEY GENERATION Conference on Cryptographic Hardware and Embedded Systems (CHES) 2019 Alejandro Cabrera Aldaya 1 , Cesar Pereida Garca 2 , Luis Manuel Alvarez Tapia 1 , Billy Bob Brumley 2 , {aldaya,

371 views • 21 slides
Cache-timing attacks http://cr.yp.to/papers.html #cachetiming , 2005: D. J. Bernstein This

Cache-timing attacks http://cr.yp.to/papers.html #cachetiming , 2005: D. J. Bernstein This

Cache-timing attacks http://cr.yp.to/papers.html #cachetiming , 2005: D. J. Bernstein This paper reports successful Thanks to: extraction of a complete AES key University of Illinois at Chicago from a network server NSF CCR9983950 on

1.28k views • 91 slides
DAWG : A Defense Against Cache Timing Attacks in Speculative Execution Processors Vladimir

DAWG : A Defense Against Cache Timing Attacks in Speculative Execution Processors Vladimir

DAWG : A Defense Against Cache Timing Attacks in Speculative Execution Processors Vladimir Kiriansky, Ilia Lebedev, Saman Amarasinghe, Srinivas Devadas, Joel Emer {vlk, ilebedev, saman, devadas, emer}@csail.mit.edu MICRO'18

949 views • 78 slides
Discussion: Remote Timing Attacks are Practical 600.624 2/11/05 Outline Why are timing

Discussion: Remote Timing Attacks are Practical 600.624 2/11/05 Outline Why are timing

Discussion: Remote Timing Attacks are Practical 600.624 2/11/05 Outline Why are timing attacks important? Clarifications Zero-One Gap / Neighborhood Size etc. Problems Questions Extensions Contribution Discussion

645 views • 26 slides
System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud Taesoo Kim, Marcus

System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud Taesoo Kim, Marcus

System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud Taesoo Kim, Marcus Peinado, Gloria Mainar-Ruiz MIT CSAIL Microsoft Research Security is a big concern in cloud adoption Why are cache-based side channel

588 views • 38 slides
Mitigating Software Instrumentation Cache Effects in Measurement-Based Timing Analysis 1 Enrique

Mitigating Software Instrumentation Cache Effects in Measurement-Based Timing Analysis 1 Enrique

Mitigating Software Instrumentation Cache Effects in Measurement-Based Timing Analysis 1 Enrique Daz 1,2 , Jaume Abella 2 , Enrico Mezzetti 2 , 4 Irune Agirre 3 , Mikel Azkarate-Askasua 3 , 2 Tullio Vardanega 4 , Francisco J. Cazorla 2,5 5 3

545 views • 25 slides
The Clock is Still Ticking: Timing Attacks in the Modern Web Tom Van Goethem, Wouter Joosen,

The Clock is Still Ticking: Timing Attacks in the Modern Web Tom Van Goethem, Wouter Joosen,

The Clock is Still Ticking: Timing Attacks in the Modern Web Tom Van Goethem, Wouter Joosen, Nick Nikiforakis Background: Timing attacks Introduced by Felten et al. in 2000. A side-channel attack analyzing the time that it takes to a

642 views • 21 slides
A Time Predictable Instruction Cache for a Java Processor Martin Schoeberl Overview

A Time Predictable Instruction Cache for a Java Processor Martin Schoeberl Overview

A Time Predictable Instruction Cache for a Java Processor Martin Schoeberl Overview Motivation Cache Performance Java Properties Method Cache WCET Analysis Results Conclusion, Future Work JOP Method Cache 2

533 views • 25 slides
Cache Timing Side-Channel Vulnerability Checking with Computation Tree Logic Shuwen Deng , Wenjie

Cache Timing Side-Channel Vulnerability Checking with Computation Tree Logic Shuwen Deng , Wenjie

Cache Timing Side-Channel Vulnerability Checking with Computation Tree Logic Shuwen Deng , Wenjie Xiong and Jakub Szefer Yale University HASP June 2, 2018 Memory System Cache Memory CPU Typical set-associative cache sets ways cache

640 views • 25 slides
S CATTER C ACHE : Thwarting Cache Attacks via Cache Set Randomization Werner, Unterluggauer,

S CATTER C ACHE : Thwarting Cache Attacks via Cache Set Randomization Werner, Unterluggauer,

S CATTER C ACHE : Thwarting Cache Attacks via Cache Set Randomization Werner, Unterluggauer, Giner, Schwarz, Gruss, Mangard August 15, 2019 Graz University of Technology What is S CATTER C ACHE ? www.tugraz.at Alternative design for n-way

460 views • 27 slides
Design and Implementation of an Espionage Network for Cache- based Side Channel Attacks on AES

Design and Implementation of an Espionage Network for Cache- based Side Channel Attacks on AES

Design and Implementation of an Espionage Network for Cache- based Side Channel Attacks on AES Bholanath Roy Research Scholar Advanced Encryption Standard(AES) Design of an Espionage Network : Attack Architecture Espionage Infrastructure

435 views • 4 slides
Motivations Instruction cache (icache) misses can FICO drastically decrease code performance a

Motivations Instruction cache (icache) misses can FICO drastically decrease code performance a

Motivations Instruction cache (icache) misses can FICO drastically decrease code performance a Fast Instruction Cache Optimizer The problem is even more important for 1-level direct mapped caches Author: Marco Garatti On Lx ST210 the icache

477 views • 4 slides
Improving the Energy and Execution Efficiency of a Small Instruction Cache by Using an

Improving the Energy and Execution Efficiency of a Small Instruction Cache by Using an

Improving the Energy and Execution Efficiency of a Small Instruction Cache by Using an Instruction Register File Stephen Hines, Gary Tyson, David Whalley Computer Science Dept. Florida State University September 30, 2005 Introduction

424 views • 38 slides
Cache attacks: From side channels to fault attacks Clmentine Maurice CNRS, Rennes, France

Cache attacks: From side channels to fault attacks Clmentine Maurice CNRS, Rennes, France

Cache attacks: From side channels to fault attacks Clmentine Maurice CNRS, Rennes, France November 16, 2017 Cryptacus Workshop, Nijmegen, Netherlands the attacker only needs unprivileged execution on the victims machine

1.99k views • 164 slides
NetCAT : Practical Cache Attacks from the Network Michael Kurth , Ben Gras, Dennis Andriesse,

NetCAT : Practical Cache Attacks from the Network Michael Kurth , Ben Gras, Dennis Andriesse,

NetCAT : Practical Cache Attacks from the Network Michael Kurth , Ben Gras, Dennis Andriesse, Cristiano Giuffrida, Herbert Bos, Kaveh Razavi Cache Attack from the Network Client Server Remote Cache Attack SSH 2 Network Cache Attack 3

794 views • 32 slides
An Analytical Model for Tim e-Driven Cache Attacks Kris Tiri Onur Ac imez Michael Neve

An Analytical Model for Tim e-Driven Cache Attacks Kris Tiri Onur Ac imez Michael Neve

An Analytical Model for Tim e-Driven Cache Attacks Kris Tiri Onur Ac imez Michael Neve Flemming Andersen Outline Motivation Cache attacks: origins, time-driven attack Strength of an implementation Analytical model of

685 views • 19 slides
lecture 18 cache 2 - TLB (hit and miss) - instruction or data cache - cache (hit and

lecture 18 cache 2 - TLB (hit and miss) - instruction or data cache - cache (hit and

lecture 18 cache 2 - TLB (hit and miss) - instruction or data cache - cache (hit and miss) Wed. March 16, 2016 virtual physical physical virtual address address address address Last lecture I discussed the TLB and how virtual

599 views • 33 slides
1 Classifying cache misses Cache Organization Classifying misses by causes (3Cs) Cache size,

1 Classifying cache misses Cache Organization Classifying misses by causes (3Cs) Cache size,

Cache Performance Metrics Cache miss rate: number of cache misses divided by number of accesses Lecture 14: Hardware Approaches for Cache Optimizations Cache hit time: the time between sending address and data returning from cache Cache

608 views • 4 slides
I Know Where Youve Been: ! Geo-Inference Attacks via the Browser Cache ! Yaoqi Jia Yaoqi Jia

I Know Where Youve Been: ! Geo-Inference Attacks via the Browser Cache ! Yaoqi Jia Yaoqi Jia

I Know Where Youve Been: ! Geo-Inference Attacks via the Browser Cache ! Yaoqi Jia Yaoqi Jia , Xinshu Dong , Zhenkai Liang , Prateek Saxena ! School of Computing, National University of Singapore ! Advanced Digital

496 views • 28 slides
Remote Timing Attacks are Practical by David Brumley and Dan Boneh Presented by Seny Kamara in

Remote Timing Attacks are Practical by David Brumley and Dan Boneh Presented by Seny Kamara in

Remote Timing Attacks are Practical by David Brumley and Dan Boneh Presented by Seny Kamara in Advanced Topics in Network Security (600/650.624) Outline Traditional threat model in cryptography Side-channel attacks Kochers

1.19k views • 77 slides
DNSSEC aggressive cache (RFC 8198) Protection from random subdomain attacks Petr paek

DNSSEC aggressive cache (RFC 8198) Protection from random subdomain attacks Petr paek

DNSSEC aggressive cache (RFC 8198) Protection from random subdomain attacks Petr paek petr.spacek@nic.cz 2018-05-16 Talk outline Aggressive cache theory expectations efficiency Normal traffic measurements

823 views • 30 slides
Remote Timing Attacks on TPMs, AKA TPM-Fail Daniel Moghimi About Me Daniel Moghimi

Remote Timing Attacks on TPMs, AKA TPM-Fail Daniel Moghimi About Me Daniel Moghimi

Remote Timing Attacks on TPMs, AKA TPM-Fail Daniel Moghimi About Me Daniel Moghimi @danielmgmi https://moghimi.org Security Researcher PhD Candidate @ WPI Microarchitectural Attacks Side Channels Breaking Crypto

1.2k views • 71 slides

More recommend