hardening application
play

Hardening Application Security using Intel SGX Max Plauth, Frederik - PowerPoint PPT Presentation

Oct 18, 2023 •106 likes •423 views

Hardening Application Security using Intel SGX Max Plauth, Frederik T eschke, Daniel Richter, and Andreas Polze Operating Systems & Middleware Group Hasso Plattner Institute at University of Potsdam, Germany Motivation data security:

  1. Hardening Application Security using Intel SGX Max Plauth, Frederik T eschke, Daniel Richter, and Andreas Polze Operating Systems & Middleware Group Hasso Plattner Institute at University of Potsdam, Germany

  2. Motivation ▪ data security: encryption ▪ securely transporting data ▪ secure data processing 2 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  3. Motivation ▪ trusted computing approaches ▪ Trusted Platform Modules ▪ ARM’s TrustZone ▪ Intel’s Software Guard Extensions (SGX) 3 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  4. Motivation Intel SGX ▪ not widely utilized ▪ high complexity ▪ needs profound knowledge in fields of cryptography, operating systems, and hardware design ▪ our goal: practical perspective, approaching the challenges of trusted computing from a software engineer’s point of view ▪ helper library overcoming hurdles of integrating SGX API with code base ▪ case study: porting existing applications to run inside SGX enclaves 4 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  5. Background 5 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  6. Background Software Guard Extensions ▪ implemented entirely CPU hardware ▪ exposed by instruction set extensions ▪ Enclave ▪ encrypted, process-like memory regions ▪ code, stack + heap memory ▪ decrypt memory when loading into CPU cache ▪ protected from being accessed by privileged code ▪ even from code in System Management Mode (SMM) and Direct Memory Access (DMA)

  7. Background Intel SGX Enclaves 7 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  8. Background Intel SGX Enclaves 8 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  9. Background Intel SGX Enclaves ▪ untrusted operating system ▪ scheduling & memory allocation ▪ setting up an enclave ▪ Enclave attestation ▪ each SGX-capable CPU has embedded cryptographic private key ▪ use this key + special group signature schema to attest state of Enclave ▪ remote attestation with “architectural enclaves” 9 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  10. Background Intel SGX Enclaves ▪ code in Enclaves may not execute certain calls ▪ calls that may case a VMEXIT, input/output instructions, calls requiring change of privilege levels ▪ multiple threads ▪ number must be statically defined ▪ maximum enclave size (memory) must be defined before initialization of Enclave 11 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  11. Enclave Development 12 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  12. Enclave Development Software Development Kit ▪ SDK provided by Intel ▪ Windows + Linux ▪ language support: C and C++ ▪ interface definition: Enclave Definition Language (EDL) ▪ trusted library: helper functions ▪ subset of standard C library (e.g. without file input/output) ▪ random number generation, cryptographic primitives, key exchange and data sealing ▪ debug mode: all protection mechanisms disabled ▪ simulation mode: if SGX hardware is absent ▪ complete authoring chain

  13. Enclave Development Enclave Definition Language ▪ trusted section ( E-call , enclave calls) ▪ proxies are generated for the untrusted wrapper ▪ untrusted section ( O-call , outside of enclave calls) ▪ proxies are generated for the enclave ▪ parameter marshalling ▪ direction of data flow ▪ pass-by-value (recommended) & pass-by-reference ▪ annotations (size, sizefunc, count) for pointer arguments 14 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  14. Enclave Development Enclave Definition Language 15 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  15. SGX Helper Library 16 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  16. SGX Helper Library ▪ enable easier and faster prototyping ▪ contains scripts and wrapper functions to make working with the SDK easier: ▪ Generation of O-call Proxies ▪ Error Code Handling ▪ Easy-to-Use Encryption ▪ Transparent Encryption of Input/Output ▪ available for public use: https://github.com/ftes/sgx-lib

  17. SGX Helper Library Generation of O-Call Proxies ▪ O-call proxies – shim inside Enclave to proxy calls to outside world ▪ provide trusted functions with original signature ▪ e.g. for directly linking against the C library implementation ▪ different signatures in EDL for calls with return values ▪ automate process of defining these proxies 18 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  18. SGX Helper Library Generation of O-Call Proxies ▪ SDK proxies deal with parameter handling ▪ untrusted library proxy delegates to the C library 19 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  19. SGX Helper Library Error Code Handling ▪ utility function to check return values ▪ looking up error codes scraped from Intel SDK’s sgx_error.h 20 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  20. SGX Helper Library Easy-to-Use Encryption ▪ some of SDK’s cryptography functions are cumbersome to use ▪ size of encrypted/sealed data not trivial to determine ▪ extensive wrapper for encryption 21 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  21. SGX Helper Library Transparent I/O Encryption ▪ transparent de- & encryption of input/output data – protects data operated on by legacy code without requiring any code modifications ▪ intercepting calls to C library for file input/output ▪ choose desired security level (at compile time) ▪ no security : plain file input/output ▪ encryption with custom key : use of symmetric encryption key ▪ data sealing (default): seals all input/output to the Enclaves identity 22 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  22. Case Study: KISSDB 23 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  23. Case Study: KISSDB ▪ hardening security of existing database management system using SGX ▪ interesting target for trusted computing ▪ stored data may be sensitive, requiring protection from the infrastructure, provider or other tenants ▪ avoid excessively complex code: KISSDB ▪ simple key/value store ▪ implemented in plain C using only file I/O functions ▪ https://github.com/adamierymenko/kissdb ▪ goal: protect data KISSDB operates on

  24. Case Study: KISSDB Design Decisions ▪ Enclave Design ▪ only move application code into enclave ▪ shim C library to utilize external host C library ▪ Scope of Enclaves ▪ no concurrency in KISSDB – one enclave per database ▪ Decomposition ▪ a single enclave used for all trusted functionality ▪ KISSB not sub-divided into trusted & non-trusted function and does not support data processing ▪ Unencrypted Metadata ▪ metadata (header, hash tables) is not protected 25 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  25. Case Study: KISSDB Design Decisions ▪ Iterators ▪ allows to iterating through all values, several iterators per database in parallel ▪ iterator data (page number and offset) stored outside of the Enclave ▪ Encryption vs. Sealing ▪ sealing: encryption with key derived from Enclaves identity ▪ (user) encryption: empower user to specify key 26 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  26. Case Study: KISSDB Design Decisions ▪ hardened KISSSB architecture: 27 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  27. Case Study: KISSDB Unresolved Issues ▪ attestation & key-provisioning ▪ attest enclave’s identity and perform key exchange in a production setting ▪ file integrity & freshness ▪ use of cryptographic mechanisms to ensure file integrity (e.g. monotonic counters provided by SDK) ▪ cryptographic hash function ▪ KISSDB does not use cryptographic hash function ▪ file layout ▪ deterministic file layout (known plain text attacks) 29 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  28. Related Work 30 Hardening Application Security using Intel SGX | QRS 2018 | Daniel Richter | July 17, 2018

  29. Enclave Design Alternatives ▪ library operating system inside enclave ▪ minimal enclave size with external C library ▪ untrusted system calls with internal C library

Recommend

Performant Security Hardening Steve Rutherford (srutherford@google.com) Googles

Performant Security Hardening Steve Rutherford (srutherford@google.com) Googles

Performant Security Hardening Steve Rutherford (srutherford@google.com) Googles Virtualization Security Team 1 Preface This talk is x86 and KVM centric 2 Outline Background Current Hardening Split Irqchip, PIT Prototype Hardening

884 views • 41 slides
Hurricane Hardening Hurricane Hardening Research Research Presentation to the Louisiana Public

Hurricane Hardening Hurricane Hardening Research Research Presentation to the Louisiana Public

Hurricane Hardening Hurricane Hardening Research Research Presentation to the Louisiana Public Service Commission May 4, 2007 Mark A. Jamison, PURC Director Leadership in Infrastructure Policy Leadership in Infrastructure Policy

487 views • 45 slides
Single Event Upset Hardening Single Event Upset Hardening by 'hijacking' the multi-VT by

Single Event Upset Hardening Single Event Upset Hardening by 'hijacking' the multi-VT by

Single Event Upset Hardening Single Event Upset Hardening by 'hijacking' the multi-VT by 'hijacking' the multi-VT flow during synthesis flow during synthesis Roland Weigand February 04, 2013 Design Automation Conference User Track European

394 views • 17 slides
Hardening Windows Applications Hardening Windows Applications olleB olle@toolcrypt.org The

Hardening Windows Applications Hardening Windows Applications olleB olle@toolcrypt.org The

www.toolcrypt.org Standing on the shoulders of the Blue Monster: Hardening Windows Applications Hardening Windows Applications olleB olle@toolcrypt.org The Toolcrypt Group www.toolcrypt.org www.toolcrypt.org Agenda Agenda Introduction

532 views • 32 slides
Anil Kurmus kur@zurich.ibm.com IBM Research - Zurich Outline 1. Background Hardening Kernel

Anil Kurmus kur@zurich.ibm.com IBM Research - Zurich Outline 1. Background Hardening Kernel

September 2016 BalCCon 2k16 Kernel Exploitation and Hardening Why we could have nice things! (using Split Kernel) Anil Kurmus kur@zurich.ibm.com IBM Research - Zurich Outline 1. Background Hardening Kernel Vulnerabilities Kernel

1.07k views • 39 slides
Agenda Linux security 1. System hardening 2. Technical audits 3. Automation 2 Michael Boelen

Agenda Linux security 1. System hardening 2. Technical audits 3. Automation 2 Michael Boelen

Agenda Linux security 1. System hardening 2. Technical audits 3. Automation 2 Michael Boelen 3 Linux security Areas Core Resources Services Environment System Hardening Boot Process Accounting Database Forensics Containers

821 views • 34 slides
Hardening WordPress (or, How Not To Get Hacked And What To Do When You Are) Gregory Ray dot

Hardening WordPress (or, How Not To Get Hacked And What To Do When You Are) Gregory Ray dot

Hardening WordPress (or, How Not To Get Hacked And What To Do When You Are) Gregory Ray dot gray inc. @dotgray Sunday, March 15, 15 Resources Codex.WordPress.org / Hardening_WordPress Blog.Sucuri.net / WordPress Security WPSecure.net /

608 views • 32 slides
Hardening the Firefox browser Preventing unwanted background traffic to Google, Pocket and hidden

Hardening the Firefox browser Preventing unwanted background traffic to Google, Pocket and hidden

Hardening the Firefox browser Preventing unwanted background traffic to Google, Pocket and hidden telemetry to Mozilla Per Foyer per@foyer.se 10 10 Cryptoparty 201911-R1 Hardening Firefox: Method To harden Firefox we need to: 1. Adjust

470 views • 14 slides
Vacuum: 12GeV Hardening Anthony DiPette Installation / Vacuum Group Leader 7/16/2015 Vacuum:

Vacuum: 12GeV Hardening Anthony DiPette Installation / Vacuum Group Leader 7/16/2015 Vacuum:

Vacuum: 12GeV Hardening Anthony DiPette Installation / Vacuum Group Leader 7/16/2015 Vacuum: 12GeV Hardening Vacuum Improvements & Status Synchrotron Radiation Effects Vacuum Spares Page 2 Vac Improvements - Linac Viewer

309 views • 13 slides
Hardening PHP - Some basic security measures. Antonio Bonifati

Hardening PHP - Some basic security measures. Antonio Bonifati

Hardening PHP - Some basic security measures. Antonio Bonifati <http://ninuzzo.freehostia.com> ABSTRACT A summary of the most important PHP settings aimed at improving security of PHP web servers. Whenever you have to harden a PHP

615 views • 5 slides
Practical Password Hardening based on TLS Constantinos Diomedous and Elias Athanasopoulos

Practical Password Hardening based on TLS Constantinos Diomedous and Elias Athanasopoulos

Practical Password Hardening based on TLS Constantinos Diomedous and Elias Athanasopoulos University of Cyprus 1 How authentication works today? 2 How web services protect passwords? Cryptographically secure hash functions One way

538 views • 22 slides
A brief presentation of ASELT In Process Control . The HBU induction heating for hardening needs

A brief presentation of ASELT In Process Control . The HBU induction heating for hardening needs

ASELT srl Montebello Vicentino (VI) A brief presentation of ASELT In Process Control . The HBU induction heating for hardening needs to be monitored very strictly in order to reach a product in conformance. The ASELT IPC is a new generation

450 views • 9 slides
A totally new approach to measuring the degree of hardening of UV cured resins AcroEdge Co., Ltd

A totally new approach to measuring the degree of hardening of UV cured resins AcroEdge Co., Ltd

A totally new approach to measuring the degree of hardening of UV cured resins AcroEdge Co., Ltd C.E.O. Kenichi Nakamune Non-contact Non-destructive Even when samples are inserted in glass or film, such as film bonding with UV curing resin,

188 views • 7 slides
Security AutoSecure Router HardeningAutomagically The process of turning off unnecessary

Security AutoSecure Router HardeningAutomagically The process of turning off unnecessary

Security AutoSecure Router HardeningAutomagically The process of turning off unnecessary services is called hardening a router to prevent attacks or exploits. The basic steps of router hardening are: 1) Administratively shut down

102 views • 8 slides
Hardening your systems against litigation Alexander Muentz, Esq LISA '07 Overview Why

Hardening your systems against litigation Alexander Muentz, Esq LISA '07 Overview Why

Hardening your systems against litigation Alexander Muentz, Esq LISA '07 Overview Why litigation should be considered an IT risk Overview of litigation How you can help or hurt Some examples What works and doesn't work Your logo here 2

706 views • 22 slides
Securing your in-ear fitness coach: Challenges in hardening next generation wearables Kavya

Securing your in-ear fitness coach: Challenges in hardening next generation wearables Kavya

Securing your in-ear fitness coach: Challenges in hardening next generation wearables Kavya Racharla Sumanth Naropanth Who are we? Kavya Racharla Security Research Manager Sports Group, Intel Oracle & Qualcomm

826 views • 48 slides
Managing and Hardening Snow Leopard: Policies for Use in Education Doug Brown Redlands College

Managing and Hardening Snow Leopard: Policies for Use in Education Doug Brown Redlands College

Managing and Hardening Snow Leopard: Policies for Use in Education Doug Brown Redlands College XW11 Overview Standard Operating Environment Configuration Settings Restrictions Deployment Issues Adobe Suite Logic and

410 views • 30 slides
Aid for Trade in 2012: Increasing Volumes Hardening Terms CTD Session on Aid for Trade WTO, 9

Aid for Trade in 2012: Increasing Volumes Hardening Terms CTD Session on Aid for Trade WTO, 9

Aid for Trade in 2012: Increasing Volumes Hardening Terms CTD Session on Aid for Trade WTO, 9 April 2014 Frans Lammersen, OECD Aid for Trade in 2012 OUTLINE How much Aid for Trade was committed and disbursed? What does it support?

383 views • 17 slides
Operating System Hardening Vulnerabilities Unique vulnerabilities for: Different

Operating System Hardening Vulnerabilities Unique vulnerabilities for: Different

Operating System Hardening Vulnerabilities Unique vulnerabilities for: Different operating systems Different vendors Client and server systems Vendors try to correct Attackers try to exploit Security professionals must

620 views • 11 slides
WMATA Flood Hardening Introduction Jim Ashe Manager, Environmental Planning and Compliance 1

WMATA Flood Hardening Introduction Jim Ashe Manager, Environmental Planning and Compliance 1

WMATA Flood Hardening Introduction Jim Ashe Manager, Environmental Planning and Compliance 1 WMATA Assets in the Federal Triangle area Escalator and Elevators entrances 2 Completed Projects Flood Emergency Response Plan Georgia

226 views • 6 slides
ZigZag: Automa,cally Hardening Web Applica,ons Against Client- side Valida,on Vulnerabili,es

ZigZag: Automa,cally Hardening Web Applica,ons Against Client- side Valida,on Vulnerabili,es

ZigZag: Automa,cally Hardening Web Applica,ons Against Client- side Valida,on Vulnerabili,es PRESENTED BY SAI TEJ KANCHARLA Content Introduc,on Mo,va,on And Threat Model System Overview Invariant Detec,on Invariant

549 views • 26 slides
PASS : Strengthening and Democratizing Enterprise Password Hardening Ari Juels Jacobs

PASS : Strengthening and Democratizing Enterprise Password Hardening Ari Juels Jacobs

PASS : Strengthening and Democratizing Enterprise Password Hardening Ari Juels Jacobs Technion-Cornell Institute Cornell Tech with D. Akhawe (Dropbox). A. Athalye (MIT), R. Chatterjee (Cornell), A. Everspaugh (UWisc), T. Ristenpart (Cornell

642 views • 36 slides
Linux Kernel Security & Hardening Thomas Lamprecht January 17, 2019 Introduction The Linux

Linux Kernel Security & Hardening Thomas Lamprecht January 17, 2019 Introduction The Linux

Linux Kernel Security & Hardening Thomas Lamprecht January 17, 2019 Introduction The Linux Kernel Widespread Deployed on: powerful (high performance compute clusters) sensitive (bank, gov. systems, ..) safety critical

995 views • 29 slides
Correction and Preprocessing Methods Veselin Dikov 1. Beam hardening 1.1. The phenomena Photon

Correction and Preprocessing Methods Veselin Dikov 1. Beam hardening 1.1. The phenomena Photon

Moscow-Bavarian Joint Advanced Student School 19-29 March 2006, Moscow, Russia Correction and Preprocessing Methods Veselin Dikov 1. Beam hardening 1.1. The phenomena Photon ratio by monochromatic beam = N N exp ( x

336 views • 5 slides

More recommend