provably secure execution platforms lecture four a simple
play

Provably Secure Execution Platforms - Lecture Four: A Simple - PowerPoint PPT Presentation

Mar 05, 2023 •468 likes •1.16k views

Provably Secure Execution Platforms - Lecture Four: A Simple Separation Kernel and Its Verification Mads Dam KTH Royal Institute of Technology BISS spring school, Bertinoro 2018 The Goal Hypervisor Context switch: Fixed round-robin

  1. Provably Secure Execution Platforms - Lecture Four: A Simple Separation Kernel and Its Verification Mads Dam KTH Royal Institute of Technology BISS spring school, Bertinoro 2018

  2. The Goal Hypervisor • Context switch: Fixed round-robin scheduling, assume two guests, statically allocated • Asynchronous message passing through hypercall (swi) • Paravirtualization Dam, Guanciale, Khakpour, Nemati, Schwarz: Formal Verification of Information Flow Security for a Simple ARM-Based Separation Kernel, CCS’13

  3. Kernel Basics Q: What is a kernel? A: A set of event handlers and some data structures for support Three types of events: • Exceptions – arise as result of a processor error conditions • Software interrupts – arise when a user program wants to invoke some service • Hardware interrupts – Arise when a piece of hardware (e.g. USB device, NIC, …) wants to invoke some service

  4. Kernel Basics Upon an event a handler routine is invoked, user state stored on stack and privilege level is raised Upon return user state is restored – In some suitable form Parameters transferred in registers – When applicable … Results returned in registers – When applicable … During handler execution, exceptions and interrupt may be disabled or not – Non-preemptive kernel: No nesting of interrupts Our kernel is preemptive

  5. Ideal Model Describes the abstract functionality of the system, here: • CPUs are virtual, with only user level functionality • All privileged execution replaced by ideal handlers • CPUs are ”physically separated” • Only communication between CPU CPU guests through communication and instruction cycle counting

  6. Ideal Model Context switching: • Only one of user CPUs active at any time Sending a message: • Hypercall swi 1 causes content of reg 0 to be written to msgbox Receiving a message: • If msgbox full on switch to receiver, CPU CPU instead of restoring receiver invoke user level handler Restoring receiver: • Once message processing done invoke swi 0 to restore receiver

  7. Ideal Model: Scheduling Scheduler Sender Receiver Scheduling round : Normal sender execution : Message processing : Send hypercall : Resume hypercall : Normal receiver execution

  8. Ideal Model Ideal model state: : User CPU states • : Messaging data structures • : Elapsed time • : Activity flag • Messaging data structures: : Indicates if guest i is ready to receive a message • : User context pointer used to switch • between message processing and normal execution : message box •

  9. Records and Contexts Context fields are stored consecutively in memory is field accessor is field update Also use tuple notation: •

  10. Ideal Model, Initial State Initial state : : Initial states with • – Registers zeroed initialized to make the user address spaces – disjoint and not contain the vector jump addresses suitably initialized within user address space – initialized to suitably large number (return to that) – • Message data structures initialized with , for suitable • • These are defined later

  11. Ideal Model, Transitions User step: User step, symmetric case: Many symmetric cases below, mostly omitted

  12. Ideal Model, Transitions Guest switch, message processing in progress: • : Pop context from stack, return to user mode • : Fixed number of cycles for handler, to be set later • • Similar transition rule for

  13. Ideal Model, Transitions Guest switch, no message pending: • cycles for handler • • Similar transition rule for

  14. restoreUser, restoreCtx Some helper functions: • • •

  15. Ideal Model, Transitions Guest switch, receive message: • , : • Entry points for guest 0/guest 1 message handlers •

  16. Ideal Model, Transitions Guest resume: • • + symmetric rule, as always

  17. Ideal Model, Transitions Guest send: • • + symmetric rule • Note: Up to guests to implement flow control

  18. Ideal Model, Exercises Exercise 1: Convince yourself that the transition semantics makes sense by mentally executing a few simple scenarios (and report to me any bugs you find!) Exercise 2: Prove some simple sanity properties, such as: • For any reachable state (state reachable from the initial state): – At most one of is in privileged state – If is in privileged state then ’s program counter is jump vector address – Stack pointers differ from their initial values only when one of the guests are in privileged state • To prove such properties use a suitable invariant

  19. Ideal Model, Exercises Exercise 3: Does the transition semantics pose any constraints on the choice of ? Exercise 4 (harder): Devise a ”single-sided” semantics in which only one guest is executing, sending and receiving data through transition labelled IO. States would have the shape . For transitions we would have a user transition: For privileged transitions, e.g.:

  20. Ideal Model, Exercises Exercise 4, continued: Show that for each trace of the ideal system there exists a corresponding pair of traces in the single-sided system such that the sequence of words exchanged in the ideal system trace corresponds to the sequence of words input, respectively output, in the single-sided trace.

  21. Ideal Model, Exercises Exercise 5: Propose an ideal model transition rule for exceptions. You may assume a pair of guest exception handler entry points fooo , . The exception handler needs to receive as parameter in register 0 the address of the offending instruction.

  22. Real Model Task: • Use only single processor • No ideal functionality (the handlers) • Handlers explicitly represented as code executing at privileged level • Data structures (e.g. channels, stacks) to be Hypervisor explicitly represented in memory • Code store in memory

  23. Memory Layout Two partitions/guests Execute in disjoint memory regions • Guest is active when Kernel memory regions • Vector region – Contains exception and interrupt jump addresses Kernel region • – Contains kernel code and data structures ,…: Kernel addresses holding the corresponding values

  24. Guest Memory Guest entry points: – – Guest message handlers: – – Guest exception handlers: – –

  25. Kernel Region: Task Switching Contexts: ref /* ”Normal” context for guest 0 – ref /* Do. For guest 1 –

  26. Kernel Region: Stacks Stack roots: – – Size? – – Each stack assigned a memory region with delimiters in: – – – –

  27. Kernel Region: Channels Channels: – /* ? /* Resume context – –

  28. Kernel Region: Handlers In kernel memory: – – – – – In vector region: – – – –

  29. Initialisation Processor initialised with: – Register 0,…,3, mode, time zeroed – – , ??? – , – – • as processor, but with , • • • • • •

  30. Handlers • Handlers are now executed on the ”real” machine, using the transition rules of lecture 3 • Handler tasks: – Extract state information: • Which guest? Not trivial since irq’s/exception’s can be nested. Use the stack pointer memory region. • Which state? Need to figure some state information to determine what action to take. – Update state: Channels, contexts – Prepare stack – Return from exception loads registers including pc in one atomic (!) step

  31. Handlers Show irq_entry.pseudo, swi1_entry (mask). (Find them in the course directory) Exercise 6. Give similar pseudo-code implementations of the other handlers. Exercise 7. Find a suitable Hoare-style specification of the irq_entry routine. Use weakest preconditions to show that it holds, under the assumption that it is never preempted.

  32. Handlers Exercise 8. t_sw1, t_sw2, t_rcv, t_res, t_send: The ideal model transition rules leave these numbers unspecified. Explain how to calculate them, and estimate t_rcv. Exercise 9. t_max: We have also left t_max unspecified. Propose a lower bound. Exercise 10. Stacks: Stacks can grow in an unbounded fashion in pathological cases. Present a simple condition that will prevent stacks from growing larger than 2|ctx|.

  33. Verification Goal: – Want to prove that, when running on top of the kernel, the two guest systems do not interfere in unintended ways. – What does ”interfere” mean? – What does ”in unintended ways” mean? Hypervisor

  34. Noninterference Proposal #1: Noninterference Can adapt definition of noninterference mod system variables, lecture 2, in the following way: • Variables: – High variables – content of guest 1 memory – System variables – content of kernel memory – Low variables – content of guest 0 memory • Observations: When is a guest active? – Content of low memory + activity of guest • Recapping: – Kernel (content of kernel memory) is NI, if whenever started in states s_0,s_1 for which kernel and low variables are identical, the observations are the same

Recommend

Provably Secure Execution Platforms - Lecture One: Introduction Mads Dam KTH Royal Institute

Provably Secure Execution Platforms - Lecture One: Introduction Mads Dam KTH Royal Institute

Provably Secure Execution Platforms - Lecture One: Introduction Mads Dam KTH Royal Institute of Technology Thanks to Roberto Guanciale, Musard Balliu, Christoph Baumann, Hamed Nemati, Oliver Schwarz, Victor Do, Christian Gehrmann, Jonas

1.41k views • 114 slides
Provably secure hash functions - do we care? Krystian Matusiewicz Technical University of Denmark

Provably secure hash functions - do we care? Krystian Matusiewicz Technical University of Denmark

Computational Complexity Provably-secure constructions Problems with provably-secure constructions Attempts at practical constructions Provably secure hash functions - do we care? Krystian Matusiewicz Technical University of Denmark Quo Vadis

874 views • 20 slides
Provably secure compilation of side-channel countermeasures: the case of cryptographic

Provably secure compilation of side-channel countermeasures: the case of cryptographic

Provably secure compilation of side-channel countermeasures: the case of cryptographic constant-time Gilles Barthe Benjamin Grgoire Vincent Laporte CSF18, 2018-07-12 Vincent Laporte et alii Provably secure compilation of

501 views • 25 slides
Proof-Carrying Data: secure computation on untrusted execution platforms Eran Tromer Joint work

Proof-Carrying Data: secure computation on untrusted execution platforms Eran Tromer Joint work

Proof-Carrying Data: secure computation on untrusted execution platforms Eran Tromer Joint work with Alessandro Chiesa Eli Ben-Sasson Daniel Genkin 1 Technion Cryptoday June 16, 2011 Motivation 3 Motivation INTEGRITY CONFIDENTIALITY

725 views • 50 slides
Towards a Provably Secure DoS-Resilient Key Exchange Protocol with PFS 1 L. Kuppusamy * J.

Towards a Provably Secure DoS-Resilient Key Exchange Protocol with PFS 1 L. Kuppusamy * J.

Introduction Contributions Conclusion Towards a Provably Secure DoS-Resilient Key Exchange Protocol with PFS 1 L. Kuppusamy * J. Rangasamy * D. Stebila * C. Boyd * J.M. Gonzlez Nieto * * Information Security Institute Queensland

943 views • 22 slides
Advanced Tools from Modern Cryptography Lecture 12 MPC: UC-secure OT UC-Secure OT UC-secure

Advanced Tools from Modern Cryptography Lecture 12 MPC: UC-secure OT UC-Secure OT UC-secure

Advanced Tools from Modern Cryptography Lecture 12 MPC: UC-secure OT UC-Secure OT UC-secure OT is impossible (even against PPT adversaries) in the plain model (i.e., without the help of another functionality) But possible from simple

527 views • 16 slides
Provably Secure Higher-Order Masking of AES Matthieu Rivain Emmanuel Prouff CryptoExperts

Provably Secure Higher-Order Masking of AES Matthieu Rivain Emmanuel Prouff CryptoExperts

Provably Secure Higher-Order Masking of AES Matthieu Rivain Emmanuel Prouff CryptoExperts Oberthur CHES 2010, Santa Barbara, Aug. 20 th CHES 2010 Provably Secure Higher-Order Masking of AES Outline 1 Introduction Higher-Order

1.1k views • 77 slides
Threshold Implementations Svetla Nikova Threshold Implementations A provably secure

Threshold Implementations Svetla Nikova Threshold Implementations A provably secure

Threshold Implementations Svetla Nikova Threshold Implementations A provably secure countermeasure Against (first) order power analysis based on multi party computation and secret sharing 2 Outline Threshold Implementations

990 views • 58 slides
Provably Secure Key Assignment Schemes from Factoring Eduarda S. V. Freire and Kenneth G.

Provably Secure Key Assignment Schemes from Factoring Eduarda S. V. Freire and Kenneth G.

Provably Secure Key Assignment Schemes from Factoring Eduarda S. V. Freire and Kenneth G. Paterson Information Security Group Royal Holloway, University of London Outline of the Talk Hierarchical Key Assignment Schemes Definition of

802 views • 48 slides
ObliviAd : Provably Secure and Practical Online Behavioral Advertising [IEEE S&P 12]

ObliviAd : Provably Secure and Practical Online Behavioral Advertising [IEEE S&P 12]

ObliviAd : Provably Secure and Practical Online Behavioral Advertising [IEEE S&P 12] Michael Backes 1 , 2 Aniket Kate 1 Matteo Maffei 2 Kim Pecina 2 1 MPI-SWS, Germany 2 Saarland University, Germany Tracking in the Advertising World Today

744 views • 35 slides
Provably Secure Anonymous-yet-Accountable Crowdsensing with Scalable Sublinear Revocatjon Sazzadur

Provably Secure Anonymous-yet-Accountable Crowdsensing with Scalable Sublinear Revocatjon Sazzadur

PETS 2017 The 17th Privacy Enhancing T echnologies Symposium July 1821, 2017 Minneapolis, MN, USA Provably Secure Anonymous-yet-Accountable Crowdsensing with Scalable Sublinear Revocatjon Sazzadur Rahaman 1 , Long Cheng 1 , Danfeng (Daphne)

650 views • 18 slides
Provably Secure Machine Learning Jacob Steinhardt ARO Adversarial Machine Learning Workshop

Provably Secure Machine Learning Jacob Steinhardt ARO Adversarial Machine Learning Workshop

Provably Secure Machine Learning Jacob Steinhardt ARO Adversarial Machine Learning Workshop September 14, 2017 Why Prove Things? Attackers often have more motivation/resources than defenders Heuristic defenses: arms race between attack and

738 views • 52 slides
Efficient and Provably Secure Methods for Switching from Arithmetic to Boolean Masking Blandine

Efficient and Provably Secure Methods for Switching from Arithmetic to Boolean Masking Blandine

Efficient and Provably Secure Methods for Switching from Arithmetic to Boolean Masking Blandine Debraize Leuven, September 10th, 2012 I NTRODUCTION 1 K NOWN TABLE - BASED METHODS 2 C ORON -T CHULKINE METHOD N EISSE -P ULKUS METHOD 3 C

413 views • 28 slides
Obtaining Provably Secure Services from Formally Verified Remote Attestation Gene Tsudik 1 Joint

Obtaining Provably Secure Services from Formally Verified Remote Attestation Gene Tsudik 1 Joint

Obtaining Provably Secure Services from Formally Verified Remote Attestation Gene Tsudik 1 Joint work with: Ivan De Oliveira Nunes 1 , Karim Eldefrawy 2 , Norrathep Rattanavipanon 1 University of California Irvine 1 , SRI International 2 1 In

847 views • 48 slides
Block Ciphers Implementations Provably Secure Against Second Order Side Channel Analysis Matthieu

Block Ciphers Implementations Provably Secure Against Second Order Side Channel Analysis Matthieu

8 + Block Ciphers Implementations Provably Secure Against Second Order Side Channel Analysis Matthieu Rivain 1 , 2 , Emmanuelle Dottax 1 & Emmanuel Prouff 1 Oberthur Card Systems University of Luxembourg February 11, 2008 M. Rivain, E.

812 views • 64 slides
On the Need for Provably Secure Distance Bounding Serge Vaudenay COLE POLYTECHNIQUE

On the Need for Provably Secure Distance Bounding Serge Vaudenay COLE POLYTECHNIQUE

On the Need for Provably Secure Distance Bounding Serge Vaudenay COLE POLYTECHNIQUE FDRALE DE LAUSANNE http://lasec.epfl.ch/ SV 2012 distance bounding CIoT 2012 1 / 39 Introduction to Distance-Bounding 1 Some Insecurity Case

600 views • 39 slides
Provably Secure Camouflaging Strategy for IC Protection Meng Li 1 Kaveh Shamsi 2 Travis Meade 2

Provably Secure Camouflaging Strategy for IC Protection Meng Li 1 Kaveh Shamsi 2 Travis Meade 2

Provably Secure Camouflaging Strategy for IC Protection Meng Li 1 Kaveh Shamsi 2 Travis Meade 2 Zheng Zhao 1 Bei Yu 3 Yier Jin 2 David Z. Pan 1 1 Electrical and Computer Engineering, University of Texas at Austin 2 Electrical and Computer

683 views • 35 slides
S Q R L S ecure Q uick R eliable L ogin A simple, straightforward, open, intellectual property

S Q R L S ecure Q uick R eliable L ogin A simple, straightforward, open, intellectual property

S Q R L S ecure Q uick R eliable L ogin A simple, straightforward, open, intellectual property unencumbered, easily explained, provably secure, pseudonymous, 2-party, web domain based, authenticated identity solution, including complete identity

840 views • 38 slides
Constructing Provably-Secure Identity-Based Signature Schemes Chethan Kamath Indian Institute of

Constructing Provably-Secure Identity-Based Signature Schemes Chethan Kamath Indian Institute of

Overview Background Galindo-Garcia IBS GG-IBS, Improved Transformation Conclusion Constructing Provably-Secure Identity-Based Signature Schemes Chethan Kamath Indian Institute of Science, Bangalore November 23, 2013 Overview Background

1.76k views • 77 slides
Preliminary Study of Trusted Execution Environments on Heterogeneous Edge Platforms Zhenyu Ning,

Preliminary Study of Trusted Execution Environments on Heterogeneous Edge Platforms Zhenyu Ning,

Preliminary Study of Trusted Execution Environments on Heterogeneous Edge Platforms Zhenyu Ning, Jinghui Liao, Fengwei Zhang, Weisong Shi COMPASS Lab Wayne State University October 27, 2018 1 Outline Introduction Trusted Execution

607 views • 40 slides
Mode-suppression A simple and provably stable chunk sharing algorithm for P2P networks Srinivas

Mode-suppression A simple and provably stable chunk sharing algorithm for P2P networks Srinivas

1 Mode-suppression A simple and provably stable chunk sharing algorithm for P2P networks Srinivas Shakkottai Texas A&M University Joint work with Vamseedhar Reddyvari (TAMU) and Parimal Parag (IISc) Peer to Peer Network 2 v P2P network

261 views • 24 slides
Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in

Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in

Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in the Quantum Era (SPS G5448) February 5th, 2020 Christian Colombo Mark Vella Cryptographic Protocols Design Proofs to validate design against

467 views • 20 slides
Simple and Communication Complexity Efficient Almost Secure and Perfectly Secure Message

Simple and Communication Complexity Efficient Almost Secure and Perfectly Secure Message

Simple and Communication Complexity Efficient Almost Secure and Perfectly Secure Message Transmission Schemes Yvo Desmedt 1 , 2 Stelios Erotokritou 1 Reihaneh Safavi-Naini 3 1 Department of Computer Science University College London, UK 2

459 views • 33 slides
Compositional Verification of Security Properties for Embedded Execution Platforms Christoph

Compositional Verification of Security Properties for Embedded Execution Platforms Christoph

Compositional Verification of Security Properties for Embedded Execution Platforms Christoph Baumann , Oliver Schwarz , Mads Dam KTH Royal Institute of Technology, Stockholm, Sweden RISE.SICS, Kista, Sweden cbaumann@kth.se

903 views • 65 slides

More recommend