Sponge-Based Control-Flow Protection for IoT Devices Werner, - PowerPoint PPT Presentation

Sponge-Based Control-Flow Protection for IoT Devices Werner, Unterluggauer, Schaffenrath, Mangard 25th April 2018, London Graz University of Technology

Motivation and Context

Logical Attacks www.tugraz.at • Exploit software and design bugs • Mounted via external interfaces • Applicable via the Internet • Attack techniques: • Code: code injection, ret2libc, ROP , JOP • Data: DOP • Countermeasures: • Correct software • SW: W ⊕ X, ASLR, CFI, CPI, DFI, WIT • HW: processor privilege levels and access control Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 1

Physical Attacks www.tugraz.at • Tamper with the operation conditions to induce faults • Exploit the physical access to a device • Mostly local exploitation (IoT, cloud) • Huge portfolio of attacks [BDL97] and countermeasures for crypto [Bar+04] • Only little work on protecting processors [Cle+16] • Prominent example: Xbox 360 reset glitch hack Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 2

Contribution www.tugraz.at • Sponge-based Control-Flow Protection (SCFP) • Hardware supported Control-Flow Integrity (CFI) scheme • Encrypts the instruction stream with instruction granularity • Protects against logical and physical attacks • Present and analyzed two suitable sponge constructions • Discuss three SCFP instantiations (IE, AEE, AEE-Light) • Evaluate AEE-Light in a RISC-V processor • 9.1 % runtime overhead • 19.8 % code size overhead Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 3

Why Control-Flow Integrity? www.tugraz.at unsigned pin = read_pin(); bool auth = check_pin(pin); if( auth ) { open_door(); } else { raise_alarm(); } log_event(); check_pin read_pin main open_door raise_alarm log_event Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 4

Why Control-Flow Integrity? www.tugraz.at unsigned pin = read_pin(); bool auth = check_pin(pin); if( auth ) { open_door(); } else { raise_alarm(); } log_event(); check_pin read_pin attack main open_door raise_alarm log_event Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 4

Why Control-Flow Integrity? www.tugraz.at unsigned pin = read_pin(); bool auth = check_pin(pin); if( auth ) { open_door(); } else { raise_alarm(); } log_event(); check_pin read_pin main open_door raise_alarm log_event Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 4

Why Control-Flow Integrity? www.tugraz.at unsigned pin = read_pin(); bool auth = check_pin(pin); if( auth ) { open_door(); } else { raise_alarm(); } log_event(); check condition perform action handle error continue Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 4

Why Control-Flow Integrity? www.tugraz.at check_auth: // auth in x1 (0 if authentic) BNE x0, x1, not_authenticated authenticated: // open door // ... J next not_authenticated: // raise_alarm next: // log event Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 5

Why Control-Flow Integrity? www.tugraz.at check_auth: // auth in x1 (0 if authentic) BNE x0, x1, not_authenticated authenticated: // open door // ... J next not_authenticated: // raise_alarm next: // log event Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 5

Why Control-Flow Integrity? www.tugraz.at check_auth: // auth in x1 (0 if authentic) BEQ x0, x1, not_authenticated authenticated: // open door // ... J next not_authenticated: // raise_alarm next: // log event Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 5

Why Control-Flow Integrity? www.tugraz.at check_auth: // auth in x1 (0 if authentic) BNE x0, x0 , not_authenticated authenticated: // open door // ... J next not_authenticated: // raise_alarm next: // log event Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 5

Why Control-Flow Integrity? www.tugraz.at check_auth: // auth in x1 (0 if authentic) BNE x0, x1, not_authenticated authenticated: // open door // ... J next not_authenticated: // raise_alarm next: // log event Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 5

SCFP Concept

High-Level Concept www.tugraz.at Processor Register File Write Fetch Fetch Decode Execute Memory Back I-Cache D-Cache Memory (RAM/Flash) Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 6

High-Level Concept www.tugraz.at Processor Register File Write Fetch SCFP Decode Execute Fetch Memory Back I-Cache D-Cache Memory (RAM/Flash) Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 6

High-Level Concept www.tugraz.at Processor Register File Write Fetch SCFP Decode Execute Fetch Memory Back State I-Cache D-Cache Memory (RAM/Flash) Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 6

Decryption/Execution Example www.tugraz.at s t r c m p : e c d 0 e e 9 7 : 2 8 c e 7 7 8 0 : 7 5 4 1 6 4 b 1 : 4 b f 4 5 1 7 5 : d 9 a 6 0 2 a d : 5 1 7 d 3 4 4 3 : 4 d 1 b c 0 0 f : a 3 0 f 2 1 3 e Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 7

Decryption/Execution Example www.tugraz.at s t r c m p 0x1b2a0645 : e c d 0 e e 9 7 : 2 8 c e 7 7 8 0 : 7 5 4 1 6 4 b 1 : 4 b f 4 5 1 7 5 : d 9 a 6 0 2 a d : 5 1 7 d 3 4 4 3 : 4 d 1 b c 0 0 f : a 3 0 f 2 1 3 e Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 7

Decryption/Execution Example www.tugraz.at s t r c m p 0 x 1 b 2 a 0 6 4 5 0xdd3fbcce 03 06 05 00 lb a2, 0(a0) : : : 2 8 c e 7 7 8 0 : 7 5 4 1 6 4 b 1 : 4 b f 4 5 1 7 5 : d 9 a 6 0 2 a d : 5 1 7 d 3 4 4 3 : 4 d 1 b c 0 0 f : a 3 0 f 2 1 3 e Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 7

Decryption/Execution Example www.tugraz.at s t r c m p 0 x 1 b 2 a 0 6 4 5 0 x d d 3 f b c c e : 0 3 0 6 0 5 0 0 : l b a 2 , 0 ( a 0 ) 0xf5a92604 : 83 86 05 00 : lb a3, 0(a1) : 7 5 4 1 6 4 b 1 : 4 b f 4 5 1 7 5 : d 9 a 6 0 2 a d : 5 1 7 d 3 4 4 3 : 4 d 1 b c 0 0 f : a 3 0 f 2 1 3 e Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 7

Decryption/Execution Example www.tugraz.at s t r c m p 0 x 1 b 2 a 0 6 4 5 0 x d d 3 f b c c e : 0 3 0 6 0 5 0 0 : l b a 2 , 0 ( a 0 ) 0 x f 5 a 9 2 6 0 4 : 8 3 8 6 0 5 0 0 : l b a 3 , 0 ( a 1 ) 0x58c04f0a : 5b 0c 06 00 : beqz a2, 24 : 4 b f 4 5 1 7 5 : d 9 a 6 0 2 a d : 5 1 7 d 3 4 4 3 : 4 d 1 b c 0 0 f : a 3 0 f 2 1 3 e Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 7

Decryption/Execution Example www.tugraz.at s t r c m p 0 x 1 b 2 a 0 6 4 5 0 x d d 3 f b c c e : 0 3 0 6 0 5 0 0 : l b a 2 , 0 ( a 0 ) 0 x f 5 a 9 2 6 0 4 : 8 3 8 6 0 5 0 0 : l b a 3 , 0 ( a 1 ) 0x58c04f0a : 5b 0c 06 00 : beqz a2, 24 0x58c04f0a : 4 b f 4 5 1 7 5 : d 9 a 6 0 2 a d : 5 1 7 d 3 4 4 3 0x58c04f0a : 4 d 1 b c 0 0 f : a 3 0 f 2 1 3 e Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 7

Decryption/Execution Example www.tugraz.at s t r c m p 0 x 1 b 2 a 0 6 4 5 0 x d d 3 f b c c e : 0 3 0 6 0 5 0 0 : l b a 2 , 0 ( a 0 ) 0 x f 5 a 9 2 6 0 4 : 8 3 8 6 0 5 0 0 : l b a 3 , 0 ( a 1 ) 0 x 5 8 c 0 4 f 0 a : 5 b 0 c 0 6 0 0 : b e q z a 2 , 2 4 0 x 5 8 c 0 4 f 0 a 0xe70771a6 : 13 05 15 00 : addi a0, a0, 1 : d 9 a 6 0 2 a d : 5 1 7 d 3 4 4 3 0 x 5 8 c 0 4 f 0 a : 4 d 1 b c 0 0 f : a 3 0 f 2 1 3 e Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 7

Decryption/Execution Example www.tugraz.at s t r c m p 0 x 1 b 2 a 0 6 4 5 0 x d d 3 f b c c e : 0 3 0 6 0 5 0 0 : l b a 2 , 0 ( a 0 ) 0 x f 5 a 9 2 6 0 4 : 8 3 8 6 0 5 0 0 : l b a 3 , 0 ( a 1 ) 0 x 5 8 c 0 4 f 0 a : 5 b 0 c 0 6 0 0 : b e q z a 2 , 2 4 0 x 5 8 c 0 4 f 0 a 0 x e 7 0 7 7 1 a 6 : 1 3 0 5 1 5 0 0 : a d d i a 0 , a 0 , 1 0x5b26165e : 93 85 15 00 : addi a1, a1, 1 : 5 1 7 d 3 4 4 3 0 x 5 8 c 0 4 f 0 a : 4 d 1 b c 0 0 f : a 3 0 f 2 1 3 e Werner, Unterluggauer, Schaffenrath, Mangard — Graz University of Technology 7