the promises and pitfalls of hardware assisted security
play

The Promises and Pitfalls of Hardware-Assisted Security Alexandra - PowerPoint PPT Presentation

Jul 08, 2023 •480 likes •2.37k views

The Promises and Pitfalls of Hardware-Assisted Security Alexandra Dmitrienko Julius-Maximilians-Universitt Wrzburg alexandra.dmitrienko@uni-wuerzburg.de SEPTEMBER 9 13, 2019 CROSSING Summer School on Sustainable Security & Privacy

  1. SGX SDK and The Guard’s Dilemma [Biondo et al., USENIX Security 2018] • tRTS is not randomized by SGX-Shield • It cannot be randomized due to architectural specifics • E.g., enclave functions are invoked using fixed pre-defined entry points • Contributions by Biondo et al.: • show that tRTS has enough gadgets to mount ROP • develop new techniques that do not require enclave crashes • new techniques do not require kernel privileges from an attacker SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 14

  2. Leaky SGX SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 15

  3. Side-Channel Attack: General Principle Entity 1 Entity 2 System SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 16

  4. Side-Channel Attack: General Principle Attacker Entity 1 Entity 2 Victim System SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 16

  5. Side-Channel Attack: General Principle Observe Attacker Entity 1 Entity 2 Victim System SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 16

  6. Side-Channel Attack: General Principle Observe Attacker Entity 1 Entity 2 Victim System SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 16

  7. Side-Channel Attack: General Principle Attacker Entity 1 Entity 2 Victim System SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 16

  8. Side-Channel Attack: General Principle Attacker Entity 1 Entity 2 Victim Utilize Observe System SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 16

  9. Page Fault Attacks on SGX Granularity: page 4K, good for big data structures Enclave 1 Enclave 2 App 1 App 2 App 3 OS CPU RAM EPC EPC: Enclave Page Cache PT: Page Tables PF: Page-Fault SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 17

  10. Page Fault Attacks on SGX Granularity: page 4K, good for big data structures Enclave 1 Enclave 2 App 1 App 2 App 3 OS PT PT CPU RAM EPC EPC: Enclave Page Cache PT: Page Tables PF: Page-Fault SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 17

  11. Page Fault Attacks on SGX Granularity: page 4K, good for big data structures Enclave 1 Enclave 2 App 1 App 2 App 3 OS PT PF Handler PT IRQ CPU RAM EPC EPC: Enclave Page Cache PT: Page Tables PF: Page-Fault SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 17

  12. Page Fault Attacks on SGX Granularity: page 4K, good for big data structures Original Recovered Enclave 1 Enclave 2 App 1 App 2 App 3 OS PT PF Handler PT IRQ CPU RAM EPC [Xu et al., IEEE S&P’15] EPC: Enclave Page Cache PT: Page Tables PF: Page-Fault SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 17

  13. Page Fault Attacks on SGX Granularity: page 4K, good for big data structures Original Recovered Enclave 1 Enclave 2 App 1 App 2 App 3 Single-trace RSA key recovery from RSA key generation OS PT PF Handler procedure of Intel SGX SSL via controlled-channel attack on PT the binary Euclidean algorithm (BEA) IRQ CPU [Weiser et al., AsiaCCS’18] RAM EPC [Xu et al., IEEE S&P’15] EPC: Enclave Page Cache PT: Page Tables PF: Page-Fault SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 17

  14. Cache Attacks on SGX: Hack in The Box Enclave 1 Enclave 2 App 1 App 2 App 3 CPU Cache RAM EPC EPC: Enclave Page Cache SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 18

  15. Cache Attacks on SGX: Hack in The Box Enclave 1 Enclave 2 App 1 App 2 App 3 CPU Cache RAM EPC EPC: Enclave Page Cache SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 18

  16. Cache Attacks on SGX: Hack in The Box Enclave 1 Enclave 2 App 1 App 2 App 3 observe uses e.g., by Prime & Probe CPU Cache RAM EPC EPC: Enclave Page Cache SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 18

  17. Prime + Probe Prime Victim Probe if (keybit[i] == 0) For each cline Z for each cline Z Code write(Z) read(X) read(Z) else measure_time(read) read(Y) cache line 0 cache line 0 cache line 0 cache line 1 cache line 1 cache line 1 cache line 1 Cache cache line 2 cache line 2 cache line 2 cache line 2 cache line 2 cache line 3 cache line 3 cache line 3 cache line 3 cache line 4 cache line 4 cache line 4 cache line 4 cache line 5 cache line 5 cache line 5 cache line 5 t 0 t 1 t 2 SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 19

  18. Prime + Probe Prime Victim Probe if (keybit[i] == 0) For each cline Z for each cline Z Code write(Z) read(X) read(Z) else measure_time(read) read(Y) cache line 0 cache line 0 cache line 1 cache line 1 cache line 1 Cache cache line 2 cache line 2 cache line 2 cache line 2 cache line 3 cache line 3 cache line 3 cache line 4 cache line 4 cache line 4 cache line 5 cache line 5 cache line 5 t 0 t 1 t 2 SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 19

  19. Prime + Probe Prime Victim Probe if (keybit[i] == 0) For each cline Z for each cline Z Code write(Z) read(X) read(Z) else measure_time(read) read(Y) cache line 0 cache line 0 cache line 1 cache line 1 cache line 1 Cache cache line 2 cache line 2 cache line 2 cache line 2 cache line 3 cache line 3 cache line 3 cache line 4 cache line 4 cache line 4 cache line 5 cache line 5 cache line 5 t 0 t 1 t 2 SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 19

  20. Prime + Probe Prime Victim Probe if (keybit[i] == 0) For each cline Z for each cline Z Code write(Z) read(X) read(Z) else measure_time(read) read(Y) cache line 0 cache line 0 cache line 0 cache line 1 cache line 1 cache line 1 Cache cache line 2 cache line 2 cache line 2 cache line 2 cache line 3 cache line 3 cache line 3 cache line 4 cache line 4 cache line 4 cache line 5 cache line 5 cache line 5 t 0 t 1 t 2 SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 19

  21. Prime + Probe cache line 2 was used by victim Prime Victim Probe if (keybit[i] == 0) For each cline Z for each cline Z Code write(Z) read(X) read(Z) else measure_time(read) read(Y) cache line 0 cache line 0 cache line 0 cache line 1 cache line 1 cache line 1 Cache cache line 2 cache line 2 cache line 2 cache line 3 cache line 3 cache line 3 cache line 4 cache line 4 cache line 4 cache line 5 cache line 5 cache line 5 t 0 t 1 t 2 SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 19

  22. How to measure the time difference? • #1: Time Stamp Counter (TSC) • Not precise enough to reliably distinguish the difference between L1 vs. L2 hits • Reading the time stamp counter by itself suffers from noise • #2: Counting thread: - a thread that only performs a loop that constantly increments a value (basically a timer) - Slows down the victim, can be detected • #3: Performance Monitoring Counter (PMC): - can be configured to count different events: executed cycles, cache hits or cache misses for the different caches, mis-predicted branches, etc. - Anti Side-channel Interference (ASCI) feature: - Can be configured to disable thread-specific performance monitoring of enclaves SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 20

  23. Side-Channel Grand Challenge: Noise • Operating System and any other software running on the platform generate noise • Even attacker’s own code pollutes the cache Prime Other Process Victim Probe cl 0 cl 0 cl 0 cl 0 cl 0 cl 0 cl 1 cl 1 cl 1 cl 1 cl 1 cl 2 cl 2 cl 2 cl 2 cl 2 cl 2 t k t l t m t n SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 21

  24. Side-Channel Grand Challenge: Noise • Operating System and any other software running on the platform generate noise • Even attacker’s own code pollutes the cache Prime Other Process Victim Probe cl 0 cl 0 cl 0 cl 0 cl 0 cl 1 cl 1 cl 1 cl 1 cl 2 cl 2 cl 2 cl 2 cl 2 t k t l t m t n SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 21

  25. Side-Channel Grand Challenge: Noise • Operating System and any other software running on the platform generate noise • Even attacker’s own code pollutes the cache Prime Other Process Victim Probe cl 0 cl 0 cl 0 cl 0 cl 0 cl 0 cl 1 cl 1 cl 1 cl 1 cl 2 cl 2 cl 2 cl 2 cl 2 t k t l t m t n SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 21

  26. Side-Channel Grand Challenge: Noise • Operating System and any other software running on the platform generate noise • Even attacker’s own code pollutes the cache Prime Other Process Victim Probe cl 0 cl 0 cl 0 cl 0 cl 0 cl 0 cl 1 cl 1 cl 1 cl 1 cl 2 cl 2 cl 2 cl 2 cl 2 t k t l t m t n SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 21

  27. Side-Channel Grand Challenge: Noise • Operating System and any other software running on the platform generate noise • Even attacker’s own code pollutes the cache Prime Other Process Victim Probe cl 0 cl 0 cl 0 cl 0 cl 0 cl 1 cl 1 cl 1 cl 1 cl 2 cl 2 cl 2 cl 2 t k t l t m t n SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 21

  28. Side-Channel Grand Challenge: Noise • Operating System and any other software running on the platform generate noise • Even attacker’s own code pollutes the cache cl0 and cl2 were used… Prime Other Process Victim Probe … by the cl 0 cl 0 cl 0 cl 0 cl 0 victim? cl 1 cl 1 cl 1 cl 1 cl 2 cl 2 cl 2 cl 2 t k t l t m t n SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 21

  29. Cache Attacks on SGX App 2 App 3 Enclave 1 Enclave 2 OS SMT SMT Level 1 Branch Pred. CPU Core Level 2 CPU Level 3 RAM EPC EPC: Enclave Page Cache SMT: Simultaneous Multithreading SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 22

  30. Cache Attacks on SGX App 2 App 3 Enclave 1 Enclave 2 OS SMT SMT Level 1 Branch Pred. CPU Core Level 2 CPU Level 3 RAM EPC EPC: Enclave Page Cache SMT: Simultaneous Multithreading SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 22

  31. Cache Attacks on SGX App 2 App 3 Enclave 1 Enclave 2 OS Use CPU internal caches to infer control flow SMT SMT [Lee et al., Usenix Sec’17] & Level 1 Branch Pred. CPU Core [arXiv:1611.06952] Level 2 CPU Level 3 RAM EPC EPC: Enclave Page Cache SMT: Simultaneous Multithreading SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 22

  32. Cache Attacks on SGX App 2 App 3 Enclave 1 Enclave 2 OS Use CPU internal caches to infer Prime + probe attack from malicious control flow SMT SMT OS extracting genome data [Lee et al., Usenix Sec’17] & Level 1 Branch Pred. CPU Core [Brasser et al., WOOT’17] [arXiv:1611.06952] Level 2 CPU Level 3 Use standard prime + probe to detect key dependent memory Use prime + probe to extract key accesses, interrupt enclave from synchronized victim enclave RAM EPC [Moghimi et al., arXiv:1703.06986] [Götzfried et al., EuroSec’17] EPC: Enclave Page Cache SMT: Simultaneous Multithreading SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 22

  33. Cache Attacks on SGX A malicious enclave prime + probes another enclave, evading detection [Schwarz et al., DIMVA’17 & arXiv:1702.08719] App 2 App 3 Enclave 1 Enclave 2 OS Use CPU internal caches to infer Prime + probe attack from malicious control flow SMT SMT OS extracting genome data [Lee et al., Usenix Sec’17] & Level 1 Branch Pred. CPU Core [Brasser et al., WOOT’17] [arXiv:1611.06952] Level 2 CPU Level 3 Use standard prime + probe to detect key dependent memory Use prime + probe to extract key accesses, interrupt enclave from synchronized victim enclave RAM EPC [Moghimi et al., arXiv:1703.06986] [Götzfried et al., EuroSec’17] EPC: Enclave Page Cache SMT: Simultaneous Multithreading SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 22

  34. SGX Side-Channel Attacks Comparison Observed Interrupting Time Attacker Attacked Attack Type Cache Victim Measurement Code Victim Branch RSA & SVM Lee et al. BTB / LBR Yes Execution Timing OS Shadowing classifier Moghimi et al. Prime + Probe L1(D) Yes TCS OS AES Götzfried et al. Prime + Probe L1(D) No PCM OS AES RSA & Our Attack Prime + Probe L1(D) No PCM OS Genome Sequencing Schwarz et al. Prime + Probe L3 No Counting Thread Enclave AES PCM: Performance Counter Monitor BTB: Branch Target Buffer LBR: Last Branch Record TSC: Time Stamp Counter SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 23

  35. Our Attack [Brasser et al., WOOT’17] Process m+1 OS SMT SMT SMT SMT PCM L1 L1 Core 0 Core n PCM: Performance Counter Monitor | SMT: Simultaneous Multithreading | APIC: Advanced Programmable Interrupt Controller SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 24

  36. Our Attack [Brasser et al., WOOT’17] Process m+1 OS SMT SMT SMT SMT PCM L1 L1 Core 0 Core n PCM: Performance Counter Monitor | SMT: Simultaneous Multithreading | APIC: Advanced Programmable Interrupt Controller SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 24

  37. Our Attack [Brasser et al., WOOT’17] Process Process Process Process Process Attacker Victim m+1 m 1 2 n OS SMT SMT SMT SMT PCM L1 L1 Core 0 Core n PCM: Performance Counter Monitor | SMT: Simultaneous Multithreading | APIC: Advanced Programmable Interrupt Controller SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 24

  38. Our Attack [Brasser et al., WOOT’17] Uninterrupted execution Process Process Process Process Process Attacker • Attacker assigns victim and attacker code to the Victim m+1 m same core, all other tasks to others 1 2 n • Attacker assigns victim and attacker code to different SMT threads • Monitors only one cache set per execution to increase measurement resolution OS SMT SMT SMT SMT PCM L1 L1 Core 0 Core n PCM: Performance Counter Monitor | SMT: Simultaneous Multithreading | APIC: Advanced Programmable Interrupt Controller SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 24

  39. Our Attack [Brasser et al., WOOT’17] Process Process Process Process Process Attacker Victim m+1 m 1 2 n OS Handler Handler Handler Handler SMT SMT SMT SMT APIC PCM L1 L1 Core 0 Core n PCM: Performance Counter Monitor | SMT: Simultaneous Multithreading | APIC: Advanced Programmable Interrupt Controller SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 24

  40. Our Attack [Brasser et al., WOOT’17] Process Process Process Process Process Attacker Victim m+1 m 1 2 n OS Handler Handler SMT SMT SMT SMT APIC PCM L1 L1 Core 0 Core n PCM: Performance Counter Monitor | SMT: Simultaneous Multithreading | APIC: Advanced Programmable Interrupt Controller SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 24

  41. Our Attack [Brasser et al., WOOT’17] Process Process Process Process Process Attacker Victim m+1 m 1 2 n Reducing noise OS Use kernel sysfs interface to assign interrupts Handler Handler to other cores • Timer interrupt (per thread) cannot be reassigned • Lowered timer frequency to 100Hz (i.e., every 10ms) SMT SMT SMT SMT APIC PCM L1 L1 Core 0 Core n PCM: Performance Counter Monitor | SMT: Simultaneous Multithreading | APIC: Advanced Programmable Interrupt Controller SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 24

  42. Our Attack [Brasser et al., WOOT’17] Process Process Process Process Process Attacker Victim m+1 m 1 2 n OS Handler Handler Probe SMT SMT SMT SMT APIC PCM L1 L1 Core 0 Core n PCM: Performance Counter Monitor | SMT: Simultaneous Multithreading | APIC: Advanced Programmable Interrupt Controller SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 24

  43. Our Attack [Brasser et al., WOOT’17] Process Process Process Process Process Attacker Victim m+1 m 1 2 n OS Handler Handler Probe Prime+Probe attack using L1 data cache • Eviction detection using Performance Counter SMT SMT SMT SMT Monitor (L1D_REPLACEMENT) • Anti Side-Channel Interference (ASCI) not effective, APIC monitoring cache events of attacker possible PCM L1 L1 Core 0 Core n PCM: Performance Counter Monitor | SMT: Simultaneous Multithreading | APIC: Advanced Programmable Interrupt Controller SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 24

  44. Our Attack Use-Cases [arXiv:1702.07521] [Brasser et al., WOOT 2017] • Attacking open source k-mer analysis tool • Attacking RSA implementation from the PRIMEX [Lexa et al., Bioinformatics 2003] Intel IIP crypto library in the Intel SGX SDK • Extracting genome sequences • Extracting 2048-bit RSA decryption key SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 25

  45. Extracting RSA decryption key 26

  46. RSA Key Exfiltration: Victim Enclave • RSA Decryption: m = c d (mod N) SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 27

  47. RSA Key Exfiltration: Victim Enclave • RSA Decryption: m = c d (mod N) SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 27

  48. RSA Key Exfiltration: Victim Enclave • RSA Decryption: m = c d (mod N) Secret-dependent memory access! SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 27

  49. Fixed-size Sliding Window Exponentiation e j-1 e j-2 e 0 e j e j-3 0110 1111 0001 0011 1011 Exponent e = (e j , e j-1 , …, e 0 ) … Set 13 Multiplier 1 Set 14 Set 15 Multiplier 2 Set 16 Set 17 Multiplier 3 Set 18 … … Set 41 Multiplier 15 Set 42 Multiplier Table g L1 Cache SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 28

  50. Fixed-size Sliding Window Exponentiation e j-1 e j-2 e 0 e j e j-3 0110 1111 0001 0011 1011 Exponent e = (e j , e j-1 , …, e 0 ) … Set 13 Multiplier 1 Set 14 Set 15 Multiplier 2 Set 16 Set 17 Multiplier 3 Set 18 … … Set 41 Multiplier 15 Set 42 Multiplier Table g L1 Cache SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 28

  51. Fixed-size Sliding Window Exponentiation e j-1 e j-2 e 0 e j e j-3 0110 1111 0001 0011 1011 Exponent e = (e j , e j-1 , …, e 0 ) … Set 13 Multiplier 1 Set 14 Set 15 Multiplier 2 Set 16 Set 17 Multiplier 3 Set 18 … … Set 41 Multiplier 15 Set 42 Multiplier Table g L1 Cache SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 28

  52. Fixed-size Sliding Window Exponentiation e j-1 e j-2 e 0 e j e j-3 0110 1111 0001 0011 1011 Exponent e = (e j , e j-1 , …, e 0 ) … Set 13 Multiplier 1 Set 14 Set 15 Multiplier 2 Set 16 Set 17 Multiplier 3 Set 18 … … Set 41 Multiplier 15 Set 42 Multiplier Table g L1 Cache SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 28

  53. Attack Result • 2048-bit Chinese Remainder Theorem RSA key • Only 300 decryptions to leak 70% of key bits • Enough to recover key [Heninger et. al., CRYPTO’09] Time Each colored dot represents a multiplier access candidate, 15 monitoring rounds SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 29

  54. Attack Result • 2048-bit Chinese Remainder Theorem RSA key • Only 300 decryptions to leak 70% of key bits • Enough to recover key [Heninger et. al., CRYPTO’09] Time Each colored dot represents a multiplier access candidate, 15 monitoring rounds SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 29

  55. Attack Result • 2048-bit Chinese Remainder Theorem RSA key • Only 300 decryptions to leak 70% of key bits • Enough to recover key [Heninger et. al., CRYPTO’09] Time Each colored dot represents a multiplier access candidate, 15 monitoring rounds SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 29

  56. Attack Result • 2048-bit Chinese Remainder Theorem RSA key • Only 300 decryptions to leak 70% of key bits • Enough to recover key [Heninger et. al., CRYPTO’09] Time Each colored dot represents a multiplier access candidate, 15 monitoring rounds SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 29

  57. Attack Result • 2048-bit Chinese Remainder Theorem RSA key • Only 300 decryptions to leak 70% of key bits • Enough to recover key [Heninger et. al., CRYPTO’09] Time Each colored dot represents a multiplier access candidate, 15 monitoring rounds SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 29

  58. Attack Result • 2048-bit Chinese Remainder Theorem RSA key • Only 300 decryptions to leak 70% of key bits • Enough to recover key [Heninger et. al., CRYPTO’09] Time Each colored dot represents a multiplier access candidate, 15 monitoring rounds SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 29

  59. Attack Result • 2048-bit Chinese Remainder Theorem RSA key • Only 300 decryptions to leak 70% of key bits • Enough to recover key [Heninger et. al., CRYPTO’09] Time Each colored dot represents a multiplier access candidate, 15 monitoring rounds SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 29

  60. Attack Result • 2048-bit Chinese Remainder Theorem RSA key • Only 300 decryptions to leak 70% of key bits • Enough to recover key [Heninger et. al., CRYPTO’09] Time Each colored dot represents a multiplier access candidate, 15 monitoring rounds SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 29

  61. Genome Sequencing Genome Analysis Enclave (e.g. PRIMEX) SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 31

  62. Genome Sequencing Genome Analysis Enclave (e.g. PRIMEX) Encrypted Genome Sequence TTGACCCACTGAATCACGTCTG… SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 31

  63. Genome Sequencing Genome Analysis Enclave (e.g. PRIMEX) Pre-processing Analysis • Split input into • Statistical Encrypted Genome Sequence sub-sequences analysis, e.g., to (k-mer) identify TTGACCCACTGAATCACGTCTG… • Store k-mer correlation in positions in hash- the data table SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 31

  64. Genome Sequencing Genome Analysis Enclave (e.g. PRIMEX) Attacker’s goal: Identify k -mer sequences in the input string, allowing the identification of individuals Pre-processing Analysis • Split input into • Statistical Encrypted Genome Sequence sub-sequences analysis, e.g., to (k-mer) identify TTGACCCACTGAATCACGTCTG… • Store k-mer correlation in positions in hash- the data table ATCGATCGATCG… SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 31

  65. Some Basics on Human Genomes TTGACCCACTGAATCACGTCTGACCGCGCGTACGCGG TCACTTGCGGTGCCGTTTTCTTTGTTACCGACGACCG ACCAGCGACAGCCACCGCGCGCTCACTGCCACCAAAA GAGTCATATCGATCGATCGATCGATCGATCGATCGAT CGATCGATCGATCGATCGATCGATCGATCGATCATCA CAGCCGACCAGTTTCTGGAACGTTCCCGATACTGGAA CGGTCCTAATGCAGTATCCCACCCTCCTTCCATCGAC GCCAGTCGAATCACGCCGCCAGCCACCGTCCGCCAGC CGGCCAGAATACCGATGACTCGGCGGTCTCGTGTCGG TGCCGGCCTCGCAGCCATTGTACTGGCCCTGGCCGCA GTGTCGGCTGCCGCTCCGATTGCCGGGGCGCAGTCCG CCGGCAGCGGTGCGGTCTCAGTCACCATCGGCGACGT GGACGTCTCGCCTGCGAACCCAACCACGGGCACGCAG GTGTTGATCACCCCGTCGATCAACAACTCCGGATCGG CAAGCGGGTCCGCGCGCGTCAACGAGGTCACGCTGCG CGGCGACGGTCTCCTCGCAACGGAAGACAGCCTGGGG SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 32

  66. Some Basics on Human Genomes • Nucleobases TTGACCCACTGAATCACGTCTGACCGCGCGTACGCGG TCACTTGCGGTGCCGTTTTCTTTGTTACCGACGACCG • Adenine (A) ACCAGCGACAGCCACCGCGCGCTCACTGCCACCAAAA GAGTCATATCGATCGATCGATCGATCGATCGATCGAT • Cytosine (C) CGATCGATCGATCGATCGATCGATCGATCGATCATCA • Guanine (G) CAGCCGACCAGTTTCTGGAACGTTCCCGATACTGGAA CGGTCCTAATGCAGTATCCCACCCTCCTTCCATCGAC • Thymine (T) GCCAGTCGAATCACGCCGCCAGCCACCGTCCGCCAGC CGGCCAGAATACCGATGACTCGGCGGTCTCGTGTCGG • Microsatellite TGCCGGCCTCGCAGCCATTGTACTGGCCCTGGCCGCA GTGTCGGCTGCCGCTCCGATTGCCGGGGCGCAGTCCG • Forensic analysis CCGGCAGCGGTGCGGTCTCAGTCACCATCGGCGACGT GGACGTCTCGCCTGCGAACCCAACCACGGGCACGCAG • Genetic fingerprinting GTGTTGATCACCCCGTCGATCAACAACTCCGGATCGG CAAGCGGGTCCGCGCGCGTCAACGAGGTCACGCTGCG • Kinship analysis CGGCGACGGTCTCCTCGCAACGGAAGACAGCCTGGGG SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 32

  67. Genome Pre-Processing A G C A G C A T C A G G T A C … Indexer … Hash Table SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 33

  68. Genome Pre-Processing A G C A G C A T C A G G T A C … 0 Indexer … Hash Table SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 33

  69. Genome Pre-Processing A G C A G C A T C A G G T A C … 0 1 Indexer … Hash Table SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 33

  70. Genome Pre-Processing A G C A G C A T C A G G T A C … 0 1 2 Indexer … Hash Table SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 33

  71. Genome Pre-Processing A G C A G C A T C A G G T A C … 0 3 1 2 Indexer … Hash Table SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 33

  72. Genome Pre-Processing • Hash table access pattern A G C A G C A T C A G G T A C … • Hash table entry 8 bytes • Cache line size 64 bytes • Collisions 0 3 • Genome unstructured 1 • Microsatellites structured 2 Indexer … Hash Table SEPTEMBER 9 – 13, 2019 CROSSING Summer School on Sustainable Security & Privacy 33

Recommend

Navigating the Pitfalls and Promises of Network Security Monitoring (NSM) Who are we? Dr. Scott

Navigating the Pitfalls and Promises of Network Security Monitoring (NSM) Who are we? Dr. Scott

Navigating the Pitfalls and Promises of Network Security Monitoring (NSM) Who are we? Dr. Scott Miserendino Michael Gora Chief Data Scientist System Architect Cyber Security Start-Up Started in 2013 Born out of a large defense

342 views • 19 slides
SoK: The Challenges, Pitfalls, and Perils of Using Hardware Performance Counters for Security

SoK: The Challenges, Pitfalls, and Perils of Using Hardware Performance Counters for Security

SoK: The Challenges, Pitfalls, and Perils of Using Hardware Performance Counters for Security Sanjeev Das , Jan Werner, Manos Antonakakis, Michalis Polychronakis, and Fabian Monrose SoK: The Challenges, Pitfalls, and Perils of Using Hardware

529 views • 28 slides
What are the Pitfalls for Bangladesh? Presented by Towfiqul Islam Khan Research Fellow, CPD 10

What are the Pitfalls for Bangladesh? Presented by Towfiqul Islam Khan Research Fellow, CPD 10

Public Dialogue on Bangladeshs Graduation from the LDC Group Pitfalls and Promises Session Three: Graduating in a Brave New World Pursuing a Graduation Strategy within the Global and Regional Environment What are the Pitfalls for

650 views • 24 slides
SoK: A Study of Using Hardware- assisted Isolated Execu<on Environments for Security Fengwei

SoK: A Study of Using Hardware- assisted Isolated Execu<on Environments for Security Fengwei

SoK: A Study of Using Hardware- assisted Isolated Execu<on Environments for Security Fengwei Zhang Wayne State University Detroit, Michigan, USA Wayne State University CSC 6991 Topics in Computer Security 1 Overview Of The Talk

795 views • 28 slides
Pitfalls and Promises BJ Brew and T Burdo October 26, 2016 Disclosures BJ Brew

Pitfalls and Promises BJ Brew and T Burdo October 26, 2016 Disclosures BJ Brew

HAND Peripheral and CSF Biomarkers: Pitfalls and Promises BJ Brew and T Burdo October 26, 2016 Disclosures BJ Brew Relationships with commercial interests Grants: NIH, NHMRC; Research support: Biogen Idec, Viiv Patent: QUIN mAB

1.07k views • 85 slides
Bangladeshs Graduation from the LDC Group Pitfalls and Promises Session Three: Graduating in a

Bangladeshs Graduation from the LDC Group Pitfalls and Promises Session Three: Graduating in a

Public Dialogue on Bangladeshs Graduation from the LDC Group Pitfalls and Promises Session Three: Graduating in a Brave New World Bangladeshs Pursuit of the 2030 Agenda Will It Facilitate Smooth Transition after LDC Graduation? Presented

366 views • 26 slides
Practical Secure Two-Party Computation and Applications Lecture 4: Hardware-Assisted

Practical Secure Two-Party Computation and Applications Lecture 4: Hardware-Assisted

Practical Secure Two-Party Computation and Applications Lecture 4: Hardware-Assisted Cryptographic Protocols Estonian Winter School in Computer Science 2016 Motivation 2 Two Areas Cryptographic Protocols Secure Hardware strong security

759 views • 52 slides
HEX Switch: Hardware-assisted security extensions of OpenFlow Taejune Park / KAIST /

HEX Switch: Hardware-assisted security extensions of OpenFlow Taejune Park / KAIST /

HEX Switch: Hardware-assisted security extensions of OpenFlow Taejune Park / KAIST / taejune.park@kaist.ac.kr Zhaoyan Xu / StackRox Inc. / z@stackrox.com Seungwon Shin / KAIST / claude@kaist.ac.kr Software-Defined Networking

673 views • 36 slides
promises and pitfalls Lina Gega, Paul Strickland, Owen Barry, Peter Langdon & Leen

promises and pitfalls Lina Gega, Paul Strickland, Owen Barry, Peter Langdon & Leen

Technology-mediated interventions to improve psychological and social skills: promises and pitfalls Lina Gega, Paul Strickland, Owen Barry, Peter Langdon & Leen Vereenooghe Background Two types of technology: Virtual Environments with

744 views • 27 slides
Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security

Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security

SP SPACE ACE 201 2016 Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security Security: : New Front New Frontiers iers Swarup Bhunia Professor Electrical & Computer Engineering SPACE | Dec 2016 1

607 views • 29 slides
The Promises and Pitfalls of Factor Timing PRESENTER Jennifer Bender, State Street Global

The Promises and Pitfalls of Factor Timing PRESENTER Jennifer Bender, State Street Global

The Promises and Pitfalls of Factor Timing PRESENTER Jennifer Bender, State Street Global Advisors CO-AUTHORS Xiaole Sun, Ric Thomas and Vladimir Zdorovtsov, State Street Global Advisors DISCUSSANT Josephine Smith, BlackRock Outline

1.17k views • 48 slides
Endorse Brand - free Hardware Security Web + Hardware Security is much, much more than just:

Endorse Brand - free Hardware Security Web + Hardware Security is much, much more than just:

Why W3C needs to Remain Neutral and Endorse Brand - free Hardware Security Web + Hardware Security is much, much more than just: Image source: halfelf.org It is about decentralizing ID validation and key storage (my religion)

522 views • 16 slides
HARDSPLOIT Framework for Hardware Security Audit a bridge between hardware & a so0ware

HARDSPLOIT Framework for Hardware Security Audit a bridge between hardware & a so0ware

HARDSPLOIT Framework for Hardware Security Audit a bridge between hardware & a so0ware pentester Who am I ? Julien Moinard - Electronic engineer @opale-security (French company) - Security consultant, Hardware & SoDware pentester -

803 views • 40 slides
CrypTech October 2018 Barcelona Hardware Security Module From Wikipedia: A hardware security

CrypTech October 2018 Barcelona Hardware Security Module From Wikipedia: A hardware security

CrypTech October 2018 Barcelona Hardware Security Module From Wikipedia: A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides crypto processing. These

977 views • 34 slides
Cryptech The Open Hardware Security Module Platform Joachim Strmbergson ::1 Assured AB

Cryptech The Open Hardware Security Module Platform Joachim Strmbergson ::1 Assured AB

Cryptech The Open Hardware Security Module Platform Joachim Strmbergson ::1 Assured AB https://github.com/secworks IT security Embedded systems ASIC, FPGA Biometrics Open Crypto Hardware CPU design Assembly hacking Hardware Security

896 views • 50 slides
Taming Transactions: Towards Hardware-Assisted Control Flow Integrity using Transactional Memory

Taming Transactions: Towards Hardware-Assisted Control Flow Integrity using Transactional Memory

The 19th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2016) Taming Transactions: Towards Hardware-Assisted Control Flow Integrity using Transactional Memory Marius Muench, Fabio Pagani, Yan Shoshitaishvili,

559 views • 25 slides
Efficient Hardware-assisted Logging with Asynchronous and Direct Update for Persistent Memory

Efficient Hardware-assisted Logging with Asynchronous and Direct Update for Persistent Memory

Efficient Hardware-assisted Logging with Asynchronous and Direct Update for Persistent Memory Jungi Jeong , Chang Hyun Park, Jaehyuk Huh, and Seungryoul Maeng International Symposium on Microarchitecture (MICRO) 2018 Storage-Class Memory

1.95k views • 155 slides
Principles, not Promises Principles, not Promises Proverbs 3:12 but keep my commands in

Principles, not Promises Principles, not Promises Proverbs 3:12 but keep my commands in

Principles, not Promises Principles, not Promises Proverbs 3:12 but keep my commands in your heart, for they will prolong your life many years Principles, not Promises Proverbs 3:910 Honor the LORD with your wealth then your

396 views • 26 slides
CO CO 447 | LEC EC 4 ADVANCED TOPICS OF WEB SECURITY MODEL AND ITS PITFALLS BROWSER

CO CO 447 | LEC EC 4 ADVANCED TOPICS OF WEB SECURITY MODEL AND ITS PITFALLS BROWSER

CO CO 447 | LEC EC 4 ADVANCED TOPICS OF WEB SECURITY MODEL AND ITS PITFALLS BROWSER VULNERABILITIES Dr. Benjamin Livshits Drive-by malware 3 4 Go Google le patch ches Chrome zero-da day under under active e at attacks 6 Con

920 views • 62 slides
Hardware Security Group at Lab-STICC 8 faculties and 12 PhD students / postdocs / ATER /

Hardware Security Group at Lab-STICC 8 faculties and 12 PhD students / postdocs / ATER /

Hardware Security Group at Lab-STICC 8 faculties and 12 PhD students / postdocs / ATER / engineers Hardware security for embedded systems: memory and communication protection Arithmetic Tradeoffs on Performance/Cost/Security secure

310 views • 14 slides
for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1

for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1

Attacker Models for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1 Security-sensitive hardware: examples 2 Naive attacker model Attacks on communication channels exploiting lousy crypto or insecure

904 views • 45 slides
Cracking Drupal Security concepts and pitfalls Klaus Purer Peter Wolanin Security strategies

Cracking Drupal Security concepts and pitfalls Klaus Purer Peter Wolanin Security strategies

Cracking Drupal Security concepts and pitfalls Klaus Purer Peter Wolanin Security strategies Trust - who can do what Principle of least privilege - each site user should have only the permissions necessary to do their job Defense

623 views • 36 slides
Position Paper: Challenges Towards Securing Hardware-assisted Execution Environments Zhenyu Ning 1

Position Paper: Challenges Towards Securing Hardware-assisted Execution Environments Zhenyu Ning 1

Position Paper: Challenges Towards Securing Hardware-assisted Execution Environments Zhenyu Ning 1 Fengwei Zhang 1 Weisong Shi 1 Larry Shi 2 1 Wayne State University 2 University of Houston November 21, 2019 1 Overview of The Talk Motivation

575 views • 24 slides
HOOP: Efficient Hardware-Assisted Out-of-Place Update for Non-Volatile Memory Miao Cai Chance

HOOP: Efficient Hardware-Assisted Out-of-Place Update for Non-Volatile Memory Miao Cai Chance

HOOP: Efficient Hardware-Assisted Out-of-Place Update for Non-Volatile Memory Miao Cai Chance Coats Jian Huang Systems Platform Research Group Non-Volatile Memory is a Revolutionary Technology Close-to-DRAM Performance Data

367 views • 21 slides

More recommend