what s necessary to establish malware freedom
play

Whats Necessary to Establish Malware Freedom Unconditionally? - PowerPoint PPT Presentation

Whats Necessary to Establish Malware Freedom Unconditionally? Virgil D. Gligor ECE and CyLab Carnegie Mellon University Pittsburgh, PA 15213 FCS Workshop Boston June 22, 2020 06/22/2020 1 Outline I. Background - adversary: persistent


  1. What’s Necessary to Establish Malware Freedom Unconditionally? Virgil D. Gligor ECE and CyLab Carnegie Mellon University Pittsburgh, PA 15213 FCS Workshop Boston June 22, 2020 06/22/2020 1

  2. Outline I. Background - adversary: persistent malware & its remote controller - malware-free state? unconditionally ? - a sufficient solution for the cWRAM model II. What’s necessary on real systems ? - external verifiers and challenge functions challenge functions: - optimal space-time bounds (m. t) - unique (m, t) bounds for code - target claw free within (m, t) bounds III. Q & A 06/22/2020 2

  3. I. Background V. Gligor and M. Woo, “ Establishing Software Root of Trust Unconditionally ,” in Proc. of NDSS , San Diego, CA. 2019. (full length paper - CyLab TR 2018 -003 , Nov. 2018) V. Gligor, “ A Rest Stop on the Unending Road to Provable Security ” in Proc. of SPW , Cambridge University, UK, 2019 (article and transcript of discussion) 06/22/2020 3

  4. CPU 0 Baseboard GPU CPU 1 controller Memory 1 Memory 0 CPU R M RAM Bus System CPU 4 CPU 2 remote controller Memory 4 Memory 2 persistent malware NIC CPU 3 - survives power cycles, trusted boots, and re-flashing Disk controller - under security monitors & anti-malware tools Memory 3 Don’t - no observable (hyper)properties USB controller Care 06/22/2020 4

  5. Adversary: persistent malware & its remote controller 06/22/2020 5

  6. persistent malware can - extract all software secrets stored on its computer - modify all SW/FW; e.g., at system initialization - read/write all I/O channels & communicate with remote controller - adaptively modify programs and data & execute any function on chosen input but - cannot access the processors & storage (e.g., random bits) of a connected system remote controller can - exercise all attacks that implant persistent malware on remote system - communicate with & control persistent malware - use unbounded computation power: e.g., break all complexity-based crypto but - cannot predict Nature’s throw of fair dice . . . or random bits of an QRNG - cannot modify a system’s HW 06/22/2020 6

  7. Malware-free states? Unconditionally? 06/22/2020 7

  8. Persistent malware has no externally observable (hyper)properties Q : How can malware-free states be established (w/o taking the system apart) ? A: RoT state (“ all and only chosen content ”) => malware-free state RoT failure => detect malware execution or unaccounted content ` (e.g., malware caused), or both Unconditional Establishment of RoT State - no secrets, no trusted HW modules, no bounds on remote adversary’s power - need only truly random bits & HW specifications 06/22/2020 8

  9. A Sufficient Solution on the cWRAM CPU General Purpose Regs processor state R Device random Specs bits M Initialize m-t optimal code nonce External C m,t v C nonce ß Verifier C nonce ( v )? unique & target claw free t ? OK => RoT on malware-free Device 9 06/22/2020

  10. Overview: cWRAM ISA++ - Constants: w -bit word , up to 2 operands /instruction - Constants: w -bit word , up to 2 operands /instruction instructions execute in unit time ; no cycles, frequency, voltage, current, … instructions execute in unit time ; no cycles, frequency, voltage, current, … - Memory : M words - Memory : M words - Processor registers : GPRs, PC, PSW, Special Processor Registers R - Processor registers : GPRs, PC, PSW, Special Processor Registers R - Addressing : immediate, relative, direct, indirect - Addressing : immediate, relative, direct, indirect - Architecture features: caches, virtual memory, TLBs, pipelining, multi-core processors - Architecture features: caches, virtual memory, TLBs, pipelining, multi-core processors - ISA: all (un)signed integer instructions M M - All Loads, Stores, Register transfers - All Unconditional & Conditional Branches, all branch types - all predicates with 1 or 2 operands - Halt - All Computation Instructions : - addition, subtraction, logic, shift r/l (R i , α), rotate r/l (R i , α), . . . - variable shift r/l (R i , R j ), variable rotate r/l (R i , R j ), . . . - multiplication (1 register output). . . - mod (aka., division-with-remainder) . . . 06/22/2020 10

  11. random What is a nonce? bits C m,t on cWRAM? { r 0 …r k-1 ,x } Z p $ nonce k-1 0 v i ) Ÿ x i (mod p ), s i = Σ r j (i+1) j (mod p ) H r 0 …r k-1 ,x( v ) = Σ + ( s i j = 0 d = | v |-1 i = d k-independent (almost) universal hash functions randomized polynomial family H r 0 …r k-1 ,x( v ) = H d,k,x ( v ) unique m-t optimal bounds on cWRAM code: m = k + 22, t = (6 k - 4)6 d (m’,t’) “<“ ( m , t ) => Pr [ nonce, f , y : f ( y ) = H d,k,x ( v ) | (m’,t’) ] ≤ 3 Ε Ε p target claw free within the m-t bounds 06/22/2020 11

  12. II. What’s necessary on real systems ? untrusted CPU-Memory System trustworthy challenge function executes C nonce Î { C m,t } selection: External nonce on input v Verifier { C m,t } satisfies: measurement: N 1 system response N 2 N 3 N 4 N 1 : existence of external verifier & challenge function N 2 : find a concrete space-time optimal bound: ( m,t ) N 3 : ( m,t ) is unique for program code N 4 : target claw free within ( m,t ) 06/22/2020 12

  13. (un)trusted? no 1. external verifiers system challenge & challenge functions function External proof of Observer malware freedom ? untrusted system 2 Protocols for n Detectable Properties establish => all n systems are trusted untrusted system 1 abort => ≤ n -1 systems are untrusted Detectable malware free? Property system 3 untrusted 13 06/22/2020

  14. (un)trusted? no 1. external verifiers system challenge & challenge functions function External proof of Observer malware freedom ? untrusted system 2 Necessity trustworthy? trustworthy system 1 challenge Unconditionally Detectable External malware function Byzantine Agreement Verifier for Broadcast free? system with probability 1 - ε response malware-free probability ≥ 1 - ε system 3 untrusted Legend : synchronous private channel 14 06/22/2020

  15. (un)trusted? no 1. external verifiers system challenge & challenge functions function External proof of Observer malware freedom ? untrusted system 2 Necessity trustworthy? trustworthy system 1 challenge Unconditionally Detectable External malware function Byzantine Agreement for Verifier Rational Consensus free? system with probability 1 - ε response malware-free probability ≥ 1 - ε system 3 untrusted Legend : synchronous private channel 15 06/22/2020

  16. (un)trusted? no 1. external verifiers system challenge & challenge functions function External proof of Observer malware freedom ? untrusted system 2 Necessity trustworthy? trustworthy system 1 challenge Traditional External malware function Consensus Verifier free? with crashes system response system 3 untrusted Legend : synchronous private channel 16 06/22/2020

  17. 2. find space-time bounds trusted untrusted trustworthy trustworthy system/simulator system challenge challenge External External malware function function Verifier Verifier malware free? baseline actual free C nonce (v) result baseline measurement C nonce (v) = result & = minimum amount of resources used by C nonce baseline = actual? to prevent malware running or hiding const const 37°C current, voltage, frequency, cc, temperature power time E sys ( C nonce ) E sys (C nonce ) measurement accuracy => a specific system initialization & choice of C nonce min E sys (C nonce ) => min. space-time bounds => lower (m,t) bounds = optimal (m,t) bounds min E sys (C nonce ) <≠ optimal (m,t) bounds 06/22/2020 17

  18. 2. find space-time bounds trusted trustworthy system/simulator challenge External function Verifier malware baseline free C nonce (v) baseline measurement min E sys for single core CPUs [DeVogeleer, et al. 2017] ~ mem size const ε const 0 0 E sys,i = (P cpu,i + P drop,i + P back ) · cc i · (1/(f – f k ) + β). for specific system initialization & choice of C nonce E sys (C nonce ) = Σ i E sys,i = ( P cpu,i + P back ) · cc i · (1/f + ε ) const min E sys (C nonce ) => min cc i & min mem size => lower (m,t) bounds = optimal (m,t) bounds min E sys (C nonce ) <≠ optimal (m,t) bounds of C nonce 06/22/2020 18

  19. 3. unique m-t bounds for C m,t program code execution execution time time verifier requests cWRAM initialization T T C m,T C m,T code code malware performs time C mem,time its initialization t+δt code t C M,t M – m C M,t input u’ input u code on disk code mem m +|u| M +|u| m M memory memory space space 3 space-time optimal program families C M,t δt = time to transfer M – m to/from disk T / t > 1 + δ , 0 < δ < 1; T / t > 3 in practice a) single choice : C m,t ; e.g., ( M,t ) b) C m,t = second pre-image free: u’ ≠ u => C nonce (u’) ≠ C nonce (u), whp . c) C m,t code identity in (m,t) : C nonce code in v => C nonce ( v ) is unique in (m,t), whp . 06/22/2020 19

  20. 4. target claw-free in (m,t) untrusted system nonce persistent malware remote adversary y round-trip C nonce Î { C m,t } time T v trustworthy f nonce input v C nonce ( v ) = r External C nonce response Verifier v r r, (m,t) C nonce Î { C m,t } f i , f j Î { F }, not arbitrary x j poly time f j => hardness conjectures f i and/or secrets x i r on any system 06/22/2020 20

Recommend


More recommend