Securing Interruptible Enclaved Execution on Small Microprocessors

2021 ◽  
Vol 43 (3) ◽  
pp. 1-77
Author(s):  
Matteo Busi ◽  
Job Noorman ◽  
Jo Van Bulck ◽  
Letterio Galletta ◽  
Pierpaolo Degano ◽  
...  

Computer systems often provide hardware support for isolation mechanisms such as privilege levels, virtual memory, or enclaved execution. Over the past years, several successful software-based side-channel attacks have been developed that break, or at least significantly weaken, the isolation that these mechanisms offer. Extending a processor with new architectural or micro-architectural features brings a risk of introducing new software-based side-channel attacks. This article studies the problem of extending a processor with new features without weakening the security of the isolation mechanisms that the processor offers. Our solution is heavily based on techniques from research on programming languages. More specifically, we propose to use the programming language concept of full abstraction as a general formal criterion for the security of a processor extension. We instantiate the proposed criterion to the concrete case of extending a microprocessor that supports enclaved execution with secure interruptibility. This is a very relevant instantiation, as several recent papers have shown that interruptibility of enclaves leads to a variety of software-based side-channel attacks. We propose a design for interruptible enclaves and prove that it satisfies our security criterion. We also implement the design on an open-source enclave-enabled microprocessor and evaluate the cost of our design in terms of performance and hardware size.

Author(s):  
Si Gao ◽  
Ben Marshall ◽  
Dan Page ◽  
Elisabeth Oswald

Masking is a well loved and widely deployed countermeasure against side channel attacks, in particular in software. Under certain assumptions (w.r.t. independence and noise level), masking provably prevents attacks up to a certain security order and leads to a predictable increase in the number of required leakages for successful attacks beyond this order. The noise level in typical processors where software masking is used may not be very high, thus low masking orders are not sufficient for real world security. Higher order masking however comes at a great cost, and therefore a number techniques have been published over the years that make such implementations more efficient via parallelisation in the form of bit or share slicing. We take two highly regarded schemes (ISW and Barthe et al.), and some corresponding open source implementations that make use of share slicing, and discuss their true security on an ARM Cortex-M0 and an ARM Cortex-M3 processor (both from the LPC series). We show that micro-architectural features of the M0 and M3 undermine the independence assumptions made in masking proofs and thus their theoretical guarantees do not translate into practice (even worse it seems unpredictable at which order leaks can be expected). Our results demonstrate how difficult it is to link theoretical security proofs to practical real-world security guarantees.


2012 ◽  
Vol 2012 ◽  
pp. 1-9 ◽  
Author(s):  
Laurent Sauvage ◽  
Sylvain Guilley ◽  
Florent Flament ◽  
Jean-Luc Danger ◽  
Yves Mathieu

Side channel and fault injection attacks are major threats to cryptographic applications of embedded systems. Best performances for these attacks are achieved by focusing sensors or injectors on the sensible parts of the application, by means of dedicated methods to localise them. Few methods have been proposed in the past, and all of them aim at pinpointing the cryptoprocessor. However it could be interesting to exploit the activity of other parts of the application, in order to increase the attack's efficiency or to bypass its countermeasures. In this paper, we present a localisation method based on cross-correlation, which issues a list of areas of interest within the attacked device. It realizes an exhaustive analysis, since it may localise any module of the device, and not only those which perform cryptographic operations. Moreover, it also does not require a preliminary knowledge about the implementation, whereas some previous cartography methods require that the attacker could choose the cryptoprocessor inputs, which is not always possible. The method is experimentally validated using observations of the electromagnetic near field distribution over a Xilinx Virtex 5 FPGA. The matching between areas of interest and the application layout in the FPGA floorplan is confirmed by correlation analysis.


Author(s):  
Daniel Genkin ◽  
Romain Poussier ◽  
Rui Qi Sim ◽  
Yuval Yarom ◽  
Yuanjing Zhao

Over the past two decades, cache attacks have been identified as a threat to the security of cipher implementations. These attacks recover secret information by combining observations of the victim cache accesses with the knowledge of the internal structure of the cipher. So far, cache attacks have been applied to ciphers that have fixed state transformations, leaving open the question of whether using secret, key-dependent transformations enhances the security against such attacks. In this paper we investigate this question. We look at an implementation of the North Korean cipher Pilsung, as reverse-engineered by Kryptos Logic. Like AES, Pilsung is a permutation-substitution cipher, but unlike AES, both the substitution and the permutation steps in Pilsung depend on the key, and are not known to the attacker. We analyze Pilsung and design a cache-based attack. We improve the state of the art by developing techniques for reversing secret-dependent transformations. Our attack, which requires an average of eight minutes on a typical laptop computer, demonstrates that secret transformations do not necessarily protect ciphers against side channel attacks.


2015 ◽  
Vol 77 ◽  
pp. 159-166
Author(s):  
T.O.R. Macdonald ◽  
J.S. Rowarth ◽  
F.G. Scrimgeour

The link between dairy farm systems and cost of environmental compliance is not always clear. A survey of Waikato dairy farmers was conducted to establish the real (non-modelled) cost of compliance with environmental regulation in the region. Quantitative and qualitative data were gathered to improve understanding of compliance costs and implementation issues for a range of Waikato farm systems. The average oneoff capital cost of compliance determined through a survey approach was $1.02 per kg milksolids, $1490 per hectare and $403 per cow. Costs experienced by Waikato farmers have exceeded average economic farm surplus for the region in the past 5 years. As regulation increases there are efficiencies to be gained through implementing farm infrastructure and farm management practice to best match farm system intensity. Keywords: Dairy, compliance, farm systems, nitrogen, Waikato


2009 ◽  
Vol 19 (11) ◽  
pp. 2990-2998 ◽  
Author(s):  
Tao ZHANG ◽  
Ming-Yu FAN

Author(s):  
John D. Horner ◽  
Bartosz J. Płachno ◽  
Ulrike Bauer ◽  
Bruno Di Giusto

The ability to attract prey has long been considered a universal trait of carnivorous plants. We review studies from the past 25 years that have investigated the mechanisms by which carnivorous plants attract prey to their traps. Potential attractants include nectar, visual, olfactory, and acoustic cues. Each of these has been well documented to be effective in various species, but prey attraction is not ubiquitous among carnivorous plants. Directions for future research, especially in native habitats in the field, include: the qualitative and quantitative analysis of visual cues, volatiles, and nectar; temporal changes in attractants; synergistic action of combinations of attractants; the cost of attractants; and responses to putative attractants in electroantennograms and insect behavioral tests.


2021 ◽  
Vol 13 (6) ◽  
pp. 146
Author(s):  
Somdip Dey ◽  
Amit Kumar Singh ◽  
Klaus McDonald-Maier

Side-channel attacks remain a challenge to information flow control and security in mobile edge devices till this date. One such important security flaw could be exploited through temperature side-channel attacks, where heat dissipation and propagation from the processing cores are observed over time in order to deduce security flaws. In this paper, we study how computer vision-based convolutional neural networks (CNNs) could be used to exploit temperature (thermal) side-channel attack on different Linux governors in mobile edge device utilizing multi-processor system-on-chip (MPSoC). We also designed a power- and memory-efficient CNN model that is capable of performing thermal side-channel attack on the MPSoC and can be used by industry practitioners and academics as a benchmark to design methodologies to secure against such an attack in MPSoC.


Sign in / Sign up

Export Citation Format

Share Document