30 research outputs found
Sanctorum: A lightweight security monitor for secure enclaves
Enclaves have emerged as a particularly compelling primitive to implement
trusted execution environments: strongly isolated sensitive user-mode processes
in a largely untrusted software environment. While the threat models employed
by various enclave systems differ, the high-level guarantees they offer are
essentially the same: attestation of an enclave's initial state, as well as a
guarantee of enclave integrity and privacy in the presence of an adversary.
This work describes Sanctorum, a small trusted code base (TCB), consisting of
a generic enclave-capable system, which is sufficient to implement secure
enclaves akin to the primitive offered by Intel's SGX. While enclaves may be
implemented via unconditionally trusted hardware and microcode, as it is the
case in SGX, we employ a smaller TCB principally consisting of authenticated,
privileged software, which may be replaced or patched as needed. Sanctorum
implements a formally verified specification for generic enclaves on an
in-order multiprocessor system meeting baseline security requirements, e.g.,
the MIT Sanctum processor and the Keystone enclave framework. Sanctorum
requires trustworthy hardware including a random number generator, a private
cryptographic key pair derived via a secure bootstrapping protocol, and a
robust isolation primitive to safeguard sensitive information. Sanctorum's
threat model is informed by the threat model of the isolation primitive, and is
suitable for adding enclaves to a variety of processor systems.Comment: 6 page
When a Patch is Not Enough - HardFails: Software-Exploitable Hardware Bugs
In this paper, we take a deep dive into microarchitectural security from a
hardware designer's perspective by reviewing the existing approaches to detect
hardware vulnerabilities during the design phase. We show that a protection gap
currently exists in practice that leaves chip designs vulnerable to
software-based attacks. In particular, existing verification approaches fail to
detect specific classes of vulnerabilities, which we call HardFails: these bugs
evade detection by current verification techniques while being exploitable from
software. We demonstrate such vulnerabilities in real-world SoCs using RISC-V
to showcase and analyze concrete instantiations of HardFails. Patching these
hardware bugs may not always be possible and can potentially result in a
product recall. We base our findings on two extensive case studies: the recent
Hack@DAC 2018 hardware security competition, where 54 independent teams of
researchers competed world-wide over a period of 12 weeks to catch inserted
security bugs in SoC RTL designs, and an in-depth systematic evaluation of
state-of-the-art verification approaches. Our findings indicate that even
combinations of techniques will miss high-impact bugs due to the large number
of modules with complex interdependencies and fundamental limitations of
current detection approaches. We also craft a real-world software attack that
exploits one of the RTL bugs from Hack@DAC that evaded detection and discuss
novel approaches to mitigate the growing problem of cross-layer bugs at design
time