Virtual Secure Circuit: Porting Dual-Rail Pre-charge Technique into Software on Multicore

This paper discusses a novel direction for multicore cryptographic software, namely the use of multicore to protect a design against side-channel attacks. We present a technique which is based on the principle of dual-rail pre-charge, but which can be completely implemented in software. The resulting protected software is called a Virtual Secure Circuit (VSC). Similar to the dual-rail pre-charge technique, a VSC executes as two complementary programs on two identical processor cores. Our key contributions include (1) the analysis of the security properties of a VSC, (2) the construction of a VSC AES prototype on a dual-PowerPC architecture, (3) the demonstration of VSC\u27s protection effectiveness with real side-channel attack experiments. The attack results showed that the VSC protected AES needs 80 times more measurements than the unprotected AES to find the first correct key byte. Even one million measurements were not sufficient to fully break VSC protected AES, while unprotected AES was broken using only 40000 measurements. We conclude that VSC can provide a similar side-channel resistance as WDDL, the dedicated hardware equivalent of dual-rail pre-charge. However, in contrast to WDDL, VSC is a software technique, and therefore it is flexible

Systematic Literature Review of EM-SCA Attacks on Encryption

Cryptography is vital for data security, but cryptographic algorithms can still be vulnerable to side-channel attacks (SCAs), physical assaults exploiting power consumption and EM radiation. SCAs pose a significant threat to cryptographic integrity, compromising device keys. While literature on SCAs focuses on real-world devices, the rise of sophisticated devices necessitates fresh approaches. Electromagnetic side-channel analysis (EM-SCA) gathers information by monitoring EM radiation, capable of retrieving encryption keys and detecting malicious activity. This study evaluates EM-SCA's impact on encryption across scenarios and explores its role in digital forensics and law enforcement. Addressing encryption susceptibility to EM-SCA can empower forensic investigators in overcoming encryption challenges, maintaining their crucial role in law enforcement. Additionally, the paper defines EM-SCA's current state in attacking encryption, highlighting vulnerable and resistant encryption algorithms and devices, and promising EM-SCA approaches. This study offers a comprehensive analysis of EM-SCA in law enforcement and digital forensics, suggesting avenues for further research

Optimising Security, Power Consumption and Performance of Embedded Systems

Increased interest in multicore systems has led to significant advancements in computing power, but it has also introduced new security risks due to covert channel communication. These covert channels enable the unauthorized leakage of sensitive information, posing a grave threat to system security. Traditional examples of covert channel attacks involve exploiting subtle variations such as temperature changes and timing differences to clandestinely transmit data through thermal and timing channels, respectively. These methods are particularly alarming because they demand minimal resources for implementation, thus presenting a formidable challenge to system security. Therefore, understanding the different classes of covert channel attacks and their characteristics is imperative for devising effective countermeasures. This thesis proposes two novel countermeasures to mitigate Thermal Covert Channel (TCC) attacks, which are among the most prevalent threats. In the first approach, we introduce the Selective Noise-Based Countermeasure. This novel technique disrupts covert communication by strategically adding a selective noise (extra thread) to the temperature signal to generate more heat and change its pattern. This intervention significantly increases the Bit Error Rate (BER) to 94%, thereby impeding data transmission effectively. Building upon this, the second strategy, termed Fan Speed Control Countermeasure, dynamically adjusts fan speed to reduce system temperature further, consequently decreasing the thermal signal frequency and shutting down any meaningful transmission. This methodology achieves a high BER (98%), thereby enhancing system security. Furthermore, the thesis introduces a new threat scenario termed Multi-Covert Channel Attacks, which demands advanced detection and mitigation techniques. To confront this emerging threat, we propose a comprehensive two-step approach that emphasizes both detection and tailored countermeasures. This approach leverages two distinct methodologies for implementation, with the primary goal of achieving optimal performance characterized by high BER and low power consumption. In the first method, referred to as the double multi-covert channel, we employ two distinct frequency ranges for the timing and thermal covert channels. Through extensive experimentation, we demonstrate that this approach yields a high BER, providing a formidable challenge to various defense strategies. However, it is noteworthy that this method may potentially lead to overheating issues due to the increased operational load. Alternatively, our second method, the single multi-covert channel, employs a single frequency range for data transmission. Notably, this approach addresses the overheating concerns associated with the double multi-covert channel, thereby reducing power consumption and minimizing the risk of system overheating. The experimental results presented in this thesis demonstrate the efficacy of the proposed strategies. By adopting a two-different approach, we not only enhance detection capabilities but also mitigate potential risks such as overheating. Our findings contribute significantly to the ongoing discourse on covert channel attacks and offer valuable insights for developing robust defense mechanisms against evolving threats. By providing insights into both traditional and emerging covert channel threats in multicore systems, this thesis significantly contributes to the field of multi-embedded system security. The proposed countermeasures demonstrate tangible security improvements, while the exploration of multi-covert channel attacks sets the stage for detection and defense strategies

Repurposing Software Defenses with Specialized Hardware

Computer security has largely been the domain of software for the last few decades. Although this approach has been moderately successful during this period, its problems have started becoming more apparent recently because of one primary reason — performance. Software solutions typically exact a significant toll in terms of program slowdown, especially when applied to large, complex software. In the past, when chips became exponentially faster, this growing burden could be accommodated almost for free. But as Moore’s law winds down, security-related slowdowns become more apparent, increasingly intolerable, and subsequently abandoned. As a result, the community has started looking elsewhere for continued protection, as attacks continue to become progressively more sophisticated. One way to mitigate this problem is to complement these defenses in hardware. Despite lacking the semantic perspective of high-level software, specialized hardware typically is not only faster, but also more energy-efficient. However, hardware vendors also have to factor in the cost of integrating security solutions from the perspective of effectiveness, longevity, and cost of development, while allaying the customer’s concerns of performance. As a result, although numerous hardware solutions have been proposed in the past, the fact that so few of them have actually transitioned into practice implies that they were unable to strike an optimal balance of the above qualities. This dissertation proposes the thesis that it is possible to add hardware features that complement and improve program security, traditionally provided by software, without requiring extensive modifications to existing hardware microarchitecture. As such, it marries the collective concerns of not only users and software developers, who demand performant but secure products, but also that of hardware vendors, since implementation simplicity directly relates to reduction in time and cost of development and deployment. To support this thesis, this dissertation discusses two hardware security features aimed at securing program code and data separately and details their full system implementations, and a study of a negative result where the design was deemed practically infeasible, given its high implementation complexity. Firstly, the dissertation discusses code protection by reviving instruction set randomization (ISR), an idea originally proposed for countering code injection and considered impractical in the face of modern attack vectors that employ reuse of existing program code (also known as code reuse attacks). With Polyglot, we introduce ISR with strong AES encryption along with basic code randomization that disallows code decryption at runtime, thus countering most forms of state-of-the-art dynamic code reuse attacks, that read the code at runtime prior to building the code reuse payload. Through various optimizations and corner case workarounds, we show how Polyglot enables code execution with minimal hardware changes while maintaining a small attack surface and incurring nominal overheads even when the code is strongly encrypted in the binary and memory. Next, the dissertation presents REST, a hardware primitive that allows programs to mark memory regions invalid for regular memory accesses. This is achieved simply by storing a large, pre-determined random value at those locations with a special store instruction and then, detecting incoming values at the data cache for matches to the predetermined value. Subsequently, we show how this primitive can be used to protect data from common forms of spatial and temporal memory safety attacks. Notably, because of the simplicity of the primitive, REST requires trivial microarchitectural modifications and hence, is easy to implement, and exhibits negligible performance overheads. Additionally, we demonstrate how it is able to provide practical heap safety even for legacy binaries. For the above proposals, we also detail their hardware implementations on FPGAs, and discuss how each fits within a complete multiprocess system. This serves to give the reader an idea of usage and deployment challenges on a broader scale that goes beyond just the technique’s effectiveness within the context of a single program. Lastly, the dissertation discusses an alternative to the virtual address space, that randomizes the sequence of addresses in a manner invisible to even the program, thus achieving transparent randomization of the entire address space at a very fine granularity. The biggest challenge is to achieve this with minimal microarchitectural changes while accommodating linear data structures in the program (e.g., arrays, structs), both of which are fundamentally based on a linear address space. As a result, this modified address space subsumes the benefits of most other spatial randomization schemes, with the additional benefit of ideally making traversal from one data structure to another impossible. Our study of this idea concludes that although valuable, current memory safety techniques are cheaper to implement and secure enough, so that there are no perceivable use cases for this model of address space safety

Security and trust in cloud computing and IoT through applying obfuscation, diversification, and trusted computing technologies

Cloud computing and Internet of Things (IoT) are very widely spread and commonly used technologies nowadays. The advanced services offered by cloud computing have made it a highly demanded technology. Enterprises and businesses are more and more relying on the cloud to deliver services to their customers. The prevalent use of cloud means that more data is stored outside the organization’s premises, which raises concerns about the security and privacy of the stored and processed data. This highlights the significance of effective security practices to secure the cloud infrastructure. The number of IoT devices is growing rapidly and the technology is being employed in a wide range of sectors including smart healthcare, industry automation, and smart environments. These devices collect and exchange a great deal of information, some of which may contain critical and personal data of the users of the device. Hence, it is highly significant to protect the collected and shared data over the network; notwithstanding, the studies signify that attacks on these devices are increasing, while a high percentage of IoT devices lack proper security measures to protect the devices, the data, and the privacy of the users. In this dissertation, we study the security of cloud computing and IoT and propose software-based security approaches supported by the hardware-based technologies to provide robust measures for enhancing the security of these environments. To achieve this goal, we use obfuscation and diversification as the potential software security techniques. Code obfuscation protects the software from malicious reverse engineering and diversification mitigates the risk of large-scale exploits. We study trusted computing and Trusted Execution Environments (TEE) as the hardware-based security solutions. Trusted Platform Module (TPM) provides security and trust through a hardware root of trust, and assures the integrity of a platform. We also study Intel SGX which is a TEE solution that guarantees the integrity and confidentiality of the code and data loaded onto its protected container, enclave. More precisely, through obfuscation and diversification of the operating systems and APIs of the IoT devices, we secure them at the application level, and by obfuscation and diversification of the communication protocols, we protect the communication of data between them at the network level. For securing the cloud computing, we employ obfuscation and diversification techniques for securing the cloud computing software at the client-side. For an enhanced level of security, we employ hardware-based security solutions, TPM and SGX. These solutions, in addition to security, ensure layered trust in various layers from hardware to the application. As the result of this PhD research, this dissertation addresses a number of security risks targeting IoT and cloud computing through the delivered publications and presents a brief outlook on the future research directions.Pilvilaskenta ja esineiden internet ovat nykyään hyvin tavallisia ja laajasti sovellettuja tekniikkoja. Pilvilaskennan pitkälle kehittyneet palvelut ovat tehneet siitä hyvin kysytyn teknologian. Yritykset enenevässä määrin nojaavat pilviteknologiaan toteuttaessaan palveluita asiakkailleen. Vallitsevassa pilviteknologian soveltamistilanteessa yritykset ulkoistavat tietojensa käsittelyä yrityksen ulkopuolelle, minkä voidaan nähdä nostavan esiin huolia taltioitavan ja käsiteltävän tiedon turvallisuudesta ja yksityisyydestä. Tämä korostaa tehokkaiden turvallisuusratkaisujen merkitystä osana pilvi-infrastruktuurin turvaamista. Esineiden internet -laitteiden lukumäärä on nopeasti kasvanut. Teknologiana sitä sovelletaan laajasti monilla sektoreilla, kuten älykkäässä terveydenhuollossa, teollisuusautomaatiossa ja älytiloissa. Sellaiset laitteet keräävät ja välittävät suuria määriä informaatiota, joka voi sisältää laitteiden käyttäjien kannalta kriittistä ja yksityistä tietoa. Tästä syystä johtuen on erittäin merkityksellistä suojata verkon yli kerättävää ja jaettavaa tietoa. Monet tutkimukset osoittavat esineiden internet -laitteisiin kohdistuvien tietoturvahyökkäysten määrän olevan nousussa, ja samaan aikaan suuri osuus näistä laitteista ei omaa kunnollisia teknisiä ominaisuuksia itse laitteiden tai niiden käyttäjien yksityisen tiedon suojaamiseksi. Tässä väitöskirjassa tutkitaan pilvilaskennan sekä esineiden internetin tietoturvaa ja esitetään ohjelmistopohjaisia tietoturvalähestymistapoja turvautumalla osittain laitteistopohjaisiin teknologioihin. Esitetyt lähestymistavat tarjoavat vankkoja keinoja tietoturvallisuuden kohentamiseksi näissä konteksteissa. Tämän saavuttamiseksi työssä sovelletaan obfuskaatiota ja diversifiointia potentiaalisiana ohjelmistopohjaisina tietoturvatekniikkoina. Suoritettavan koodin obfuskointi suojaa pahantahtoiselta ohjelmiston takaisinmallinnukselta ja diversifiointi torjuu tietoturva-aukkojen laaja-alaisen hyödyntämisen riskiä. Väitöskirjatyössä tutkitaan luotettua laskentaa ja luotettavan laskennan suoritusalustoja laitteistopohjaisina tietoturvaratkaisuina. TPM (Trusted Platform Module) tarjoaa turvallisuutta ja luottamuksellisuutta rakentuen laitteistopohjaiseen luottamukseen. Pyrkimyksenä on taata suoritusalustan eheys. Työssä tutkitaan myös Intel SGX:ää yhtenä luotettavan suorituksen suoritusalustana, joka takaa suoritettavan koodin ja datan eheyden sekä luottamuksellisuuden pohjautuen suojatun säiliön, saarekkeen, tekniseen toteutukseen. Tarkemmin ilmaistuna työssä turvataan käyttöjärjestelmä- ja sovellusrajapintatasojen obfuskaation ja diversifioinnin kautta esineiden internet -laitteiden ohjelmistokerrosta. Soveltamalla samoja tekniikoita protokollakerrokseen, työssä suojataan laitteiden välistä tiedonvaihtoa verkkotasolla. Pilvilaskennan turvaamiseksi työssä sovelletaan obfuskaatio ja diversifiointitekniikoita asiakaspuolen ohjelmistoratkaisuihin. Vankemman tietoturvallisuuden saavuttamiseksi työssä hyödynnetään laitteistopohjaisia TPM- ja SGX-ratkaisuja. Tietoturvallisuuden lisäksi nämä ratkaisut tarjoavat monikerroksisen luottamuksen rakentuen laitteistotasolta ohjelmistokerrokseen asti. Tämän väitöskirjatutkimustyön tuloksena, osajulkaisuiden kautta, vastataan moniin esineiden internet -laitteisiin ja pilvilaskentaan kohdistuviin tietoturvauhkiin. Työssä esitetään myös näkemyksiä jatkotutkimusaiheista

RAD-FS - Inherent and Embedded SCA-Security in Ultra-Low Power IoTs

High-performance and energy-efficient encryption engines have become crucial components in modern System-On-Chip (SoC) architectures across multiple platforms, including servers, desktops, mobile devices, and IoT edge devices. Alas, the secure operation of cryptographic engines faces a significant obstacle caused by information leakage through various side-channels. Adversaries can exploit statistical analysis techniques on measured (e.g.,) power and timing signatures generated during (e.g.,) encryption process to extract secret material. Countermeasures against such side-channel attacks often impose substantial power, area, and performance overheads. Consequently, designing side-channel secure encryption engines becomes a critical challenge when ensuring high-performance and energy-efficient operations. In this paper we will suggest a novel technique for low cost, high impact, easily scalable protection based on Adaptive Dynamic Voltage and Frequency Scaling (A-DVFS) capabilities in ultra-low-power (ULP) sub-threshold chips. We review the improvement of using integrated voltage regulators and DVFS, normally used for efficient power management, towards increasing side-channel resistance of encryption engines; Pushing known prior-art in the topic to ULP-regime. The hardware measurements were performed on PLS15 test-chip fabricated in ULP 40nm process going down from nominal voltage to 580 mV power-supply. Various results and detailed analysis is presented to demonstrate the impact of power management circuits on side-channel security, performance-impact and comparison to prior-art. Importantly, we highlight security sensitivities DVFS embeds in terms of software side-channels such as timing, and their mitigation with our proposed technique, successfully masking the time signature introduced by DVFS

Research On Hardware-based Hiding Countermeasures Against Power Analysis Attacks

電気通信大学202

Integrating security into real-time cyber-physical systems

Cyber-physical systems (CPS) such as automobiles, power plants, avionics systems, unmanned vehicles, medical devices, manufacturing and home automation systems have distinct cyber and physical components that must work cohesively with each other to ensure correct operation. Many cyber-physical applications have “real-time” constraints, i.e., they must function correctly within predetermined time scales. A failure to protect these systems could result in significant harm to humans, the system or even the environment. While traditionally such systems were isolated from external accesses and used proprietary components and protocols, modern CPS use off-the-shelf components and are increasingly interconnected, often via networks such as the Internet. As a result, they are exposed to additional attack surfaces and have become increasingly vulnerable to cyber attacks. Enhancing security for real-time CPS, however, is not an easy task due to limited resource availability (e.g., processing power, memory, storage, energy) and stringent timing/safety requirements. Security monitoring techniques for cyber-physical platforms (a) must execute with existing real-time tasks, (b) operate without impacting the timing and safety constraints of the control logic and (c) have to be designed and executed in a way that an adversary cannot easily evade it. The objective of my research is to increase security posture of embedded real-time CPS by integrating monitoring/detection techniques that defeat cyber attacks without violating timing/safety constraints of existing tasks. My dissertation work explores the real-time security domain and shows that by employing a combination of multiple scheduling/analysis techniques and interactions between hardware/software-based security extensions, it becomes feasible to integrate security monitoring mechanisms in real-time CPS without compromising timing/safety requirements of existing tasks. In this research, I (a) develop techniques to raise the responsiveness of security monitoring tasks by increasing their frequency of execution, (b) design a hardware-supported framework to prevent falsification of actuation commands — i.e., commands that control the state of the physical system and (c) propose metrics to trade-off security with real-time guarantees. The solutions presented in this dissertation require minimal changes to system components/parameters and thus compatible for legacy systems. My proposed frameworks and results are evaluated through both, simulations and experiments on real off-the-shelf cyber-physical platforms. The development of analysis techniques and design frameworks proposed in this dissertation will inherently make such systems more secure and hence, safer. I believe my dissertation work will bring researchers and system engineers one step closer to understand how to integrate two seemingly diverse yet important fields — real-time CPS and cyber-security — while gaining a better understanding of both areas

Recent Advancements on Symmetric Cryptography Techniques -A Comprehensive Case Study

Now a day2019;s Cryptography is one of the broad areas for researchers; because of the conventional block cipher has lost its potency due to the sophistication of modern systems that can break it by brute force. Due to its importance, several cryptography techniques and algorithms are adopted by many authors to secure the data, but still there is a scope to improve the previous approaches. For this necessity, we provide the comprehensive survey which will help the researchers to provide better techniques