637 research outputs found
DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization
Recent research has demonstrated that Intel's SGX is vulnerable to various
software-based side-channel attacks. In particular, attacks that monitor CPU
caches shared between the victim enclave and untrusted software enable accurate
leakage of secret enclave data. Known defenses assume developer assistance,
require hardware changes, impose high overhead, or prevent only some of the
known attacks. In this paper we propose data location randomization as a novel
defensive approach to address the threat of side-channel attacks. Our main goal
is to break the link between the cache observations by the privileged adversary
and the actual data accesses by the victim. We design and implement a
compiler-based tool called DR.SGX that instruments enclave code such that data
locations are permuted at the granularity of cache lines. We realize the
permutation with the CPU's cryptographic hardware-acceleration units providing
secure randomization. To prevent correlation of repeated memory accesses we
continuously re-randomize all enclave data during execution. Our solution
effectively protects many (but not all) enclaves from cache attacks and
provides a complementary enclave hardening technique that is especially useful
against unpredictable information leakage
Algorithmic Diversity for Software Security
Software diversity protects against a modern-day exploits such as code-reuse
attacks. When an attacker designs a code-reuse attack on an example executable,
it relies on replicating the target environment. With software diversity, the
attacker cannot reliably replicate their target. This is a security benefit
which can be applied to massive-scale software distribution. When applied to
large-scale communities, an invested attacker may perform analysis of samples
to improve the chances of a successful attack (M. Franz).
We present a general NOP-insertion algorithm which can be expanded and
customized for security, performance, or other costs. We demonstrate an
improvement in security so that a code-reuse attack based on any one variant
has minimal chances of success on another and analyse the costs of this method.
Alternately, the variants may be customized to meet performance or memory
overhead constraints. Deterministic diversification allows for the flexibility
to balance these needs in a way that doesn't exist in a random online method
A parallel block-based encryption schema for digital images using reversible cellular automata
AbstractWe propose a novel images encryption schema based on reversible one-dimensional cellular automata. Contrasting to the sequential operating mode of several existing approaches, the proposed one is fully parallelizable since the encryption/decryption tasks can be executed using multiple processes running independently for the same single image. The parallelization is made possible by defining a new RCA-based construction of an extended pseudorandom permutation that takes a nonce as a supplementary parameter. The defined PRP exploit the chaotic behavior and the high initial condition's sensitivity of the RCAs to ensure perfect cryptographic security properties. Results of various experiments and analysis show that high security and execution performances can be achieved using the approach, and furthermore, it provides the ability to perform a selective area decryption since any part of the ciphered-image can be deciphered independently from others, which is very useful for real time applications
- …