SGXIO: Generic Trusted I/O Path for Intel SGX

Application security traditionally strongly relies upon security of the underlying operating system. However, operating systems often fall victim to software attacks, compromising security of applications as well. To overcome this dependency, Intel introduced SGX, which allows to protect application code against a subverted or malicious OS by running it in a hardware-protected enclave. However, SGX lacks support for generic trusted I/O paths to protect user input and output between enclaves and I/O devices. This work presents SGXIO, a generic trusted path architecture for SGX, allowing user applications to run securely on top of an untrusted OS, while at the same time supporting trusted paths to generic I/O devices. To achieve this, SGXIO combines the benefits of SGX's easy programming model with traditional hypervisor-based trusted path architectures. Moreover, SGXIO can tweak insecure debug enclaves to behave like secure production enclaves. SGXIO surpasses traditional use cases in cloud computing and makes SGX technology usable for protecting user-centric, local applications against kernel-level keyloggers and likewise. It is compatible to unmodified operating systems and works on a modern commodity notebook out of the box. Hence, SGXIO is particularly promising for the broad x86 community to which SGX is readily available.Comment: To appear in CODASPY'1

Trust Evaluation for Embedded Systems Security research challenges identified from an incident network scenario

This paper is about trust establishment and trust evaluations techniques. A short background about trust, trusted computing and security in embedded systems is given. An analysis has been done of an incident network scenario with roaming users and a set of basic security needs has been identified. These needs have been used to derive security requirements for devices and systems, supporting the considered scenario. Using the requirements, a list of major security challenges for future research regarding trust establishment in dynamic networks have been collected and elaboration on some different approaches for future research has been done.This work was supported by the Knowledge foundation and RISE within the ARIES project

C-FLAT: Control-FLow ATtestation for Embedded Systems Software

Remote attestation is a crucial security service particularly relevant to increasingly popular IoT (and other embedded) devices. It allows a trusted party (verifier) to learn the state of a remote, and potentially malware-infected, device (prover). Most existing approaches are static in nature and only check whether benign software is initially loaded on the prover. However, they are vulnerable to run-time attacks that hijack the application's control or data flow, e.g., via return-oriented programming or data-oriented exploits. As a concrete step towards more comprehensive run-time remote attestation, we present the design and implementation of Control- FLow ATtestation (C-FLAT) that enables remote attestation of an application's control-flow path, without requiring the source code. We describe a full prototype implementation of C-FLAT on Raspberry Pi using its ARM TrustZone hardware security extensions. We evaluate C-FLAT's performance using a real-world embedded (cyber-physical) application, and demonstrate its efficacy against control-flow hijacking attacks.Comment: Extended version of article to appear in CCS '16 Proceedings of the 23rd ACM Conference on Computer and Communications Securit

Distributed IoT Attestation via Blockchain (Extended Version)

The growing number and nature of Internet of Things (IoT) devices makes these resource-constrained appliances particularly vulnerable and increasingly impactful in their exploitation. Current estimates for the number of connected things commonly reach the tens of billions. The low-cost and limited computational strength of these devices can preclude security features. Additionally, economic forces and a lack of industry expertise in security often contribute to a rush to market with minimal consideration for security implications. It is essential that users of these emerging technologies, from consumers to IT professionals, be able to establish and retain trust in the multitude of diverse and pervasive compute devices that are ever more responsible for our critical infrastructure and personal information. Remote attestation is a well-known technique for building such trust between devices. In standard implementations, a potentially untrustworthy prover attests, using public key infrastructure, to a verifier about its configuration or properties of its current state. Attestation is often performed on an ad hoc basis with little concern for historicity. However, controls and sensors manufactured for the Industrial IoT (IIoT) may be expected to operate for decades. Even in the consumer market, so-called smart things can be expected to outlive their manufacturers. This longevity combined with limited software or firmware patching creates an ideal environment for long-lived zero-day vulnerabilities. Knowing both if a device is vulnerable and if so when it became vulnerable is a management nightmare as IoT deployments scale. For network connected machines, with access to sensitive information and real-world physical controls, maintaining some sense of a device\u27s lifecycle would be insightful. In this paper, we propose a novel attestation architecture, DAN: a distributed attestation network, utilizing blockchain to store and share device information. We present the design of this new attestation architecture, and describe a virtualized simulation, as well as a prototype system chosen to emulate an IoT deployment with a network of Raspberry Pi, Infineon TPMs, and a Hyperledger Fabric blockchain. We discuss the implications and potential challenges of such a network for various applications such as identity management, intrusion detection, forensic audits, and regulatory certification

FPGA based remote code integrity verification of programs in distributed embedded systems

The explosive growth of networked embedded systems has made ubiquitous and pervasive computing a reality. However, there are still a number of new challenges to its widespread adoption that include scalability, availability, and, especially, security of software. Among the different challenges in software security, the problem of remote-code integrity verification is still waiting for efficient solutions. This paper proposes the use of reconfigurable computing to build a consistent architecture for generation of attestations (proofs) of code integrity for an executing program as well as to deliver them to the designated verification entity. Remote dynamic update of reconfigurable devices is also exploited to increase the complexity of mounting attacks in a real-word environment. The proposed solution perfectly fits embedded devices that are nowadays commonly equipped with reconfigurable hardware components that are exploited to solve different computational problems