Keys in the Clouds: Auditable Multi-device Access to Cryptographic Credentials

Personal cryptographic keys are the foundation of many secure services, but storing these keys securely is a challenge, especially if they are used from multiple devices. Storing keys in a centralized location, like an Internet-accessible server, raises serious security concerns (e.g. server compromise). Hardware-based Trusted Execution Environments (TEEs) are a well-known solution for protecting sensitive data in untrusted environments, and are now becoming available on commodity server platforms. Although the idea of protecting keys using a server-side TEE is straight-forward, in this paper we validate this approach and show that it enables new desirable functionality. We describe the design, implementation, and evaluation of a TEE-based Cloud Key Store (CKS), an online service for securely generating, storing, and using personal cryptographic keys. Using remote attestation, users receive strong assurance about the behaviour of the CKS, and can authenticate themselves using passwords while avoiding typical risks of password-based authentication like password theft or phishing. In addition, this design allows users to i) define policy-based access controls for keys; ii) delegate keys to other CKS users for a specified time and/or a limited number of uses; and iii) audit all key usages via a secure audit log. We have implemented a proof of concept CKS using Intel SGX and integrated this into GnuPG on Linux and OpenKeychain on Android. Our CKS implementation performs approximately 6,000 signature operations per second on a single desktop PC. The latency is in the same order of magnitude as using locally-stored keys, and 20x faster than smart cards.Comment: Extended version of a paper to appear in the 3rd Workshop on Security, Privacy, and Identity Management in the Cloud (SECPID) 201

S-FaaS: Trustworthy and Accountable Function-as-a-Service using Intel SGX

Function-as-a-Service (FaaS) is a recent and already very popular paradigm in cloud computing. The function provider need only specify the function to be run, usually in a high-level language like JavaScript, and the service provider orchestrates all the necessary infrastructure and software stacks. The function provider is only billed for the actual computational resources used by the function invocation. Compared to previous cloud paradigms, FaaS requires significantly more fine-grained resource measurement mechanisms, e.g. to measure compute time and memory usage of a single function invocation with sub-second accuracy. Thanks to the short duration and stateless nature of functions, and the availability of multiple open-source frameworks, FaaS enables non-traditional service providers e.g. individuals or data centers with spare capacity. However, this exacerbates the challenge of ensuring that resource consumption is measured accurately and reported reliably. It also raises the issues of ensuring computation is done correctly and minimizing the amount of information leaked to service providers. To address these challenges, we introduce S-FaaS, the first architecture and implementation of FaaS to provide strong security and accountability guarantees backed by Intel SGX. To match the dynamic event-driven nature of FaaS, our design introduces a new key distribution enclave and a novel transitive attestation protocol. A core contribution of S-FaaS is our set of resource measurement mechanisms that securely measure compute time inside an enclave, and actual memory allocations. We have integrated S-FaaS into the popular OpenWhisk FaaS framework. We evaluate the security of our architecture, the accuracy of our resource measurement mechanisms, and the performance of our implementation, showing that our resource measurement mechanisms add less than 6.3% latency on standardized benchmarks

Exploiting code mobility for dynamic binary obfuscation

Software protection aims at protecting the integrity of software applications deployed on un-trusted hosts and being subject to illegal analysis. Within an un-trusted environment a possibly malicious user has complete access to system resources and tools in order to analyze and tamper with the application code. To address this research problem, we propose a novel binary obfuscation approach based on the deployment of an incomplete application whose code arrives from a trusted network entity as a flow of mobile code blocks which are arranged in memory with a different customized memory layout. This paper presents our approach to contrast reverse engineering by defeating static and dynamic analysis, and discusses its effectivenes

PALANTIR: Zero-trust architecture for Managed Security Service Provider

The H2020 PALANTIR project aims at delivering a Security-as-a-Service solution to SMEs and microenterprises via the exploitation of containerised Network Functions. However, these functions are conceived by third-party developers and can also be deployed in untrustworthy virtualisation layers, depending on the subscribed delivery model. Therefore, they cannot be trusted and require a stringent monitoring to ensure their harmlessness, as well as adequate measures to remediate any nefarious activities. This paper justifies, details and evaluates a Zero-Trust architecture supporting PALANTIR’s solution. Specifically, PALANTIR periodically attests the service and infrastructure’s components for signs of compromise by implementing the Trusted Computing paradigm. Verification addresses the firmware, OS and software using UEFI measured boot and Linux Integrity Measurement Architecture, extended to support containerised application attestation. Mitigation actions are supervised by the Recovery Service and the Security Orchestrator based on OSM to, respectively, determine the adequate remediation actions from a recovery policy and enforce them down to the lower layers of the infrastructure through local authenticated enablers. We detail an implementation prototype serving a baseline for quantitative evaluation of our work

D2Gen: A Decentralized Device Genome Based Integrity Verification Mechanism for Collaborative Intrusion Detection Systems

Collaborative Intrusion Detection Systems are considered an effective defense mechanism for large, intricate, and multilayered Industrial Internet of Things against many cyberattacks. However, while a Collaborative Intrusion Detection System successfully detects and prevents various attacks, it is possible that an inside attacker performs a malicious act and compromises an Intrusion Detection System node. A compromised node can inflict considerable damage on the whole collaborative network. For instance, when a malicious node gives a false alert of an attack, the other nodes will unnecessarily increase their security and close all of their services, thus, degrading the system’s performance. On the contrary, if the spurious node approves malicious traffic into the system, the other nodes would also be compromised. Therefore, to detect a compromised node in the network, this article introduces a device integrity check mechanism based on “Digital Genome.” In medical science, a genome refers to a set that contains all of the information needed to build and maintain an organism. Based on the same concept, the digital genome is computed over a device’s vital hardware, software, and other components. Hence, if an attacker makes any change in a node’s hardware and software components, the digital genome will change, and the compromised node will be easily detected. It is envisaged that the proposed integrity attestation protocol can be used in diverse Internet of Things and other information technology applications to ensure the legitimate operation of end devices. This study also proffers a comprehensive security and performance analysis of the proposed framework

LogSafe: Secure and Scalable Data Logger for IoT Devices

As devices in the Internet of Things (IoT) increase in number and integrate with everyday lives, large amounts of personal information will be generated. With multiple discovered vulnerabilities in current IoT networks, a malicious attacker might be able to get access to and misuse this personal data. Thus, a logger that stores this information securely would make it possible to perform forensic analysis in case of such attacks that target valuable data. In this paper, we propose LogSafe, a scalable, fault-tolerant logger that leverages the use of Intel Software Guard Extensions (SGX) to store logs from IoT devices efficiently and securely. Using the security guarantees of SGX, LogSafe is designed to run on an untrusted cloud infrastructure and satisfies Confidentiality, Integrity, and Availability (CIA) security properties. Finally, we provide an exhaustive evaluation of LogSafe in order to demonstrate that it is capable of handling logs from a large number of IoT devices and at a very high data transmission rate