11,809 research outputs found
Ozone: Efficient Execution with Zero Timing Leakage for Modern Microarchitectures
Time variation during program execution can leak sensitive information. Time
variations due to program control flow and hardware resource contention have
been used to steal encryption keys in cipher implementations such as AES and
RSA. A number of approaches to mitigate timing-based side-channel attacks have
been proposed including cache partitioning, control-flow obfuscation and
injecting timing noise into the outputs of code. While these techniques make
timing-based side-channel attacks more difficult, they do not eliminate the
risks. Prior techniques are either too specific or too expensive, and all leave
remnants of the original timing side channel for later attackers to attempt to
exploit.
In this work, we show that the state-of-the-art techniques in timing
side-channel protection, which limit timing leakage but do not eliminate it,
still have significant vulnerabilities to timing-based side-channel attacks. To
provide a means for total protection from timing-based side-channel attacks, we
develop Ozone, the first zero timing leakage execution resource for a modern
microarchitecture. Code in Ozone execute under a special hardware thread that
gains exclusive access to a single core's resources for a fixed (and limited)
number of cycles during which it cannot be interrupted. Memory access under
Ozone thread execution is limited to a fixed size uncached scratchpad memory,
and all Ozone threads begin execution with a known fixed microarchitectural
state. We evaluate Ozone using a number of security sensitive kernels that have
previously been targets of timing side-channel attacks, and show that Ozone
eliminates timing leakage with minimal performance overhead
TMbarrier: speculative barriers using hardware transactional memory
Barrier is a very common synchronization method used in parallel programming. Barriers are used typically to enforce a partial thread execution order, since there may be dependences between code sections before and after the barrier. This work proposes TMbarrier, a new design of a barrier intended to be used in transactional applications. TMbarrier allows threads to continue executing speculatively after the barrier assuming that there are not dependences with safe threads that have not yet reached the barrier. Our design leverages transactional memory (TM) (specifically, the implementation offered by the IBM POWER8 processor) to hold the speculative updates and to detect possible conflicts between speculative and safe threads. Despite the limitations of the best-effort hardware TM implementation present in current processors, experiments show a reduction in wasted time due to synchronization compared to standard barriers.Universidad de Málaga. Campus de Excelencia Internacional AndalucĂa Tech
Defending Tor from Network Adversaries: A Case Study of Network Path Prediction
The Tor anonymity network has been shown vulnerable to traffic analysis
attacks by autonomous systems and Internet exchanges, which can observe
different overlay hops belonging to the same circuit. We aim to determine
whether network path prediction techniques provide an accurate picture of the
threat from such adversaries, and whether they can be used to avoid this
threat. We perform a measurement study by running traceroutes from Tor relays
to destinations around the Internet. We use the data to evaluate the accuracy
of the autonomous systems and Internet exchanges that are predicted to appear
on the path using state-of-the-art path inference techniques; we also consider
the impact that prediction errors have on Tor security, and whether it is
possible to produce a useful overestimate that does not miss important threats.
Finally, we evaluate the possibility of using these predictions to actively
avoid AS and IX adversaries and the challenges this creates for the design of
Tor
An approach to task-based parallel programming for undergraduate students
This paper presents the description of a compulsory parallel programming course in the bachelor degree in Informatics Engineering at the Barcelona School of Informatics, Universitat Politècnica de Catalunya UPC-BarcelonaTech. The main focus of the course is on the shared-memory programming paradigm, which facilitates the presentation of fundamental aspects and notions of parallel computing. Unlike the “traditional” loop-based approach, which is the focus of parallel programming courses in other universities, this course presents the parallel programming concepts using a task-based approach. Tasking allows students to explore a broader set of parallel decomposition strategies, including linear, iterative and recursive strategies, and their implementation using the current version of OpenMP (OpenMP 4.5), which offers mechanisms (pragmas and intrinsic functions) to easily map these strategies into parallel programs. Simple models to understand the benefits of a task decomposition and the trade-offs introduced by different kinds of overheads are included in the course, together with the use of tools that allow an easy exploration of different task decomposition strategies and their potential parallelism (Tareador) and instrumentation and analysis of task parallel executions on real machines (Extrae and Paraver).This work has been supported by the grant SEV-2015-0493 of the Severo Ochoa Program, awarded by the Spanish Gov-
ernment, by the Spanish Ministry of Science and Innovation (contract TIN2015-65316-P) and by Generalitat de Catalunya (contracts 2014-MOOC-00057 and 2014-SGR-1051). We also thank the anonymous reviewers and editor for their comments during the review process, other professors that have been in-
volved in the implementation of the course and Paul Carpenter at BSC for his corrections and suggestions to improve the text.Postprint (published version
- …