30,520 research outputs found
Secure Compute-and-Forward in a Bidirectional Relay
We consider the basic bidirectional relaying problem, in which two users in a
wireless network wish to exchange messages through an intermediate relay node.
In the compute-and-forward strategy, the relay computes a function of the two
messages using the naturally-occurring sum of symbols simultaneously
transmitted by user nodes in a Gaussian multiple access (MAC) channel, and the
computed function value is forwarded to the user nodes in an ensuing broadcast
phase. In this paper, we study the problem under an additional security
constraint, which requires that each user's message be kept secure from the
relay. We consider two types of security constraints: perfect secrecy, in which
the MAC channel output seen by the relay is independent of each user's message;
and strong secrecy, which is a form of asymptotic independence. We propose a
coding scheme based on nested lattices, the main feature of which is that given
a pair of nested lattices that satisfy certain "goodness" properties, we can
explicitly specify probability distributions for randomization at the encoders
to achieve the desired security criteria. In particular, our coding scheme
guarantees perfect or strong secrecy even in the absence of channel noise. The
noise in the channel only affects reliability of computation at the relay, and
for Gaussian noise, we derive achievable rates for reliable and secure
computation. We also present an application of our methods to the multi-hop
line network in which a source needs to transmit messages to a destination
through a series of intermediate relays.Comment: v1 is a much expanded and updated version of arXiv:1204.6350; v2 is a
minor revision to fix some notational issues; v3 is a much expanded and
updated version of v2, and contains results on both perfect secrecy and
strong secrecy; v3 is a revised manuscript submitted to the IEEE Transactions
on Information Theory in April 201
Software Grand Exposure: SGX Cache Attacks Are Practical
Side-channel information leakage is a known limitation of SGX. Researchers
have demonstrated that secret-dependent information can be extracted from
enclave execution through page-fault access patterns. Consequently, various
recent research efforts are actively seeking countermeasures to SGX
side-channel attacks. It is widely assumed that SGX may be vulnerable to other
side channels, such as cache access pattern monitoring, as well. However, prior
to our work, the practicality and the extent of such information leakage was
not studied.
In this paper we demonstrate that cache-based attacks are indeed a serious
threat to the confidentiality of SGX-protected programs. Our goal was to design
an attack that is hard to mitigate using known defenses, and therefore we mount
our attack without interrupting enclave execution. This approach has major
technical challenges, since the existing cache monitoring techniques experience
significant noise if the victim process is not interrupted. We designed and
implemented novel attack techniques to reduce this noise by leveraging the
capabilities of the privileged adversary. Our attacks are able to recover
confidential information from SGX enclaves, which we illustrate in two example
cases: extraction of an entire RSA-2048 key during RSA decryption, and
detection of specific human genome sequences during genomic indexing. We show
that our attacks are more effective than previous cache attacks and harder to
mitigate than previous SGX side-channel attacks
Randomized Benchmarking of Quantum Gates
A key requirement for scalable quantum computing is that elementary quantum
gates can be implemented with sufficiently low error. One method for
determining the error behavior of a gate implementation is to perform process
tomography. However, standard process tomography is limited by errors in state
preparation, measurement and one-qubit gates. It suffers from inefficient
scaling with number of qubits and does not detect adverse error-compounding
when gates are composed in long sequences. An additional problem is due to the
fact that desirable error probabilities for scalable quantum computing are of
the order of 0.0001 or lower. Experimentally proving such low errors is
challenging. We describe a randomized benchmarking method that yields estimates
of the computationally relevant errors without relying on accurate state
preparation and measurement. Since it involves long sequences of randomly
chosen gates, it also verifies that error behavior is stable when used in long
computations. We implemented randomized benchmarking on trapped atomic ion
qubits, establishing a one-qubit error probability per randomized pi/2 pulse of
0.00482(17) in a particular experiment. We expect this error probability to be
readily improved with straightforward technical modifications.Comment: 13 page
DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization
Recent research has demonstrated that Intel's SGX is vulnerable to various
software-based side-channel attacks. In particular, attacks that monitor CPU
caches shared between the victim enclave and untrusted software enable accurate
leakage of secret enclave data. Known defenses assume developer assistance,
require hardware changes, impose high overhead, or prevent only some of the
known attacks. In this paper we propose data location randomization as a novel
defensive approach to address the threat of side-channel attacks. Our main goal
is to break the link between the cache observations by the privileged adversary
and the actual data accesses by the victim. We design and implement a
compiler-based tool called DR.SGX that instruments enclave code such that data
locations are permuted at the granularity of cache lines. We realize the
permutation with the CPU's cryptographic hardware-acceleration units providing
secure randomization. To prevent correlation of repeated memory accesses we
continuously re-randomize all enclave data during execution. Our solution
effectively protects many (but not all) enclaves from cache attacks and
provides a complementary enclave hardening technique that is especially useful
against unpredictable information leakage
- …