Timing and Lattice Attacks on a Remote ECDSA OpenSSL Server: How Practical Are They Really?

In 2011, B.B.Brumley and N.Tuveri found a remote timing attack on OpenSSL’s ECDSA implementation for binary curves. We will study if the title of their paper was indeed relevant (Remote Timing Attacks are Still Practical). We improved on their lattice attack using the Embedding Strategy that reduces the Closest Vector Problem to the Shortest Vector Problem so as to avoid using Babai’s procedures to solve the CVP and rely on the better experimental results of LLL. We will detail (along with publishing the source code of the tools we used) our attempts to reproduce their experiments from a remote machine located on the same network with the server, and see that such attacks are not trivial and far from being practical. Finally we will see other attacks and countermeasures

Vulnerability analysis of satellite-based synchronized smart grids monitoring systems

The large-scale deployment of wide-area monitoring systems could play a strategic role in supporting the evolution of traditional power systems toward smarter and self-healing grids. The correct operation of these synchronized monitoring systems requires a common and accurate timing reference usually provided by a satellite-based global positioning system. Although these satellites signals provide timing accuracy that easily exceeds the needs of the power industry, they are extremely vulnerable to radio frequency interference. Consequently, a comprehensive analysis aimed at identifying their potential vulnerabilities is of paramount importance for correct and safe wide-area monitoring system operation. Armed with such a vision, this article presents and discusses the results of an experimental analysis aimed at characterizing the vulnerability of global positioning system based wide-area monitoring systems to external interferences. The article outlines the potential strategies that could be adopted to protect global positioning system receivers from external cyber-attacks and proposes decentralized defense strategies based on self-organizing sensor networks aimed at assuring correct time synchronization in the presence of external attacks

S-FaaS: Trustworthy and Accountable Function-as-a-Service using Intel SGX

Function-as-a-Service (FaaS) is a recent and already very popular paradigm in cloud computing. The function provider need only specify the function to be run, usually in a high-level language like JavaScript, and the service provider orchestrates all the necessary infrastructure and software stacks. The function provider is only billed for the actual computational resources used by the function invocation. Compared to previous cloud paradigms, FaaS requires significantly more fine-grained resource measurement mechanisms, e.g. to measure compute time and memory usage of a single function invocation with sub-second accuracy. Thanks to the short duration and stateless nature of functions, and the availability of multiple open-source frameworks, FaaS enables non-traditional service providers e.g. individuals or data centers with spare capacity. However, this exacerbates the challenge of ensuring that resource consumption is measured accurately and reported reliably. It also raises the issues of ensuring computation is done correctly and minimizing the amount of information leaked to service providers. To address these challenges, we introduce S-FaaS, the first architecture and implementation of FaaS to provide strong security and accountability guarantees backed by Intel SGX. To match the dynamic event-driven nature of FaaS, our design introduces a new key distribution enclave and a novel transitive attestation protocol. A core contribution of S-FaaS is our set of resource measurement mechanisms that securely measure compute time inside an enclave, and actual memory allocations. We have integrated S-FaaS into the popular OpenWhisk FaaS framework. We evaluate the security of our architecture, the accuracy of our resource measurement mechanisms, and the performance of our implementation, showing that our resource measurement mechanisms add less than 6.3% latency on standardized benchmarks