20 research outputs found
Trace Oblivious Program Execution
The big data era has dramatically transformed our lives; however, security incidents such as data breaches can put sensitive data (e.g. photos, identities, genomes) at risk. To protect users' data privacy, there is a growing interest in building secure cloud computing systems, which keep sensitive data inputs hidden, even from computation providers. Conceptually, secure cloud computing systems leverage cryptographic techniques (e.g., secure multiparty
computation) and trusted hardware (e.g. secure processors) to instantiate a “secure” abstract machine consisting of a CPU and encrypted memory, so that an adversary cannot learn information through either the computation within the CPU or the data in the memory. Unfortunately, evidence has shown that side channels (e.g. memory accesses, timing, and termination) in such a “secure” abstract machine may potentially leak highly sensitive information, including cryptographic keys that form the root of trust for the secure
systems.
This thesis broadly expands the investigation of a research direction called trace
oblivious computation, where programming language techniques are employed to prevent side channel information leakage. We demonstrate the feasibility of trace oblivious computation, by formalizing and building several systems, including GhostRider, which is a hardware-software co-design to provide a hardware-based trace oblivious computing solution, SCVM, which is an automatic RAM-model secure computation system, and ObliVM, which is a programming framework to facilitate programmers to develop applications. All of these systems enjoy formal security guarantees while demonstrating a better performance than prior systems, by one to several orders of magnitude
DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization
Recent research has demonstrated that Intel's SGX is vulnerable to various
software-based side-channel attacks. In particular, attacks that monitor CPU
caches shared between the victim enclave and untrusted software enable accurate
leakage of secret enclave data. Known defenses assume developer assistance,
require hardware changes, impose high overhead, or prevent only some of the
known attacks. In this paper we propose data location randomization as a novel
defensive approach to address the threat of side-channel attacks. Our main goal
is to break the link between the cache observations by the privileged adversary
and the actual data accesses by the victim. We design and implement a
compiler-based tool called DR.SGX that instruments enclave code such that data
locations are permuted at the granularity of cache lines. We realize the
permutation with the CPU's cryptographic hardware-acceleration units providing
secure randomization. To prevent correlation of repeated memory accesses we
continuously re-randomize all enclave data during execution. Our solution
effectively protects many (but not all) enclaves from cache attacks and
provides a complementary enclave hardening technique that is especially useful
against unpredictable information leakage
Oblivious Median Slope Selection
We study the median slope selection problem in the oblivious RAM model. In
this model memory accesses have to be independent of the data processed, i.e.,
an adversary cannot use observed access patterns to derive additional
information about the input. We show how to modify the randomized algorithm of
Matou\v{s}ek (1991) to obtain an oblivious version with O(n log^2 n) expected
time for n points in R^2. This complexity matches a theoretical upper bound
that can be obtained through general oblivious transformation. In addition,
results from a proof-of-concept implementation show that our algorithm is also
practically efficient.Comment: 14 pages, to appear in Proceedings of CCCG 202
Neural Network Model Extraction Attacks in Edge Devices by Hearing Architectural Hints
As neural networks continue their reach into nearly every aspect of software
operations, the details of those networks become an increasingly sensitive
subject. Even those that deploy neural networks embedded in physical devices
may wish to keep the inner working of their designs hidden -- either to protect
their intellectual property or as a form of protection from adversarial inputs.
The specific problem we address is how, through heavy system stack, given noisy
and imperfect memory traces, one might reconstruct the neural network
architecture including the set of layers employed, their connectivity, and
their respective dimension sizes. Considering both the intra-layer architecture
features and the inter-layer temporal association information introduced by the
DNN design empirical experience, we draw upon ideas from speech recognition to
solve this problem. We show that off-chip memory address traces and PCIe events
provide ample information to reconstruct such neural network architectures
accurately. We are the first to propose such accurate model extraction
techniques and demonstrate an end-to-end attack experimentally in the context
of an off-the-shelf Nvidia GPU platform with full system stack. Results show
that the proposed techniques achieve a high reverse engineering accuracy and
improve the one's ability to conduct targeted adversarial attack with success
rate from 14.6\%25.5\% (without network architecture knowledge) to 75.9\%
(with extracted network architecture)
Freecursive ORAM: [Nearly] Free Recursion and Integrity Verification for Position-based Oblivious RAM
Oblivious RAM (ORAM) is a cryptographic primitive that hides memory access patterns as seen by untrusted storage. Recently, ORAM has been architected into secure processors. A big challenge for hardware ORAM schemes is how to efficiently manage the Position Map (PosMap), a central component in modern ORAM algorithms. Implemented naively, the PosMap causes ORAM to be fundamentally unscalable in terms of on-chip area. On the other hand, a technique called Recursive ORAM fixes the area problem yet significantly increases ORAM's performance overhead.
To address this challenge, we propose three new mechanisms. We propose a new ORAM structure called the PosMap Lookaside Buffer (PLB) and PosMap compression techniques to reduce the performance overhead from Recursive ORAM empirically (the latter also improves the construction asymptotically). Through simulation, we show that these techniques reduce the memory bandwidth overhead needed to support recursion by 95%, reduce overall ORAM bandwidth by 37% and improve overall SPEC benchmark performance by 1.27x. We then show how our PosMap compression techniques further facilitate an extremely efficient integrity verification scheme for ORAM which we call PosMap MAC (PMMAC). For a practical parameterization, PMMAC reduces the amount of hashing needed for integrity checking by >= 68x relative to prior schemes and introduces only 7% performance overhead.
We prototype our mechanisms in hardware and report area and clock frequency for a complete ORAM design post-synthesis and post-layout using an ASIC flow in a 32~nm commercial process. With 2 DRAM channels, the design post-layout runs at 1~GHz and has a total area of .47~mm2. Depending on PLB-specific parameters, the PLB accounts for 10% to 26% area. PMMAC costs 12% of total design area. Our work is the first to prototype Recursive ORAM or ORAM with any integrity scheme in hardware.Qatar Computing Research Institute (QCRI-CSAIL Parternship)National Science Foundation (U.S.)American Society for Engineering Education. National Defense Science and Engineering Graduate Fellowshi