50 research outputs found
Software Grand Exposure: SGX Cache Attacks Are Practical
Side-channel information leakage is a known limitation of SGX. Researchers
have demonstrated that secret-dependent information can be extracted from
enclave execution through page-fault access patterns. Consequently, various
recent research efforts are actively seeking countermeasures to SGX
side-channel attacks. It is widely assumed that SGX may be vulnerable to other
side channels, such as cache access pattern monitoring, as well. However, prior
to our work, the practicality and the extent of such information leakage was
not studied.
In this paper we demonstrate that cache-based attacks are indeed a serious
threat to the confidentiality of SGX-protected programs. Our goal was to design
an attack that is hard to mitigate using known defenses, and therefore we mount
our attack without interrupting enclave execution. This approach has major
technical challenges, since the existing cache monitoring techniques experience
significant noise if the victim process is not interrupted. We designed and
implemented novel attack techniques to reduce this noise by leveraging the
capabilities of the privileged adversary. Our attacks are able to recover
confidential information from SGX enclaves, which we illustrate in two example
cases: extraction of an entire RSA-2048 key during RSA decryption, and
detection of specific human genome sequences during genomic indexing. We show
that our attacks are more effective than previous cache attacks and harder to
mitigate than previous SGX side-channel attacks
An Indigenous Perspective on a Period in the History of North America
CLA (Critical Language Analysis) asserts that human language ability involves more than merely reacting to reality. Language use, from a CLA perspective, is about creating realities. When an Ojibwe lady speaks about her life and times in North America, specifically the United States, CLA reveals that she has created a reality, a mixture of positive and negative elements, by her own words
Composite Enclaves: Towards Disaggregated Trusted Execution
The ever-rising computation demand is forcing the move from the CPU to
heterogeneous specialized hardware, which is readily available across modern
datacenters through disaggregated infrastructure. On the other hand, trusted
execution environments (TEEs), one of the most promising recent developments in
hardware security, can only protect code confined in the CPU, limiting TEEs'
potential and applicability to a handful of applications. We observe that the
TEEs' hardware trusted computing base (TCB) is fixed at design time, which in
practice leads to using untrusted software to employ peripherals in TEEs. Based
on this observation, we propose \emph{composite enclaves} with a configurable
hardware and software TCB, allowing enclaves access to multiple computing and
IO resources. Finally, we present two case studies of composite enclaves: i) an
FPGA platform based on RISC-V Keystone connected to emulated peripherals and
sensors, and ii) a large-scale accelerator. These case studies showcase a
flexible but small TCB (2.5 KLoC for IO peripherals and drivers), with a
low-performance overhead (only around 220 additional cycles for a context
switch), thus demonstrating the feasibility of our approach and showing that it
can work with a wide range of specialized hardware
Snappy: Fast On-chain Payments with Practical Collaterals
Permissionless blockchains offer many advantages but also have significant
limitations including high latency. This prevents their use in important
scenarios such as retail payments, where merchants should approve payments
fast. Prior works have attempted to mitigate this problem by moving
transactions off the chain. However, such Layer-2 solutions have their own
problems: payment channels require a separate deposit towards each merchant and
thus significant locked-in funds from customers; payment hubs require very
large operator deposits that depend on the number of customers; and side-chains
require trusted validators.
In this paper, we propose Snappy, a novel solution that enables recipients,
like merchants, to safely accept fast payments. In Snappy, all payments are on
the chain, while small customer collaterals and moderate merchant collaterals
act as payment guarantees. Besides receiving payments, merchants also act as
statekeepers who collectively track and approve incoming payments using
majority voting. In case of a double-spending attack, the victim merchant can
recover lost funds either from the collateral of the malicious customer or a
colluding statekeeper (merchant). Snappy overcomes the main problems of
previous solutions: a single customer collateral can be used to shop with many
merchants; merchant collaterals are independent of the number of customers; and
validators do not have to be trusted. Our Ethereum prototype shows that safe,
fast (<2 seconds) and cheap payments are possible on existing blockchains.Comment: Network and Distributed Systems Security (NDSS) Symposium 2020, 23-26
February 2020, San Diego, CA, US
Censorship-Resilient and Confidential Collateralized Second-Layer Payments
Permissionless blockchains are too slow for applications like
point-of-sale payments. While several techniques have been proposed to
speed up blockchain payments, none of them are satisfactory for application
scenarios like retail shopping. In particular, existing solutions like
payment channels require users to lock up significant funds and schemes
based on pre-defined validators enable easy transaction censoring. In this
paper, we develop Quicksilver, the first blockchain payment scheme that
works with practical collaterals and is fast, censorship-resilient, and confidential
at the same time.We implement Quicksilver for EVM-compatible
chains and show that censoring-resilient payments are fast and affordable
on currently popular blockchains platforms like Ethereum and Polygon
Detecting Mobile Application Spoofing Attacks by Leveraging User Visual Similarity Perception
Mobile application spoofing is an attack where a malicious mobile application
mimics the visual appearance of another one. If such an attack is successful,
the integrity of what the user sees as well as the confidentiality of what she
inputs into the system can be violated by the adversary. A common example of
mobile application spoofing is a phishing attack where the adversary tricks the
user into revealing her password to a malicious application that resembles the
legitimate one.
In this work, we propose a novel approach for addressing mobile application
spoofing attacks by leveraging the visual similarity of application screens. We
use deception rate as a novel metric for measuring how many users would confuse
a spoofing application for the genuine one. We conducted a large-scale online
study where participants evaluated spoofing samples of popular mobile
applications. We used the study results to design and implement a prototype
spoofing detection system, tailored to the estimation of deception rate for
mobile application login screens