Secure Processing On-Chip

Slides:

Advertisements

Similar presentations

Hardware Assisted Control Flow Obfuscation for Embedded Processors Xiaotong Zhuang Tao Zhang Hsien-Hsin (Sean) Lee Santosh Pande Georgia Institute of Technology.

Advertisements

1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.

Information Security and Cloud Computing Naresh K. Sehgal, Sohum Sohoni, Ying Xiong, David Fritz, Wira Mulia, and John M. Acken 1 NKS.

Physical Unclonable Functions and Applications

Implementing an Untrusted Operating System on Trusted Hardware.

Jeff Bilger - CSE P 590TU - Winter 2006 The Role of Cryptography in Combating Software Piracy.

Building Secure, DRM-Enabled Devices Avni Rambhia Program Manager John C. Simmons Program Manager Strategic Relations & Policy Windows Client Division.

Accountability in Hosted Virtual Networks Eric Keller, Ruby B. Lee, Jennifer Rexford Princeton University VISA 2009.

1 Architectural Support for High Speed Protection of Memory Integrity and Confidentiality in Multiprocessor Systems Georgia Institute of Technology Atlanta,

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.

Secure Embedded Processing through Hardware-assisted Run-time Monitoring Zubin Kumar.

1 Towards the Issues in Architectural Support for Protection of Software Execution Weidong Shi Hsien-Hsin (Sean) Lee Mrinmoy Ghosh Chenghuai Lu School.

A Novel Cache Architecture with Enhanced Performance and Security Zhenghong Wang and Ruby B. Lee.

Kenichi Kourai (Kyushu Institute of Technology) Takuya Nagata (Kyushu Institute of Technology) A Secure Framework for Monitoring Operating Systems Using.

Architecture for Protecting Critical Secrets in Microprocessors Ruby Lee Peter Kwan Patrick McGregor Jeffrey Dwoskin Zhenghong Wang Princeton Architecture.

Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.

1 Architectural Support for Copy and Tamper Resistant Software David Lie, Chandu Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell and.

Flow of presentation:  Kind of attacks on embedded systems.  Most relevant security threats faced by NOC.  Solutions/ways suggested so far to deal.

Hardware Assisted Control Flow Obfuscation for Embedded Processors Xiaoton Zhuang, Tao Zhang, Hsien-Hsin S. Lee, Santosh Pande HIDE: An Infrastructure.

CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.

COMPUTER SECURITY MIDTERM REVIEW CS161 University of California BerkeleyApril 4, 2012.

Public-Key Encryption

Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3.

Azam Supervisor : Prof. Raj Jain

Information Leaks Without Memory Disclosures: Remote Side Channel Attacks on Diversified Code Jeff Seibert, Hamed Okhravi, and Eric Söderström Presented.

Multilevel Caches Microprocessors are getting faster and including a small high speed cache on the same chip.

Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)

Exploiting Instruction Streams To Prevent Intrusion Milena Milenkovic.

Creating Security using Software and Hardware Bradley Herrup CS297- Security and Programming Languages.

Presentation subtitle: 20pt Arial Regular, green R223 | G255 | B102 Recommended maximum length: 2 lines Confidentiality/date line: 13pt Arial Regular,

Authentication Control Point and Its Implications For Secure Processor Design Weidong ShiMotorola Labs Hsien-Hsin S. LeeGeorgia Tech.

Architecture Support for Secure Computing Mikel Bezdek Chun Yee Yu CprE 585 Survey Project 12/10/04.

A Framework For Trusted Instruction Execution Via Basic Block Signature Verification Milena Milenković, Aleksandar Milenković, and Emil Jovanov Electrical.

@Yuan Xue 285: Network Security CS 285 Network Security Digital Signature Yuan Xue Fall 2012.

Compilers and Security

Web Applications Security Cryptography 1

Hardware-rooted Trust for Secure Key Management & Transient Trust

Programmable Hardware: Hardware or Software?

Trusted Computing and the Trusted Platform Module

Prof. Hsien-Hsin Sean Lee

Memory COMPUTER ARCHITECTURE

Home: Tel: , H.P.: Office: 공) 7710A

Chapter 1: A Tour of Computer Systems

Cryptographic Hash Function

Trusted Computing and the Trusted Platform Module

Outline What does the OS protect? Authentication for operating systems

Hardware Cryptographic Coprocessor

Outline What does the OS protect? Authentication for operating systems

Bruhadeshwar Meltdown Bruhadeshwar

RANDOM FILL CACHE ARCHITECTURE

TERRA Authored by: Garfinkel, Pfaff, Chow, Rosenblum, and Boneh

Network Security (contd.)

AEGIS: Secure Processor for Certified Execution

Protect Your Hardware from Hacking and Theft

User-mode Secret Protection (SP) architecture

Hardware Security – Highlevel Survey Review for Exam 4

CSE 451: Operating Systems Autumn Module 24 Virtual Machine Monitors

Sai Krishna Deepak Maram, CS 6410

Reverse engineering through full system simulations

Physical Unclonable Functions and Applications

Intel Active Management Technology

Shielding applications from an untrusted cloud with Haven

TPM, UEFI, Trusted Boot, Secure Boot

Bruce Maggs (with some slides from Bryan Parno)

Bruce Maggs (with some slides from Bryan Parno)

University of Illinois at Urbana-Champaign

Presentation transcript:

Secure Processing On-Chip Hsien-Hsin “Sean” Lee School of Electrical and Computer Engineering Georgia Tech Atlanta, GA ARO Workshop on Embedded Systems and Network Security Raleigh, NC, February 22, 2007

Layered Secure Architecture Exploits Solution Application software patching/amputation, de-compilation, worm, virus application signing, access control, … OS rootkit, system call tampering kernel space eavesdrop OS signing, virtualization, … Firmware/ Boot image BIOS spoof/hijack,boot image virus TPM Platform Level chip interconnect/bus snoop, eavesdrop, device spoof secure processor, memory encryption Sub Platform Power, EM emission analysis timing analysis, etc self-timed circuit, obfuscation techniques Package & Circuit Level de-packaging, micro-probing, optical reverse engineer secure packaging, private circuit

Secure Processor Assumption Protected Domain Processor Core

Thread Model: Physical Tampering Protected Domain Processor Core DRAM Ethernet Mouse Keyboard Disk South Bridge North Bridge

Secure Processors Secure Processor Tamper-proof distributed computing (trusted end-system) Secure Processor Anti reverse engineering Processor Core Root Signature Caches MAC hash tree Crypto Engine Secure Processor Tamper-proof embedded sensor device Tamper-proof digital right protection

Types of HW-based Physical Attacks Trace system bus, peripheral bus Power/Timing analysis Build fake devices, device spoof (e.g., MOD-chip) Modify RAM Replay bus signals, fake bus signal injection XBOX with MOD-chip installed. MOD-chip is a low cost bus snoop and spoof device widely used to break XBOX security.

Designing Secure Processors HW-based Encryption/Authentication A common strategy to protect data confidentiality and integrity Performance, performance, performance Deficiencies ─ Side Channels Power (or current) signature Execution time distinction Instruction addresses on the bus (unprotected control flow) Potential Solutions Randomization To be effective, rethink HW design, raise the level of difficulty to break Design trade-off between power saving () execution time, RT constraint () security level ()

Control Flow Leakage  Example 1 Assume all code are encrypted Control Flow Graph Address Sequence B1 B2 B3

Control Flow Leakage  Example 1 Control Flow Graph Address Sequence B1 Addr(B1) B2 B3

Control Flow Leakage  Example 1 Control Flow Graph Address Sequence B1 Addr(B1), Addr(B2) B2 B3

Control Flow Leakage  Example 1 Control Flow Graph Address Sequence B1 Addr(B1), Addr(B2), Addr(B3) B2 B3

Control Flow Leakage  Example 1 Control Flow Graph Address Sequence B1 Addr(B1), Addr(B2), Addr(B3) Addr(B1) B2 B3

Control Flow Leakage  Example 1 Control Flow Graph Address Sequence B1 Addr(B1), Addr(B2), Addr(B3) Addr(B1), Addr(B2) B2 B3

Control Flow Leakage  Example 1 Control Flow Graph Address Sequence B1 Addr(B1), Addr(B2), Addr(B3) Addr(B1), Addr(B2), Addr(B3)…. B2 B3

Control Flow Leakage  Example 1 Control Flow Graph Address Sequence B1 Addr(B1), Addr(B2), Addr(B3) Addr(B1), Addr(B2), Addr(B3)…. B2 B3 repeated addresses loop

Control Flow Leakage  Example 2 Control Flow Graph Address Sequence B1 Addr(B1) B2 B3 B4

Control Flow Leakage  Example 2 Control Flow Graph Address Sequence B1 Addr(B1), Addr(B2) B2 B3 B4

Control Flow Leakage  Example 2 Control Flow Graph Address Sequence B1 Addr(B1), Addr(B2), Addr(B4) B2 B3 B4

Control Flow Leakage  Example 2 Control Flow Graph Address Sequence B1 Addr(B1), Addr(B2), Addr(B4) Addr(B1) B2 B3 B4

Control Flow Leakage  Example 2 Control Flow Graph Address Sequence B1 Addr(B1), Addr(B2), Addr(B4) Addr(B1), Addr(B3) B2 B3 B4

Control Flow Leakage  Example 2 Control Flow Graph Address Sequence B1 Addr(B1), Addr(B2), Addr(B4) Addr(B1), Addr(B3), Addr(B4)…. B2 B3 B4

Control Flow Leakage  Example 2 Control Flow Graph Address Sequence B1 Addr(B1), Addr(B2), Addr(B4) Addr(B1), Addr(B3), Addr(B4)…. B2 B3 B4 either B2 or B3 follows B1 conditional branch

Critical Data Leakage via Value-Dependent Conditional Branches Modular Exponentiation Algorithm (Diffie-Hellman, RSA) Initialize Let S0 = 1 For i = 0 to w-1 Do If (bit i of k) is 1 then Let Ti = (Si*C) mod N Else Let Ti = Si Let Si+1 = T2i mod N EndFor Return (Rw-1) i=0 to w-1 bit i of k = 1? Y N If-branch Else-branch Loop End T = Ck mod N Return Hacker’s interest : to find K (the secret) Only 2 possibilities: key K or K

Consequences of Control Flow Side-channel Leak critical information of the application By graph matching the CFG, reused code can be ID-ed Critical data can be leaked as well Even partial knowledge can help competitors

Side-Channel Countermeasure Randomization Design trade-off between power saving execution time (RT constraint) security level

Solution Example: Dynamic Control Flow Obfuscation A Hardware Approach To map address differently every time it appears on the bus Relocate blocks to new location each time it is evicted from the processor Should not write out immediately after access to avoid correlation being exposed Refer to section 4.4

Dynamic Obfuscation Example Security Boundary accesses shuffle buffer memory 1 2 3 4 5 6 7 8 9 1 2 3 4 5 6 7 8 9 Start—after fill up the buffer 5 1 3 4 2 6 7 8 9 Random Replacement Algorithm

Dynamic Obfuscation Example accesses shuffle buffer memory 1 2 3 4 5 6 7 8 9 1 2 3 4 5 6 7 8 9 Start—after fill up the buffer 5 1 3 4 2 6 7 8 9 Shuffle buffer Memory Addr1 map(Addr1) Addr2 map(Addr2) Addr3 map(Addr3) AddrX map(AddrX) Block Address Table

Dynamic Obfuscation Example accesses shuffle buffer memory 1 2 3 4 5 6 7 8 9 1 2 3 4 5 6 7 8 9 Start—after fill up the buffer 5 1 3 4 2 6 7 8 9 8 5 3 4 2 6 7 1 9 6 8 3 4 2 5 7 1 9 8 6 3 4 2 5 7 1 9 finish 8 6 3 4 2 5 7 1 9 Addr1 map(Addr1) Addr2 map(Addr2) Addr3 map(Addr3) AddrX map(AddrX) Block Address Table

Challenges in Embedded Design From a processor architect’s perspective How to design a tamper-proof embedded processor Software solutions may be slow and limited Encryption/decryption A natural given But is insufficient due to side-channel attacks Need to educate next-gen processor designers Need a well-thought-out Security-aware hardware design

Challenges in Embedded Design Physical Tampering Tamper-resistance and tamper-evidence Side-channel attacks Digital Right Management Protect Virtual properties with encryption and right licenses Need a DRM-enabled graphics processor Implications on FPGA platform Use FPGA for cryptographic algorithms Protect FPGA-based IP Vulnerabilities yet to be understood

Thank You! http://arch.ece.gatech.edu