1 Modeling and Analysis of Networked Secure Systems with Application to Trusted Computing Jason Franklin Joint work with Deepak Garg, Dilsun Kaynar, and Anupam Datta

2 Motivation Despite progress in cryptography and security protocols, designing secure systems remains difficult –Network protocols and cryptography rely on secure system assumption Problem: Attackers violate secure system assumption by exploiting system design flaws Solution: Prove security of system designs

3 Motivating Example Client System Network Server System

4 Trusted Computing Question: How do we trust remote servers? Proposed Solution: Ask servers what programs they are running? –Server attests to (vouches for) its running software…

5 I’ll ask what programs they have run! How do I know if I can trust that server? Hey server! What code have you run? Server System Details of Proposed Solution Client System Network Network Protocol Analysis System and Network Protocol Analysis Since I last rebooted, I’ve run 0: Operating System 1: Web Server 2: Shopping Cart Server RequestReply I trust those programs to protect my data!

6 In this talk… Describe Logic of Secure Systems (LS^2) –Modeling system designs –Analysis of system designs Analyze trusted computing protocol Limitations, work in progress, and conclusion

7 Hey server! What code have you run? Server System Modeling Protocols as Programs Client System Network requestReply Client ≡ request := read question; send request; reply := receive; match /reply/trusted/; Server ≡ r := receive; send reply; Since I last rebooted, I’ve run 0: Operating System 1: Web Server 2: Shopping Cart Server I trust those programs to protect my data!

8 Components of Model Explicit Time Encryption Decryption HashSign/Verify Memory Protection Memory Network Comm. Threads Control Flow Key: AddedExisting Hardware Resets Trusted Computing

9 Modeling Details Memory –Read and write named memory locations Example: d := read Mem[x]; Memory Protection –Exclusive write locks Example: lock(Mem[x]); Explicit time –Ordering events Read at time T R, Write at time T W and T R < T W –Expressing invariants Mem[x] contains value V during interval (T R,T W )

10 Server System New Adversary Model Client System Network I can remove, reorder, or replay messages. Standard Network Adversary I can generate messages if I know their components! I’m a malicious local thread! I can write to any unprotected memory location! I can read any memory location! I collude with the network adversary!

11 Overview of Protocol Analysis Analysis Suppose Client code executed then: Server is executing trusted programs Modeling Client ≡ request := read question; send request; reply := receive; match /reply/trusted/;

12 LS^2, what are you good for? Describe Logic of Secure Systems (LS^2) Analyze trusted computing protocol Limitations, work in progress, and conclusion

13 Hey server! What code have you run? Malicious Server System Problems with Trusted Computing Protocol Client System Network request Reply Client ≡ request := read question; send request; reply := receive; match /reply/trusted/; MALICIOUS_Server ≡ r := receive; send “linux”; I trust those programs to protect my data! Since I last rebooted, I’ve run linux. Really, I have! Since I last rebooted, I’ve run malicious code. Mwhahaha!!!!

14 Server System Solution: Trusted Coprocessor Client System Network Trusted Coprocessor

15 Trusted Coprocessor Trusted Computing –Augments platform with trusted co-processor Coprocessor includes: –Crypto. Primitives –Keys –Append-only log Coprocessor Log : AB … Log.append(A); Log.append(B);

16 Server with Coprocessor Booting ≡ 1. append log, os_code; os := read os_code; 2. call os; 3. append log, web_server_code; ws := read web_server_code; 4. call ws; Coprocessor OS Web Server 1. Append 2. Call 4. Call 3. Append Log = os_codeweb_server_code … Server System

17 Client System Coprocessor Vouching for Log Client_Receive ≡ s := receive; verify s, seq(os_code, ws_code), K Signer ≡ _ := receive; w := read log; s := sign w, K; send s Log = os_codews_code … s := SIGN K, (os_code, ws_code)

18 Protocol Analysis Analysis Suppose Client code executed then: Server is executing trusted programs Modeling Client_Receive ≡ s := receive; verify s, seq(os_code, ws_code), K

19 Trusted Computing Analysis T R Call to OS T OS Read T Read No Resets during T R to T Read Begin End Verify T V Suppose that clients’s thread executes code Client_Receive in time interval [Begin, End) then the following properties hold:

20 Anyone See Security Vulnerability? Reset attack possible after read of log T R Call to OS T OS Read T Read No Resets during T R to T Read Begin End Verify T V Server Reset Verification of Stale Data Client believes server can be trusted!

21 Adversaries Attack Assumptions Assumptions: –Client is not running in coprocessor –Coprocessor does not reveal its private key –Coprocessor only executes Signer –Programs in memory are write locked

22 Up next… Describe Logic of Secure Systems (LS^2) –Designed for modeling and analysis of system specifications Use LS^2 to analyze trusted computing protocols –Specify trusted computing protocols –State security properties and security proof –Discuss implications and analysis of proof Limitations, work in progress, and conclusion

23 Limitations and Work In Progress Control flow and context sensitive analysis Composition theorems for modular analysis of complex systems Expanding access control policies Analysis of other trusted computing protocols Modeling layer diagrams Hardware Operating System User Level Programs Layer Diagram

24 Related Work LS^2 is derived from Protocol Composition Logic [Datta05-07] Related work on program correctness: –Concurrent separation logic [Brookes04] –Verification of concurrent systems [TLA, Lamport84, Owicki&Gries76]

25 Conclusion LS^2 is logic for analysis of networked secure systems including local and network adversaries LS^2 models abstract memory protections, time, hardware resets, and security primitives Described formal analysis of trusted computing –Identified reset attack Ongoing work seeks to expand scope of LS^2

26 Take Home Points If you are designing secure systems: –LS^2 enables security analysis of system design before you implement Avoids costly and embarrassing vulnerabilities Clarifies security properties of design Even if you are just using secure systems: –LS^2 can provide stronger guarantees about your security

27 Questions? Theory of Secure Systems Project (ToSS) – Publications and Manuscripts: –D. Garg, J. Franklin, D. Kaynar, A. Datta. “Towards a Theory of Secure Systems” Cylab Technical Report, Feb –D. Garg, J. Franklin, D. Kaynar, A. Datta. “A Logic for Reasoning about Networked Secure Systems.” Under submission to FCS ’08. –J. Franklin, D. Garg, D. Kaynar, A. Datta. “Modeling and Security Analysis of Trusted Computing.” In progress.

28 2