Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Case for Tamper-Resistant and Tamper-Evident Computer Systems Yan Solihin Center for Efficient, Secure and Reliable Computing (CESR)

Published byGwendolyn Leef Modified over 9 years ago

Similar presentations

Presentation on theme: "A Case for Tamper-Resistant and Tamper-Evident Computer Systems Yan Solihin Center for Efficient, Secure and Reliable Computing (CESR)"— Presentation transcript:

1 A Case for Tamper-Resistant and Tamper-Evident Computer Systems Yan Solihin solihin@ncsu.edu Center for Efficient, Secure and Reliable Computing (CESR) Electrical and Computer Engineering North Carolina State University

2 2 Brian RogersEfficient Data Protection for DSMPACT 2006 Motivation Why data protection?  DRM, SW Piracy, Reverse Engineering  Data Theft & Tampering Why architectural mechanisms?  Hardware attacks emerging: Mod-chips, Bus snoopers, keystroke loggers, etc.  SW-only protection vulnerable to HW attacks  SW protects communication between multiple computers, but not within a computer

3 3 Yan Solihin Architecture and Assumptions P L1 L2 Security Boundary SNC Mem. Ctrl. Dir. Memory P L1 L2 Security Boundary SNC Mem. Ctrl. Dir. Memory Interconnect Network I/O

4 4 Yan Solihin Attack Scenarios Scenario 1:attackers have physical access to the systems  Game Consoles  Computers confiscated by enemies  Voting Machines Scenario 2: attackers are trusted users  ATM Fraud  On-demand/Utility Computing Scenario 2 should not be underestimated. 80% of ATM fraud involves employees

5 5 Yan Solihin Why Hardware Protection is Necessary 4GB storage for under $70!  In 1Gbit/sec interconnect, can Record 32 seconds of communication + =

6 6 Yan Solihin Cable Clutter Hides the Snooper Snoops and logs Ethernet Communication Even Data Center or Utility Computing Servers (e.g. HP Superdome)

7 7 Yan Solihin Key Questions How can computer system components (processors, memory, cards, keyboard, monitor) communicate with each other securely but also efficiently? Security Requirements:  Privacy: snooped communication cannot be used to infer data  Tamper-Resistant: altered communication is detected or avoided  Tamper-Evident: attempts to snoop or alter communication are logged  Authenticated: each knows who it’s talking to Efficiency Requirements:  Time and space overheads must be negligible

8 8 Yan Solihin Research Challenges Performance:  Data Communication must not be noticeably delayed by cryptographic process  Cryptographic process should not consume much space overheads Inter-operability  How to communicate with outside world securely?  How to boot the system securely?

9 9 Yan Solihin Our Work in This Area Brian Rogers, Milos Prvulovic and Yan Solihin, Effective Data Protection for Distributed Shared Memory Multiprocessors, PACT 2006. Chenyu Yan, Brian Rogers, Daniel Englender, Yan Solihin and Milos Prvulovic, Improving Cost, Performance, and Security of Memory Encryption and Authentication, ISCA 2006. Other work  Secure heap memory management (ASPLOS 2006)  HeapMon: low-overhead memory safety check (IBM Journal of R&D 2006)

10 10 Yan Solihin Current Approach Security Assumptions:  Assume chip boundary defines the secure boundary  Cryptographic unit integrated into processor chip  Secure storage of keys in the processor chip  Off-chip communication encrypted and authenticated Attack model:  Snooping communication to steal data  Man-in-the-middle attacks to inject, remove, and alter data

11 11 Yan Solihin Gen pad Choice of Encryption Mode Matters Best Case Read Operation Worst Case Read Operation ECB Counter-Mode MissDecrypt Miss XOR Miss (data) Miss (SN) XOR MissDecrypt Decrypt (SN) Gen pad

12 12 Yan Solihin Experimental Setup System Configuration SPLASH-2 applications 16 / 32 / 64 Processors L2 CacheUnified, 256KB, 8-way, 64B line, 10 cycle access Memory200 cycle RT memory latency NetworkHypercube, 50ns link latency CoherenceMESI protocol, Reply-forwarding Proc-proc protectionCntr-mode enc & GCM-based auth, 64b counters AES Engine16-stage pipeline w/ 80 cycle latency

13 13 Yan Solihin DSM Data Protection Overhead Private: performance better than Shared or Cached Cached: good tradeoff between performance, storage, and scalability DSM protection adds only 1% to 3% overhead on average compared to CPU-Mem protection; total overhead is only 6% to 8%

14 14 Yan Solihin Conclusions Hardware Attacks feasible in certain scenarios Secure off-chip communication possible with low overheads There are many remaining challenges

Download ppt "A Case for Tamper-Resistant and Tamper-Evident Computer Systems Yan Solihin Center for Efficient, Secure and Reliable Computing (CESR)"

Similar presentations

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
System Area Network Abhiram Shandilya 12/06/01. Overview Introduction to System Area Networks SAN Design and Examples SAN Applications.

System Area Network Abhiram Shandilya 12/06/01. Overview Introduction to System Area Networks SAN Design and Examples SAN Applications.
Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation.

Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation.
Building Secure, DRM-Enabled Devices Avni Rambhia Program Manager John C. Simmons Program Manager Strategic Relations & Policy Windows Client Division.

Building Secure, DRM-Enabled Devices Avni Rambhia Program Manager John C. Simmons Program Manager Strategic Relations & Policy Windows Client Division.
Accountability in Hosted Virtual Networks Eric Keller, Ruby B. Lee, Jennifer Rexford Princeton University VISA 2009.

Accountability in Hosted Virtual Networks Eric Keller, Ruby B. Lee, Jennifer Rexford Princeton University VISA 2009.
TCPA TCPA TCPA T rusted C omputing P latform A lliance Saurabh Phansalkar.

TCPA TCPA TCPA T rusted C omputing P latform A lliance Saurabh Phansalkar.
Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center 2014 www.know-center.at Security.

Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center Security.
A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, International.

A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, International.
1 Architectural Support for High Speed Protection of Memory Integrity and Confidentiality in Multiprocessor Systems Georgia Institute of Technology Atlanta,

1 Architectural Support for High Speed Protection of Memory Integrity and Confidentiality in Multiprocessor Systems Georgia Institute of Technology Atlanta,
Computer Science HyperSentry: Enabling Stealthy In-context Measurement of Hypervisor Integrity Ahmed M. Azab, Peng Ning, Zhi Wang, Xuxian Jiang North Carolina.

Computer Science HyperSentry: Enabling Stealthy In-context Measurement of Hypervisor Integrity Ahmed M. Azab, Peng Ning, Zhi Wang, Xuxian Jiang North Carolina.
Cache Coherent Distributed Shared Memory. Motivations Small processor count –SMP machines –Single shared memory with multiple processors interconnected.

Cache Coherent Distributed Shared Memory. Motivations Small processor count –SMP machines –Single shared memory with multiple processors interconnected.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Federated Authentication mechanism for mobile services Dasun Weerasinghe, Saritha Arunkumar, M Rajarajan, Veselin Rakocevic Mobile Networks Research Group.

Federated Authentication mechanism for mobile services Dasun Weerasinghe, Saritha Arunkumar, M Rajarajan, Veselin Rakocevic Mobile Networks Research Group.
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.

 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
IBM RS6000/SP Overview Advanced IBM Unix computers series Multiple different configurations Available from entry level to high-end machines. POWER (1,2,3,4)

IBM RS6000/SP Overview Advanced IBM Unix computers series Multiple different configurations Available from entry level to high-end machines. POWER (1,2,3,4)
Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,
DISTRIBUTED CONSISTENCY MANAGEMENT IN A SINGLE ADDRESS SPACE DISTRIBUTED OPERATING SYSTEM Sombrero.

DISTRIBUTED CONSISTENCY MANAGEMENT IN A SINGLE ADDRESS SPACE DISTRIBUTED OPERATING SYSTEM Sombrero.
Scaling the Bandwidth Wall: Challenges in and Avenues for CMP Scalability 36th International Symposium on Computer Architecture Brian Rogers †‡, Anil Krishna.

Scaling the Bandwidth Wall: Challenges in and Avenues for CMP Scalability 36th International Symposium on Computer Architecture Brian Rogers †‡, Anil Krishna.
(C) 2002 Milo MartinHPCA, Feb. 2002 Bandwidth Adaptive Snooping Milo M.K. Martin, Daniel J. Sorin Mark D. Hill, and David A. Wood Wisconsin Multifacet.

(C) 2002 Milo MartinHPCA, Feb Bandwidth Adaptive Snooping Milo M.K. Martin, Daniel J. Sorin Mark D. Hill, and David A. Wood Wisconsin Multifacet.

Similar presentations

Ads by Google