MicroProfiler: Principled Side-Channel Mitigation through Microarchitectural Profiling

Preventing information leakage through microarchitectural side channels is notoriously challenging and, as a result, an important research question. Recent work has shown the viability of compiler-assisted instruction balancing for small, embedded processors with deterministic timing behavior. However, even in such small processors, more subtle microarchitectural side channels continue to be discovered, complicating mitigation efforts.We propose a methodology for augmenting an existing instruction set architecture (ISA) specification with instruction-specific microarchitectural leakage traces obtained through principled microarchitectural profiling. Building on this augmented ISA, it becomes possible to construct software tools to detect and mitigate certain side-channel vulnerabilities. As a case study, we instantiate our methodology on a recently uncovered microarchitectural side channel, which is based on cycle-level timing differences of direct memory access (DMA) requests on 16-bit openMSP430 processors. Using the augmented ISA obtained for this side channel through microarchitectural profiling, we develop practical attack scenarios and extend a state-of-the-art compiler-based mitigation and a binary validation tool, both of which originally targeted a coarser-grained, instruction-granular side channel. Our benchmarks show that our extended compiler mitigation, while still mitigating the instruction-granular leakage, also eliminates the cycle-accurate DMA information leakage without incurring any additional overhead.

[1]  Caroline Trippel,et al.  Axiomatic hardware-software contracts for security , 2022, ISCA.

[2]  Jo Van Bulck,et al.  Mind the Gap: Studying the Insecurity of Provably Secure Embedded Trusted Execution Architectures , 2022, 2022 IEEE Symposium on Security and Privacy (SP).

[3]  Daniel De Almeida Braga,et al.  “They’re not that hard to mitigate”: What Cryptographic Library Developers Think About Timing Attacks , 2022, 2022 IEEE Symposium on Security and Privacy (SP).

[4]  B. Crispo,et al.  NemesisGuard: Mitigating interrupt latency side channel attacks with static binary rewriting , 2022, Comput. Networks.

[5]  Frank Piessens,et al.  Compiler-Assisted Hardening of Embedded Software Against Interrupt Latency Side-Channel Attacks , 2021, 2021 IEEE European Symposium on Security and Privacy (EuroS&P).

[6]  M. Silberstein,et al.  Revizor: Testing Black-Box CPUs Against Speculation Contracts , 2021, IEEE Micro.

[7]  Daniele Cono D'Elia,et al.  Constantine: Automatic Side-Channel Resistance Using Efficient Control and Data Flow Linearization , 2021, CCS.

[8]  Gene Tsudik,et al.  Tiny-CFA: Minimalistic Control-Flow Attestation Using Verified Proofs of Execution , 2021, 2021 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[9]  Marco Patrignani,et al.  Contract-Aware Secure Compilation , 2020, ArXiv.

[10]  Wouter Joosen,et al.  SCFMSP: static detection of side channels in MSP430 programs , 2020, ARES.

[11]  Marco Guarnieri,et al.  Hardware-Software Contracts for Secure Speculation , 2020, 2021 IEEE Symposium on Security and Privacy (SP).

[12]  Gene Tsudik,et al.  On the TOCTOU Problem in Remote Attestation , 2020, CCS.

[13]  G. Barthe,et al.  Formal verification of a constant-time preserving C compiler , 2019, IACR Cryptol. ePrint Arch..

[14]  Frank Piessens,et al.  A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding Runtimes , 2019, CCS.

[15]  Gene Tsudik,et al.  PURE: Using Verified Remote Attestation to Obtain Proofs of Update, Reset and Erasure in low-End Embedded Systems , 2019, 2019 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[16]  Gene Tsudik,et al.  A Verified Architecture for Proofs of Execution on Remote Devices under Full Software Compromise , 2019, USENIX Security Symposium.

[17]  Robert M. Norton,et al.  ISA semantics for ARMv8-a, RISC-v, and CHERI-MIPS , 2019, Proc. ACM Program. Lang..

[18]  Frank Piessens,et al.  Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary CPU Interrupt Logic , 2018, CCS.

[19]  Meng Wu,et al.  Eliminating timing side-channel leaks using program repair , 2018, ISSTA.

[20]  Gernot Heiser,et al.  For Safety’s Sake: We Need a New Hardware-Software Contract! , 2018, IEEE Design & Test.

[21]  Karthikeyan Bhargavan,et al.  HACL*: A Verified Modern Cryptographic Library , 2017, CCS.

[22]  Benjamin Grégoire,et al.  Jasmin: High-Assurance and High-Speed Cryptography , 2017, CCS.

[23]  Heiko Mantel,et al.  AVR Processors as a Platform for Language-Based Security , 2017, ESORICS.

[24]  Deian Stefan,et al.  FaCT: A Flexible, Constant-Time Programming Language , 2017, 2017 IEEE Cybersecurity Development (SecDev).

[25]  Johannes Götzfried,et al.  Sancus 2.0 , 2017, ACM Trans. Priv. Secur..

[26]  Johannes Götzfried,et al.  Cache Attacks on Intel SGX , 2017, EUROSEC.

[27]  Gernot Heiser,et al.  A survey of microarchitectural timing attacks and countermeasures on contemporary hardware , 2016, Journal of Cryptographic Engineering.

[28]  Stefan Mangard,et al.  DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks , 2015, USENIX Security Symposium.

[29]  Ahmad-Reza Sadeghi,et al.  TyTAN: Tiny trust anchor for tiny devices , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[30]  Vijay Varadharajan,et al.  TrustLite: a security architecture for tiny embedded devices , 2014, EuroSys '14.

[31]  Benjamin Morin,et al.  What If You Can't Trust Your Network Card? , 2011, RAID.

[32]  Koen De Bosschere,et al.  Practical Mitigations for Timing-Based Side-Channel Attacks on Modern x86 Processors , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[33]  David Schultz,et al.  The Program Counter Security Model: Automatic Detection and Removal of Control-Flow Side Channel Attacks , 2005, ICISC.

[34]  Vikram S. Adve,et al.  LLVM: a compilation framework for lifelong program analysis & transformation , 2004, International Symposium on Code Generation and Optimization, 2004. CGO 2004..

[35]  Dakshi Agrawal,et al.  The EM Side-Channel(s) , 2002, CHES.

[36]  Christopher W. Fletcher,et al.  SynthCT: Towards Portable Constant-Time Code , 2022, NDSS.

[37]  Berk Sunar,et al.  Medusa: Microarchitectural Data Leakage via Automated Attack Synthesis , 2020, USENIX Security Symposium.

[38]  Gene Tsudik,et al.  VRASED: A Verified Hardware/Software Co-Design for Remote Attestation , 2019, USENIX Security Symposium.

[39]  Mahmoud Ammar,et al.  SμV - The Security MicroVisor: A Formally-Verified Software-Based Security Architecture for the Internet of Things , 2019, IEEE Trans. Dependable Secur. Comput..

[40]  Mohamad El Hajj,et al.  Data Oblivious ISA Extensions for Side Channel-Resistant and High Performance Computing , 2018, IACR Cryptol. ePrint Arch..

[41]  Karim M. El Defrawy,et al.  SMART: Secure and Minimal Architecture for (Establishing Dynamic) Root of Trust , 2012, NDSS.

[42]  C. Flytzanis,et al.  Appendix , 2004, Molecular Biology Reports.

[43]  P. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[44]  Texas Instruments , 1964, Nature.