SoK: Hardware Security Support for Trustworthy Execution

In recent years, there have emerged many new hardware mechanisms for improving the security of our computer systems. Hardware offers many advantages over pure software approaches: immutability of mechanisms to software attacks, better execution and power efficiency and a smaller interface allowing it to better maintain secrets. This has given birth to a plethora of hardware mechanisms providing trusted execution environments (TEEs), support for integrity checking and memory safety and widespread uses of hardware roots of trust. In this paper, we systematize these approaches through the lens of abstraction. Abstraction is key to computing systems, and the interface between hardware and software contains many abstractions. We find that these abstractions, when poorly designed, can both obscure information that is needed for security enforcement, as well as reveal information that needs to be kept secret, leading to vulnerabilities. We summarize such vulnerabilities and discuss several research trends of this area.

[1]  Ahmad-Reza Sadeghi,et al.  Uni-directional trusted path: Transaction confirmation on just one device , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN).

[2]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[3]  Andrew Baumann Hardware is the new Software , 2017, HotOS.

[4]  Srdjan Capkun,et al.  Software Grand Exposure: SGX Cache Attacks Are Practical , 2017, WOOT.

[5]  Michael K. Reiter,et al.  Detecting Privileged Side-Channel Attacks in Shielded Execution with Déjà Vu , 2017, AsiaCCS.

[6]  Jiang Wang,et al.  HyperCheck: A Hardware-AssistedIntegrity Monitor , 2014, IEEE Transactions on Dependable and Secure Computing.

[7]  Xiaoyu Ruan,et al.  Platform Embedded Security Technology Revealed: Safeguarding the Future of Computing with Intel Embedded Security and Management Engine , 2014 .

[8]  Zhi Wang,et al.  HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity , 2010, 2010 IEEE Symposium on Security and Privacy.

[9]  Jonathan M. Smith,et al.  Low-fat pointers: compact encoding and efficient gate-level implementation of fat pointers for spatial safety and capability-based security , 2013, CCS.

[10]  Trent Jaeger,et al.  Sprobes: Enforcing Kernel Code Integrity on the TrustZone Architecture , 2014, ArXiv.

[11]  Srinivas Devadas,et al.  Intel SGX Explained , 2016, IACR Cryptol. ePrint Arch..

[12]  Yuewu Wang,et al.  TrustICE: Hardware-Assisted Isolated Computing Environments on Mobile Devices , 2015, 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.

[13]  Milo M. K. Martin,et al.  WatchdogLite: Hardware-Accelerated Compiler-Based Pointer Checking , 2014, CGO '14.

[14]  Jeff Kramer,et al.  Is abstraction the key to computing? , 2007, CACM.

[15]  Sascha Wessel,et al.  SEVered: Subverting AMD's Virtual Machine Encryption , 2018, EuroSec@EuroSys.

[16]  Yunheung Paek,et al.  KI-Mon ARM: A Hardware-Assisted Event-triggered Monitoring Platform for Mutable Kernel Object , 2019, IEEE Transactions on Dependable and Secure Computing.

[17]  Mathias Payer,et al.  Control-Flow Integrity , 2017, ACM Comput. Surv..

[18]  Cesar Pereida García,et al.  Port Contention for Fun and Profit , 2019, 2019 IEEE Symposium on Security and Privacy (SP).

[19]  Yuval Yarom,et al.  FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack , 2014, USENIX Security Symposium.

[20]  Gorka Irazoqui Apecechea,et al.  AutoLock: Why Cache Attacks on ARM Are Harder Than You Think , 2017, USENIX Security Symposium.

[21]  Rafal Wojtczuk Attacking UEFI Boot Script , 2015 .

[22]  Sandro Pinto,et al.  Demystifying Arm TrustZone , 2019, ACM Comput. Surv..

[23]  Manuel Huber,et al.  Extracting Secrets from Encrypted Virtual Machines , 2019, CODASPY.

[24]  Kui Wang,et al.  PAC it up: Towards Pointer Integrity using ARM Pointer Authentication , 2018, USENIX Security Symposium.

[25]  Michael Hamburg,et al.  Meltdown , 2018, meltdownattack.com.

[26]  Westley Weimer,et al.  Scotch: Combining Software Guard Extensions and System Management Mode to Monitor Cloud Resource Usage , 2017, RAID.

[27]  Yuan Xiao,et al.  SgxPectre: Stealing Intel Secrets from SGX Enclaves Via Speculative Execution , 2018, 2019 IEEE European Symposium on Security and Privacy (EuroS&P).

[28]  Zhi Wang,et al.  HyperSentry: enabling stealthy in-context measurement of hypervisor integrity , 2010, CCS '10.

[29]  Bobby Bhattacharjee,et al.  SeCloak: ARM Trustzone-based Mobile Peripheral Control , 2018, MobiSys.

[30]  Daniel Martin,et al.  TrustZone Explained: Architectural Features and Use Cases , 2016, 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC).

[31]  Phillip H. Jones,et al.  ARMOR: A Recompilation and Instrumentation-Free Monitoring Architecture for Detecting Memory Exploits , 2018, IEEE Transactions on Computers.

[32]  Christoforos E. Kozyrakis,et al.  Raksha: a flexible information flow architecture for software security , 2007, ISCA '07.

[33]  Jingling Xue,et al.  WPBOUND: Enforcing Spatial Memory Safety Efficiently at Runtime with Weakest Preconditions , 2014, 2014 IEEE 25th International Symposium on Software Reliability Engineering.

[34]  Aurélien Francillon,et al.  Implementation and implications of a stealth hard-drive backdoor , 2013, ACSAC.

[35]  Brian R. Richardson Uefi Secure Boot in Modern Computer Security Solutions , 2013 .

[36]  Michael K. Reiter,et al.  Safe Passage for Passwords and Other Sensitive Data , 2009, NDSS.

[37]  Angelos Stavrou,et al.  TrustLogin: Securing Password-Login on Commodity Operating Systems , 2015, AsiaCCS.

[38]  Neha Narula,et al.  Native Client: A Sandbox for Portable, Untrusted x86 Native Code , 2009, IEEE Symposium on Security and Privacy.

[39]  Michael Backes,et al.  Boxify: Full-fledged App Sandboxing for Stock Android , 2015, USENIX Security Symposium.

[40]  Marcus Peinado,et al.  Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing , 2016, USENIX Security Symposium.

[41]  Wenliang Du,et al.  TruZ-Droid: Integrating TrustZone with Mobile Operating System , 2018, MobiSys.

[42]  Benjamin Morin,et al.  What If You Can't Trust Your Network Card? , 2011, RAID.

[43]  Robert H. Deng,et al.  ROPecker: A Generic and Practical Approach For Defending Against ROP Attacks , 2014, NDSS.

[44]  Ahmad-Reza Sadeghi,et al.  LiteHAX: Lightweight Hardware-Assisted Attestation of Program Execution , 2018, 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[45]  William R. Harris,et al.  Enforcing Unique Code Target Property for Control-Flow Integrity , 2018, CCS.

[46]  Milo M. K. Martin,et al.  Watchdog: Hardware for safe and secure manual memory management and full memory safety , 2012, 2012 39th Annual International Symposium on Computer Architecture (ISCA).

[47]  Yubin Xia,et al.  Building trusted path on untrusted device drivers for mobile devices , 2014, APSys.

[48]  Christof Paar,et al.  An Exploratory Analysis of Microcode as a Building Block for System Defenses , 2018, CCS.

[49]  Dawn Xiaodong Song,et al.  SoK: Eternal War in Memory , 2013, 2013 IEEE Symposium on Security and Privacy.

[50]  Peng Ning,et al.  SICE: a hardware-level strongly isolated computing environment for x86 multi-core platforms , 2011, CCS '11.

[51]  Trent Jaeger,et al.  GRIFFIN: Guarding Control Flows Using Intel Processor Trace , 2017, ASPLOS.

[52]  Quan Chen,et al.  Hypervision Across Worlds: Real-time Kernel Protection from the ARM TrustZone Secure World , 2014, CCS.

[53]  Miao Yu,et al.  Trusted Display on Untrusted Commodity Platforms , 2015, CCS.

[54]  Ahmad-Reza Sadeghi,et al.  HAFIX: Hardware-Assisted Flow Integrity eXtension , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[55]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[56]  Ahmad-Reza Sadeghi,et al.  HardScope: Thwarting DOP with Hardware-assisted Run-time Scope Enforcement , 2017, ArXiv.

[57]  Johannes Götzfried,et al.  Isolating Operating System Components with Intel SGX , 2016, SysTEX@Middleware.

[58]  Yunheung Paek,et al.  Vigilare: toward snoop-based kernel integrity monitor , 2012, CCS '12.

[59]  James Hendricks,et al.  Secure bootstrap is not enough: shoring up the trusted computing base , 2004, EW 11.

[60]  Thomas F. Wenisch,et al.  Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution , 2018, USENIX Security Symposium.

[61]  Michael K. Reiter,et al.  Flicker: an execution infrastructure for tcb minimization , 2008, Eurosys '08.

[62]  Peter Druschel,et al.  ERIM: Secure, Efficient In-process Isolation with Protection Keys (MPK) , 2019, USENIX Security Symposium.

[63]  Timothy R. Colburn,et al.  Abstraction in Computer Science , 2007, Minds and Machines.

[64]  T. Mandt,et al.  Demystifying the Secure Enclave Processor , 2016 .

[65]  Weidong Shi,et al.  CPU transparent protection of OS kernel and hypervisor integrity with programmable DRAM , 2013, ISCA.

[66]  William A. Arbaugh,et al.  Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor , 2004, USENIX Security Symposium.

[67]  Karen L. Karavanic,et al.  Performance implications of System Management Mode , 2013, 2013 IEEE International Symposium on Workload Characterization (IISWC).

[68]  Frank Piessens,et al.  SGX-Step: A Practical Attack Framework for Precise Enclave Execution Control , 2017, SysTEX@SOSP.

[69]  Bernard van Gastel,et al.  Self-Encrypting Deception: Weaknesses in the Encryption of Solid State Drives , 2019, 2019 IEEE Symposium on Security and Privacy (SP).

[70]  Aaron Weiss Trusted computing , 2006, NTWK.

[71]  Frank Piessens,et al.  Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary CPU Interrupt Logic , 2018, CCS.

[72]  Herbert Bos,et al.  Translation Leak-aside Buffer: Defeating Cache Side-channel Protections with TLB Attacks , 2018, USENIX Security Symposium.

[73]  James Newsome,et al.  Design, Implementation and Verification of an eXtensible and Modular Hypervisor Framework , 2013, 2013 IEEE Symposium on Security and Privacy.

[74]  Robin Milner,et al.  A Theory of Type Polymorphism in Programming , 1978, J. Comput. Syst. Sci..

[75]  Duflot,et al.  Using CPU System Management Mode to Circumvent Operating System Security Functions , 2022 .

[76]  Ning Zhang,et al.  TruSense: Information Leakage from TrustZone , 2018, IEEE INFOCOM 2018 - IEEE Conference on Computer Communications.

[77]  Yunheung Paek,et al.  HDFI: Hardware-Assisted Data-Flow Isolation , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[78]  Sushil Jajodia,et al.  Memory Forensic Challenges Under Misused Architectural Features , 2018, IEEE Transactions on Information Forensics and Security.

[79]  Angelos Stavrou,et al.  A Framework to Secure Peripherals at Runtime , 2014, ESORICS.

[80]  Adi Shamir,et al.  Cache Attacks and Countermeasures: The Case of AES , 2006, CT-RSA.

[81]  Shaolei Ren,et al.  Ohm's Law in Data Centers: A Voltage Side Channel for Timing Power Attacks , 2018, CCS.

[82]  Ariel J. Feldman,et al.  Lest we remember: cold-boot attacks on encryption keys , 2008, CACM.

[83]  Marcus Peinado,et al.  T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs , 2017, NDSS.

[84]  William Enck,et al.  A Study of Security Isolation Techniques , 2016, ACM Comput. Surv..

[85]  Ning Zhang,et al.  TruSpy: Cache Side-Channel Information Leakage from the Secure World on ARM Devices , 2016, IACR Cryptol. ePrint Arch..

[86]  Chester Rebeiro,et al.  Shakti-T: A RISC-V Processor with Light Weight Security Extensions , 2017, HASP@ISCA.

[87]  Angelos D. Keromytis,et al.  Transparent ROP Exploit Mitigation Using Indirect Branch Tracing , 2013, USENIX Security Symposium.

[88]  Christof Fetzer,et al.  Intel MPX Explained , 2018, Proc. ACM Meas. Anal. Comput. Syst..

[89]  Helen J. Wang,et al.  SubVirt: implementing malware with virtual machines , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[90]  Adrian Perrig,et al.  TrustVisor: Efficient TCB Reduction and Attestation , 2010, 2010 IEEE Symposium on Security and Privacy.

[91]  Michael Norrish,et al.  seL4: formal verification of an OS kernel , 2009, SOSP '09.

[92]  Jonathan M. Smith,et al.  Architectural Support for Software-Defined Metadata Processing , 2015, ASPLOS.

[93]  Ingrid Verbauwhede,et al.  A survey of Hardware-based Control Flow Integrity (CFI) , 2017, ArXiv.

[94]  Michael Hamburg,et al.  Spectre Attacks: Exploiting Speculative Execution , 2018, 2019 IEEE Symposium on Security and Privacy (SP).

[95]  Sean W. Smith,et al.  Building the IBM 4758 Secure Coprocessor , 2001, Computer.

[96]  Christof Paar,et al.  Reverse Engineering x86 Processor Microcode , 2019, USENIX Security Symposium.

[97]  Christoforos E. Kozyrakis,et al.  Hardware Enforcement of Application Security Policies Using Tagged Memory , 2008, OSDI.

[98]  Brent Byunghoon Kang,et al.  Lord of the x86 Rings: A Portable User Mode Privilege Separation Architecture on x86 , 2018, CCS.

[99]  Haibo Chen,et al.  CloudVisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization , 2011, SOSP.

[100]  Roland H. C. Yap,et al.  EffectiveSan: type and memory error detection using dynamically typed C/C++ , 2017, PLDI.

[101]  Milo M. K. Martin,et al.  Hardbound: architectural support for spatial safety of the C programming language , 2008, ASPLOS.