Sanctum : minimal architectural extensions for isolated execution

Intel's Software Guard Extensions (SGX) have captured the attention of security practitioners by promising to secure computation performed on a remote computer where all the privileged software is potentially malicious. Unfortunately, an independent analysis of SGX reveals that it is vulnerable to software attacks, and it can only be used by developers licensed by Intel. Furthermore, significant parts of SGX are undocumented, making it impossible for researchers outside of Intel to reason about some of its security properties. Sanctum offers the same promise as SGX, namely strong provable isolation of software modules running concurrently and sharing resources, but protects against an important class of additional software attacks that infer private information from a program's memory access patterns. Sanctum shuns unnecessary complexity, leading to a simpler security analysis. We follow a principled approach to eliminating entire attack surfaces through isolation, rather than plugging attack-specific privacy leaks. Most of Sanctum's logic is implemented in trusted software, which is easier to analyze than SGX's opaque microcode. Our prototype targets a Rocket RISC-V core, an open implementation that allows any researcher to reason about its security properties. Sanctum's extensions can be adapted to other RISC cores, because we do not change any major CPU building block. Instead, we add hardware at the interfaces between building blocks, without impacting cycle time. Sanctum demonstrates that strong software isolation is achievable with a surprisingly small set of minimally invasive hardware changes, and a very reasonable overhead (assuming a software attack model) that is orders of magnitude less than what is incurred by ORAMenabled processors. Our modifications cause a 2% area increase to the Rocket core. Over a set of benchmarks, Sanctum's worst observed overhead for isolated execution is 15.1% over an idealized insecure baseline, and 2.7% average overhead over a representative insecure baseline. Thesis Supervisor: Srinivas Devadas Title: Edwin Sibley Webster Professor of EECS

[1]  Morris J. Dworkin,et al.  SP 800-38B. Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication , 2005 .

[2]  Xi Wang,et al.  Linux kernel vulnerabilities: state-of-the-art defenses and open problems , 2011, APSys.

[3]  Daniel Genkin,et al.  Get your hands off my laptop: physical side-channel key-extraction attacks on PCs , 2015, Journal of Cryptographic Engineering.

[4]  Xeno Kovah,et al.  BIOS chronomancy: fixing the core root of trust for measurement , 2013, CCS.

[5]  Billy Bob Brumley,et al.  Remote Timing Attacks Are Still Practical , 2011, ESORICS.

[6]  Srinivas Devadas,et al.  A secure processor architecture for encrypted computation on untrusted programs , 2012, STC '12.

[7]  Ruby B. Lee,et al.  Scalable architectural support for trusted software , 2010, HPCA - 16 2010 The Sixteenth International Symposium on High-Performance Computer Architecture.

[8]  David Grawrock Dynamics of a trusted platform: a building block approach , 2009 .

[9]  Larry Carter,et al.  Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[10]  William Futral,et al.  Intel® Trusted Execution Technology for Server Platforms , 2013, Apress.

[11]  Jiangtao Li,et al.  Enhanced Privacy ID from Bilinear Pairing for Hardware Authentication and Attestation , 2010, 2010 IEEE Second International Conference on Social Computing.

[12]  Lidong Chen,et al.  Recommendation for Key Derivation Using Pseudorandom Functions (Revised) , 2009 .

[13]  Morris J. Dworkin,et al.  Recommendation for Block Cipher Modes of Operation: Methods and Techniques , 2001 .

[14]  James Goodman,et al.  MESIF: A Two-Hop Cache Coherency Protocol for Point-to-Point Interconnects (2004) , 2004 .

[15]  Duflot,et al.  Using CPU System Management Mode to Circumvent Operating System Security Functions , 2022 .

[16]  Gorka Irazoqui Apecechea,et al.  Fine Grain Cross-VM Attacks on Xen and VMware , 2014, 2014 IEEE Fourth International Conference on Big Data and Cloud Computing.

[17]  Ittai Anati,et al.  Innovative Technology for CPU Based Attestation and Sealing , 2013 .

[18]  Srinivas Devadas,et al.  Silicon physical random functions , 2002, CCS '02.

[19]  G. Edward Suh,et al.  Caches and hash trees for efficient memory integrity verification , 2003, The Ninth International Symposium on High-Performance Computer Architecture, 2003. HPCA-9 2003. Proceedings..

[20]  David A. Patterson,et al.  Computer Architecture: A Quantitative Approach , 1969 .

[21]  Srinivas Devadas,et al.  Sanctum: Minimal Hardware Extensions for Strong Software Isolation , 2016, USENIX Security Symposium.

[22]  Stefan Mangard,et al.  An AES Smart Card Implementation Resistant to Power Analysis Attacks , 2006, ACNS.

[23]  Daniel Genkin,et al.  Stealing Keys from PCs Using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation , 2015, CHES.

[24]  Elaine B. Barker Secure Hash Standard (SHS) | NIST , 1995 .

[25]  Oded Goldreich,et al.  Towards a theory of software protection and simulation by oblivious RAMs , 1987, STOC.

[26]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[27]  T. Alves,et al.  TrustZone : Integrated Hardware and Software Security , 2004 .

[28]  Friedrich Beck,et al.  Integrated circuit failure analysis : a guide to preparation techniques , 1998 .

[29]  Shay Gueron Quick Verification of RSA Signatures , 2011, 2011 Eighth International Conference on Information Technology: New Generations.

[30]  Brent Waters,et al.  Cloaking Malware with the Trusted Platform Module , 2011, USENIX Security Symposium.

[31]  Daniel Bleichenbacher,et al.  Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1 , 1998, CRYPTO.

[32]  Bruce Schneier,et al.  Cryptography Engineering - Design Principles and Practical Applications , 2010 .

[33]  Andrew Bunnie Huang,et al.  Hacking the Xbox: An Introduction to Reverse Engineering , 2003 .

[34]  Nael B. Abu-Ghazaleh,et al.  Iso-X: A Flexible Architecture for Hardware-Managed Isolated Execution , 2014, 2014 47th Annual IEEE/ACM International Symposium on Microarchitecture.

[35]  Cliff Changchun Zou,et al.  SMM rootkit: a new breed of OS independent malware , 2013, Secur. Commun. Networks.

[36]  Juan del Cuvillo,et al.  Using innovative instructions to create trustworthy software solutions , 2013, HASP '13.

[37]  Daming Dominic Chen,et al.  Security Analysis of x86 Processor Microcode , 2014 .

[38]  Gorka Irazoqui Apecechea,et al.  Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud , 2015, IACR Cryptol. ePrint Arch..

[39]  D. Eastlake,et al.  Secure Hash Algorithm-1 , 2001 .

[40]  Adi Shamir,et al.  RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis , 2014, CRYPTO.

[41]  Stefan Mangard,et al.  Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript , 2015, DIMVA.

[42]  David Brumley,et al.  Remote timing attacks are practical , 2003, Comput. Networks.

[43]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[44]  Joseph Bonneau,et al.  Cache-Collision Timing Attacks Against AES , 2006, CHES.

[45]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.