The Performance Cost of Security

Bowen, Lucy R

01 June 2019

Historically, performance has been the most important feature when optimizing computer hardware. Modern processors are so highly optimized that every cycle of computation time matters. However, this practice of optimizing for performance at all costs has been called into question by new microarchitectural attacks, e.g. Meltdown and Spectre. Microarchitectural attacks exploit the effects of microarchitectural components or optimizations in order to leak data to an attacker. These attacks have caused processor manufacturers to introduce performance impacting mitigations in both software and silicon. To investigate the performance impact of the various mitigations, a test suite of forty-seven different tests was created. This suite was run on a series of virtual machines that tested both Ubuntu 16 and Ubuntu 18. These tests investigated the performance change across version updates and the performance impact of CPU core number vs. default microarchitectural mitigations. The testing proved that the performance impact of the microarchitectural mitigations is non-trivial, as the percent difference in performance can be as high as 200%.

Security

Microarchitecture Attack

Cache Attack

Timing Attack

Meltdown

Spectre

Information Security

Risk Analysis

Systems Architecture

Micro-architectural Attacks and Countermeasures

Lu, Shiting

January 2011

Micro-architectural analysis (MA) is a fast evolving area of side-channel cryptanalysis. This new area focuses on the effects of common processor components and their functionalities on the security of software cryptosystems. The main characteristic of micro-architectural attacks, which sets them aside from classical side-channel attacks, is the simple fact that they exploit the micro-architectural behavior of modern computer systems. Attackers could get running information through malicious software, then get some sensitive information through off-line analysis. This kind of attack has the following features: 1.) side channel information are acquired through software measurement on target machine with no need to use sophisticated devices. 2.) non-privilege process could get the running information of the privilege process. 3.) people can mount both a remote attack and local attack. This thesis mainly focuses one kinds of these attacks, data cache based timing attacks(CBTA). First, the main principle of CBTA is introduced, and several kinds of CBTA technique are discussed. Moreover, theoretical model is given under some attacks. Second, various countermeasures are described and their advantages and disadvantages are pointed out. Based on these discussions, the author proposes two anti-attack measures using hardware modification. Aiming at access-driven attacks, a XOR address remapping technique is proposed, which could obfuscate the mapping relationship between cache line and memory block. Aiming at timing-driven attacks, the IPMG mechanism is proposed innovatively. This mechanism could generate cache miss dynamically through observing the historic miss rate. These two mechanisms are realized on the MIPS processor and their effectiveness is verified on the FPGA board. At last, performance penalty and hardware cost are evaluated. The result shows that the proposed solution is effective with very low performance penalty and area cost

Cache attack

AES

countermeasures

side channel

security

Engineering and Technology

Teknik och teknologier

Side-Channel Attacks on Intel SGX: How SGX Amplifies The Power of Cache Attack

Moghimi, Ahmad

27 April 2017

In modern computing environments, hardware resources are commonly shared, and parallel computation is more widely used. Users run their services in parallel on the same hardware and process information with different confidentiality levels every day. Running parallel tasks can cause privacy and security problems if proper isolation is not enforced. Computers need to rely on a trusted root to protect the data from malicious entities. Intel proposed the Software Guard eXtension (SGX) to create a trusted execution environment (TEE) within the processor. SGX allows developers to benefit from the hardware level isolation. SGX relies only on the hardware, and claims runtime protection even if the OS and other software components are malicious. However, SGX disregards any kind of side-channel attacks. Researchers have demonstrated that microarchitectural sidechannels are very effective in thwarting the hardware provided isolation. In scenarios that involve SGX as part of their defense mechanism, system adversaries become important threats, and they are capable of initiating these attacks. This work introduces a new and more powerful cache side-channel attack that provides system adversaries a high resolution channel. The developed attack is able to virtually track all memory accesses of SGX execution with temporal precision. As a proof of concept, we demonstrate our attack to recover cryptographic AES keys from the commonly used implementations including those that were believed to be resistant in previous attack scenarios. Our results show that SGX cannot protect critical data sensitive computations, and efficient AES key recovery is possible in a practical environment. In contrast to previous attacks which require hundreds of measurements, this is the first cache side-channel attack on a real system that can recover AES keys with a minimal number of measurements. We can successfully recover the AES key from T-Table based implementations in a known plaintext and ciphertext scenario with an average of 15 and 7 samples respectively.

key recovery

trusted execution environment

security

cache attack

T-Table

TEE

SGX

cache

side-channel

attack

AES

cryptography

Secure System Virtualization : End-to-End Verification of Memory Isolation

Nemati, Hamed

January 2017

Over the last years, security-kernels have played a promising role in reshaping the landscape of platform security on embedded devices. Security-kernels, such as separation kernels, enable constructing high-assurance mixed-criticality execution platforms on a small TCB, which enforces isolation between components. The reduced TCB  minimizes the system attack surface and facilitates the use of formal methods to ensure the kernel functional correctness and security. In this thesis, we explore various aspects of building a provably secure separation kernel using virtualization technology. We show how the memory management subsystem can be virtualized to enforce isolation of system components. Virtualization is done using direct-paging that enables a guest software to manage its own memory configuration. We demonstrate the soundness of our approach by verifying that the high-level model of the system fulfills the desired security properties. Through refinement, we then propagate these properties (semi-)automatically to the machine-code of the virtualization mechanism. Further, we show how a runtime monitor can be securely deployed alongside a Linux guest on a hypervisor to prevent code injection attacks targeting Linux. The monitor takes advantage of the provided separation to protect itself and to retain a complete view of the guest. Separating components using a low-level software cannot by itself guarantee the system security. Indeed, current processors architecture involves features that can be utilized to violate the isolation of components. We present a new low-noise attack vector constructed by measuring caches effects which is capable of breaching isolation of components and invalidates the verification of a software that has been verified on a memory coherent model. To restore isolation, we provide several countermeasures and propose a methodology to repair the verification by including data-caches in the statement of the top-level security properties of the system. / <p>QC 20170831</p> / PROSPER / HASPOC

Platform Security

Hypervisor

Formal Verification

Theorem Proving

HOL4

Cache attack

Security Monitor

Information Flow

Computer Science

Datavetenskap (datalogi)

Implementation of Cache Attack on Real Information Centric Networking System

Anto Morais, Faustina J.

01 January 2018

Network security is an ongoing major problem in today’s Internet world. Even though there have been simulation studies related to denial of service and cache attacks, studies of attacks on real networks are still lacking in the research. In this thesis, the effects of cache attacks in real information-centric networking systems were investigated. Cache attacks were implemented in real networks with different cache sizes and with Least Recently Used, Random and First In First Out algorithms to fill the caches in each node. The attacker hits the cache with unpopular content, making the user request that the results be fetched from web servers. The cache hit, time taken to get the result, and number of hops to serve the request were calculated with real network traffic. The results of the implementation are provided for different topologies and are compared with the simulation results.

Thesis

University of North Florida

UNF

DoS

DDoS

ICN

Cache

Cache Attack

Caching

Computer and Systems Architecture

Digital Communications and Networking