Bluethunder: A 2-level Directional Predictor Based Side-Channel Attack against SGX

Software Guard Extension (SGX) is a hardware-based trusted execution environment (TEE) implemented in recent Intel commodity processors. By isolating the memory of security-critical applications from untrusted software, this mechanism provides users with a strongly shielded environment called enclave for executing programs safely. However, recent studies have demonstrated that SGX enclaves are vulnerable to side-channel attacks. In order to deal with these attacks, several protection techniques have been studied and utilized.In this paper, we explore a new pattern history table (PHT) based side-channel attack against SGX named Bluethunder, which can bypass existing protection techniques and reveal the secret information inside an enclave. Comparing to existing PHT-based attacks (such as Branchscope [ERAG+18]), Bluethunder abuses the 2-level directional predictor in the branch prediction unit, on top of which we develop an exploitation methodology to disclose the input-dependent control flow in an enclave. Since the cost of training the 2-level predictor is pretty low, Bluethunder can achieve a high bandwidth during the attack. We evaluate our attacks on two case studies: extracting the format string information in the vfprintf function in the Intel SGX SDK and attacking the implementation of RSA decryption algorithm in mbed TLS. Both attacks show that Bluethunder can recover fine-grained information inside an enclave with low training overhead, which outperforms the latest PHT-based side channel attack (Branchscope) by 52×. Specifically, in the second attack, Bluethunder can recover the RSA private key with 96.76% accuracy in a single run.

Download Full-text

Cross-VM Branch Prediction Analysis Attack: Scope Assessment and Simulation

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.b3553.078219 ◽

2019 ◽

Vol 8 (2) ◽

pp. 4868-4873

Keyword(s):

Cloud Computing ◽

Resource Sharing ◽

Cloud Security ◽

Branch Prediction ◽

Side Channel ◽

Shared Resource ◽

Prediction Analysis ◽

Private Key ◽

Cryptographic Algorithm ◽

Primary Focus

Growing scope of cloud computing has made cloud security a challenging parameter. Among all the security parameters, virtualization security requires primary focus as it hides internal resource sharing details of the system. Side Channel Attack (SCA) is an attack that exploits the shared resource for extracting the private key of a cryptographic algorithm. Considering the significance of virtualization security, we need to analyze the SCA in a virtualization environment. In this paper, we target the Branch Prediction Analysis (BPA) Attack, one type of SCA. We have carried out an analysis to verify the scope of various BPA attack launching methods in virtualization environment along with the simulation. We have also analyzed the scope of existing solutions handling BPA attack.

Download Full-text

Fine-grained access control based on Trusted Execution Environment

Future Generation Computer Systems ◽

10.1016/j.future.2018.05.062 ◽

2020 ◽

Vol 109 ◽

pp. 551-561 ◽

Cited By ~ 5

Author(s):

Yongkai Fan ◽

Shengle Liu ◽

Gang Tan ◽

Fei Qiao

Keyword(s):

Access Control ◽

Fine Grained ◽

Execution Environment ◽

Trusted Execution Environment

Download Full-text

On the Security of Practical Mail User Agents against Cache Side-Channel Attacks

Applied Sciences ◽

10.3390/app10113770 ◽

2020 ◽

Vol 10 (11) ◽

pp. 3770

Author(s):

Hodong Kim ◽

Hyundo Yoon ◽

Youngjoo Shin ◽

Junbeom Hur

Keyword(s):

Third Party ◽

Side Channel ◽

Software Components ◽

Side Channel Attack ◽

Side Channel Attacks ◽

User Agent ◽

Root Cause ◽

Private Key ◽

The Third ◽

And Control

Mail user agent (MUA) programs provide an integrated interface for email services. Many MUAs support email encryption functionality to ensure the confidentiality of emails. In practice, they encrypt the content of an email using email encryption standards such as OpenPGP or S/MIME, mostly implemented using GnuPG. Despite their widespread deployment, there has been insufficient research on their software structure and the security dependencies among the software components of MUA programs. In order to understand the security implications of the structures and analyze any possible vulnerabilities of MUA programs, we investigated a number of MUAs that support email encryption. As a result, we found severe vulnerabilities in a number of MUAs that allow cache side-channel attacks in virtualized desktop environments. Our analysis reveals that the root cause originates from the lack of verification and control over the third-party cryptographic libraries that they adopt. In order to demonstrate this, we implemented a cache side-channel attack on RSA in GnuPG and then conducted an evaluation of the vulnerability of 13 MUAs that support email encryption in Ubuntu 14.04, 16.04 and 18.04. Based on our experiment, we found that 10 of these MUA programs (representing approximately 77% of existing MUA programs) allow the installation of a vulnerable version of GnuPG, even when the latest version of GnuPG, which is secure against most cache side-channel attacks, is in use. In order to substantiate the importance of the vulnerability we discovered, we conducted a FLUSH+RELOAD attack on these MUA programs and demonstrated that the attack restored 92% of the bits of the 2048-bit RSA private key when the recipients read a single encrypted email.

Download Full-text

Privacy-Preserving Genotype Imputation in a Trusted Execution Environment

10.1101/2021.02.02.429428 ◽

2021 ◽

Author(s):

Natnatee Dokmai ◽

Can Kockan ◽

Kaiyuan Zhu ◽

XiaoFeng Wang ◽

S. Cenk Sahinalp ◽

...

Keyword(s):

Large Scale ◽

Genetic Data ◽

Privacy Preserving ◽

Genotype Imputation ◽

Third Party ◽

Side Channel ◽

Data Repositories ◽

Genetics Research ◽

Execution Environment ◽

Trusted Execution Environment

AbstractGenotype imputation is an essential tool in genetics research, whereby missing genotypes are inferred based on a panel of reference genomes to enhance the power of downstream analyses. Recently, public imputation servers have been developed to allow researchers to leverage increasingly large-scale and diverse genetic data repositories for imputation. However, privacy concerns associated with uploading one’s genetic data to a third-party server greatly limit the utility of these services. In this paper, we introduce a practical, secure hardware-based solution for a privacy-preserving imputation service, which keeps the input genomes private from the service provider by processing the data only within a Trusted Execution Environment (TEE) offered by the Intel SGX technology. Our solution features SMac, an efficient, side-channel-resilient imputation algorithm designed for Intel SGX, which employs the hidden Markov model (HMM)-based imputation strategy also utilized by a state-of-the-art imputation software Minimac. SMac achieves imputation accuracies virtually identical to those of Minimac and provides protection against known attacks on SGX while maintaining scalability to large datasets. We additionally show the necessity of our strategies for mitigating side-channel risks by identifying vulnerabilities in existing imputation software and controlling their information exposure. Overall, our work provides a guideline for practical and secure implementation of genetic analysis tools in SGX, representing a step toward privacy-preserving analysis services that can facilitate data sharing and accelerate genetics research.†AvailabilityOur software is available at https://github.com/ndokmai/sgx-genotype-imputation.

Download Full-text

Bypassing Isolated Execution on RISC-V using Side-Channel-Assisted Fault-Injection and Its Countermeasure

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2022.i1.28-68 ◽

2021 ◽

pp. 28-68

Author(s):

Shoei Nashimoto ◽

Daisuke Suzuki ◽

Rei Ueno ◽

Naofumi Homma

Keyword(s):

Real World ◽

Fault Injection ◽

Side Channel ◽

Proof Of Concept ◽

Malicious Software ◽

Memory Protection ◽

Channel Information ◽

Execution Environment ◽

Fault Injection Attack ◽

Trusted Execution Environment

RISC-V is equipped with physical memory protection (PMP) to prevent malicious software from accessing protected memory regions. PMP provides a trusted execution environment (TEE) that isolates secure and insecure applications. In this study, we propose a side-channel-assisted fault-injection attack to bypass isolation based on PMP. The proposed attack scheme involves extracting successful glitch parameters for fault injection from side-channel information under crossdevice conditions. A proof-of-concept TEE compatible with PMP in RISC-V was implemented, and the feasibility and effectiveness of the proposed attack scheme was validated through experiments in TEEs. The results indicate that an attacker can bypass the isolation of the TEE and read data from the protected memory region In addition, we experimentally demonstrate that the proposed attack applies to a real-world TEE, Keystone. Furthermore, we propose a software-based countermeasure that prevents the proposed attack.

Download Full-text

Protecting Security-Sensitive Data Using Program Transformation and Trusted Execution Environment

10.21203/rs.3.rs-462176/v1 ◽

2021 ◽

Author(s):

Anter Abdu Alhag Ali Faree ◽

Yongzhi Wang

Keyword(s):

Program Transformation ◽

Trusted Computing ◽

Control Flow ◽

Public Cloud ◽

Sensitive Data ◽

New Approach ◽

The Public ◽

Trusted Computing Base ◽

Execution Environment ◽

Trusted Execution Environment

Abstract Cloud computing allows clients to upload their sensitive data to the public cloud and perform sensitive computations in those untrusted areas, which drives to possible violations of the confidentiality of client sensitive data. Utilizing Trusted Execution Environments (TEEs) to protect data confidentiality from other software is an effective solution. TEE is supported by different platforms, such as Intel’s Software Guard Extension (SGX). SGX provides a TEE, called an enclave, which can be used to protect the integrity of the code and the confidentiality of data. Some efforts have proposed different solutions in order to isolate the execution of security-sensitive code from the rest of the application. Unlike our previous work, CFHider, a hardware-assisted method that aimed to protect only the confidentiality of control flow of applications, in this study, we develop a new approach for partitioning applications into security-sensitive code to be run in the trusted execution setting and cleartext code to be run in the public cloud setting. Our approach leverages program transformation and TEE to hide security-sensitive data of the code. We describe our proposed solution by combining the partitioning technique, program transformation, and TEEs to protect the execution of security-sensitive data of applications. Some former works have shown that most applications can run in their entirety inside trusted areas such as SGX enclaves, and that leads to a large Trusted Computing Base (TCB). Instead, we analyze three case studies, in which we partition real Java applications and employ the SGX enclave to protect the execution of sensitive statements, therefore reducing the TCB. We also showed the advantages of the proposed solution and demonstrated how the confidentiality of security-sensitive data is protected.

Download Full-text