SlideShare a Scribd company logo

EncExec: Secure In-Cache Execution

Yue Chen
Yue Chen

EncExec A cold boot attack is a powerful physical attack that can dump the memory of a computer system and extract sensitive data from it. Previous defenses focus on storing cryptographic keys off the memory in the limited storage “borrowed” from hardware chips. In this paper, we propose EncExec, a practical and effective defense against cold boot attacks. EncExec has two key techniques: spatial cache reservation and secure in-cache execution. The former overcomes the challenge that x86 processors lack a fine-grained cache control by reserving a small block of the CPU’s level-3 cache exclusively for use by EncExec; the latter leverages the reserved cache to enable split views of the protected data: the data stored in the physical memory is always encrypted, and the plaintext view of the data is strictly confined to the reserved cache. Consequently, a cold boot attack can only obtain the encrypted form of the data. We have built a prototype of EncExec for the FreeBSD system. The evaluation demonstrates that EncExec is a practical and effective defense against cold boot attacks.

Software
1 of 35
Download to read offline
Secure In-Cache Execution Yue Chen, Mustakimur Khandaker, Zhi Wang Florida State University 20th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2017)
Cold Boot Attack • Dump memory by freezing and transplanting​ • Steal sensitive information
Cold Boot Attack • Sensitive memory content in plaintext Memory “Secret Message”
Cold Boot Attack • Sensitive memory content in plaintext Memory “Secret Message” “Secret Message”
Our Solution • Sensitive memory content cannot be read with encryption Memory “XXXXXXXXXXXX”
Our Solution • Sensitive memory content cannot be read with encryption Memory “XXXXXXXXXXXX” ? ? ?
EncExec: Design Goals • Data secrecy – Plaintext view only in cache; key protected as well • Performance isolation – Performance impact isolated from other processes • Application transparency – User program unmodified to run under EncExec
Threat Model • Able to perform cold boot attacks • No malware installed (e.g., kernel rootkit) • Typical use scenario: – Laptops lost in public places, even protected by encrypted hard disks and screen locks
Design Overview • Data in memory always encrypted; decrypted into the L3 cache only when accessed • Use reserved cache as a window over protected data – Use L3 (instead of L1 or L2) cache to minimize performance impact
Design Overview • Decrypted data will never be evicted to memory (no cache conflict) – Extend kernel’s virtual memory management to strictly control access – Only data in the window are mapped in the address space – If more data than window size -> page replacement
Design Overview Two modes: 1. Given a block of secure memory for storing critical data – Need to (slightly) modify the program 2. Use reserved cache to protect all the data of the process – Use the reserved cache as a moving window
Design: Key Techniques • Spatial cache reservation – Reserves a small part of the L3 cache for its use • Secure in-cache execution – Data encrypted in memory, plaintext view only in cache
CPU Cache Intel Core i7 4790 cache architecture
CPU Cache 2-way set-associative cache, 8 cache lines in 4 sets. Each cache line has 16 bytes.
Challenges: Spatial Cache Reservation • Fine-grained cache control – x86 transparently manages cache assignment and replacement • Countermeasures: – Rule 1 • Protected data are only cached by the reserved cache • No other memory is cached by the reserved cache – Rule 2: • Accessible (decrypted) protected data is less than the reserved cache size – Thus, reserved cache content will not be evicted
Design: Spatial Cache Reservation • Use page table to control reserved memory usage • Page table can only map page-sized and page-aligned memory • Reserve at least a whole page on the L3 cache • Reserve a smallest page of the cache (4KB) – How much space in total we need to reserve?
Design: Spatial Cache Reservation 0400 08 0C 10 14 18 1C 20 24 28 2C 30 34 38 3C *4*0 *8 *C 40 44 48 4C Cache Memory *0 *4 *8 *C Set 0 Set 1 Set 3Set 2
Design: Spatial Cache Reservation 0400 08 0C 10 14 18 1C 20 24 28 2C 30 34 38 3C *4*0 *8 *C 40 44 48 4C Cache Memory *0 *4 *8 *C Set 0 Set 1 Set 3Set 2 : Needs to be reserved
Design: Spatial Cache Reservation 0400 08 0C 10 14 18 1C 20 24 28 2C 30 34 38 3C *4*0 *8 *C 40 44 48 4C Cache Memory *0 *4 *8 *C Set 0 Set 1 Set 3Set 2 : Needs to be reserved
Design: Spatial Cache Reservation 0400 08 0C 10 14 18 1C 20 24 28 2C 30 34 38 3C *4*0 *8 *C 40 44 48 4C Cache Memory *0 *4 *8 *C Set 0 Set 1 Set 3Set 2 : Needs to be reserved
Example: Spatial Cache Reservation • Intel Core-i7 4790 L3 cache – 16-way set-associative; physically indexed and physically tagged – Cache line size: 64 bytes = 26 bytes (offset field: 6 bits) – Cache size: 8 MB • Set number: 8M/(64*16) = 8192 = 213 (set field: 13 bits) • If machine has 16GB (234) of physical memory, tag field has 15 bits (34 – 6 - 13 = 15).
Example: Spatial Cache Reservation • Reserve one page (4KB) • 64 cache lines in one page – Page_size/cache_line_size = 4K/64 = 64 • Need to reserve 64 cache sets – All the cache lines in the same set reserved together (16-way) • Reserve 64KB cache in total – 64 (set number) * 16 (associativity ways) * 64B (cache line size) = 64KB
Example: Spatial Cache Reservation • Reserve 1/128 of the physical memory – 64 (reserved sets) / 8192 (total) = 1/128 • Reserve one physical page for every 128 pages • If RAM is 16GB, the total reserved memory is: – 16GB * 1/128 = 128MB • Ensure no cache eviction: – Can use 64KB (16 pages) at a time of the 128MB – Name these 16 pages as plaintext pages – Protected data can be larger than 64KB as we use demand paging
Design: Secure In-Cache Execution Desynchronize memory (encrypted) and cache (plaintext) • Cache in write-back mode – Guaranteed by hardware and existing kernels (in most OS’es) • L3 cache is inclusive of L1 and L2 caches – Guaranteed by hardware and existing kernels • No conflict in the reserved cache – No more protected data at a time than the reserved cache size
Design: Secure In-Cache Execution More data to protect? • Demand paging – Access unmapped data -> page fault – Allocate a plaintext page (for securing data) – If no page available, select one for replacement • Encrypt the plaintext page, copy it back • Decrypt faulting page into plaintext, update page table if necessary
Design: Secure In-Cache Execution • Dedicate one plaintext page to store keys and sub-keys – Cannot be evicted or replaced • Frequent protected data encryption/decryption – Use CPU built-in support to speed up cryptographic algorithms
Implementation: Spatial Cache Reservation • Reserve physical pages in the booting process – Modify allocators to skip reserved pages • Make sure no reserved pages exist in page table • Hook run-time page allocator and kernel’s whole-cache flushing function
Implementation: Secure In-Cache Execution • pmap is used to unmap a page – Consist of architecture-specific data and functions to manage the process’ page table – Maintain a reverse mapping for physical pages – Track page usage information for page replacement • Remove shared protected pages from other processes
Performance Evaluation • Use the hardware-accelerated AES (AES-NI) to encrypt and decrypt data • About 3μs on average to encrypt/decrypt 4KB data using 128- bit AES algorithm – 6μs to replace an existing page
Performance Evaluation Overhead of common cryptographic algorithms Mode 1: Choose data to encrypt Mode 2: Encrypt all the data Test with 15 or 31 plaintext pages
Performance Evaluation Overhead of RSA and DH handshakes Mode 1: Choose data to encrypt Mode 2: Encrypt all the data Test with 15 or 31 plaintext pages
Performance Evaluation Performance of Bonnie while concurrently running the mbed TLS benchmark. The unit on the Y-axis is MB/sec or thousand_seeks/sec (for RandomSeeks only).
Secure In-Cache Execution www.YueChen.me Q & A
Backup Slides
Compared to Intel SGX • SGX is great! • EncExec – Works on old CPUs – No time-consuming context switch – Supports unmodified programs

Recommended

[Paper Reading] Efficient Query Processing with Optimistically Compressed Has...
[Paper Reading] Efficient Query Processing with Optimistically Compressed Has...[Paper Reading] Efficient Query Processing with Optimistically Compressed Has...
[Paper Reading] Efficient Query Processing with Optimistically Compressed Has...
PingCAP
 
Apache tajo configuration
Apache tajo configurationApache tajo configuration
Apache tajo configuration
Jihoon Son
 
Tajo case study bay area hug 20131105
Tajo case study bay area hug 20131105Tajo case study bay area hug 20131105
Tajo case study bay area hug 20131105
Gruter
 
Mongo nyc nyt + mongodb
Mongo nyc nyt + mongodbMongo nyc nyt + mongodb
Mongo nyc nyt + mongodb
Deep Kapadia
 
STOR2RRD presentation from Common CZ/SK 2015
STOR2RRD presentation from Common CZ/SK 2015STOR2RRD presentation from Common CZ/SK 2015
STOR2RRD presentation from Common CZ/SK 2015
Pavel Hampl
 
OpenTSDB: HBaseCon2017
OpenTSDB: HBaseCon2017OpenTSDB: HBaseCon2017
OpenTSDB: HBaseCon2017
HBaseCon
 
In-core compression: how to shrink your database size in several times
In-core compression: how to shrink your database size in several timesIn-core compression: how to shrink your database size in several times
In-core compression: how to shrink your database size in several times
Aleksander Alekseev
 
Optimizing columnar stores
Optimizing columnar storesOptimizing columnar stores
Optimizing columnar stores
Istvan Szukacs
 

Recommended

[Paper Reading] Efficient Query Processing with Optimistically Compressed Has...
[Paper Reading] Efficient Query Processing with Optimistically Compressed Has...[Paper Reading] Efficient Query Processing with Optimistically Compressed Has...
[Paper Reading] Efficient Query Processing with Optimistically Compressed Has...
PingCAP
 
Apache tajo configuration
Apache tajo configurationApache tajo configuration
Apache tajo configuration
Jihoon Son
 
Tajo case study bay area hug 20131105
Tajo case study bay area hug 20131105Tajo case study bay area hug 20131105
Tajo case study bay area hug 20131105
Gruter
 
Mongo nyc nyt + mongodb
Mongo nyc nyt + mongodbMongo nyc nyt + mongodb
Mongo nyc nyt + mongodb
Deep Kapadia
 
STOR2RRD presentation from Common CZ/SK 2015
STOR2RRD presentation from Common CZ/SK 2015STOR2RRD presentation from Common CZ/SK 2015
STOR2RRD presentation from Common CZ/SK 2015
Pavel Hampl
 
OpenTSDB: HBaseCon2017
OpenTSDB: HBaseCon2017OpenTSDB: HBaseCon2017
OpenTSDB: HBaseCon2017
HBaseCon
 
In-core compression: how to shrink your database size in several times
In-core compression: how to shrink your database size in several timesIn-core compression: how to shrink your database size in several times
In-core compression: how to shrink your database size in several times
Aleksander Alekseev
 
Optimizing columnar stores
Optimizing columnar storesOptimizing columnar stores
Optimizing columnar stores
Istvan Szukacs
 
InfiniFlux Minmax Cache
InfiniFlux Minmax CacheInfiniFlux Minmax Cache
InfiniFlux Minmax Cache
InfiniFlux
 
Java one2015 - Work With Hundreds of Hot Terabytes in JVMs
Java one2015 - Work With Hundreds of Hot Terabytes in JVMsJava one2015 - Work With Hundreds of Hot Terabytes in JVMs
Java one2015 - Work With Hundreds of Hot Terabytes in JVMs
Speedment, Inc.
 
OSMC 2014: Introduction into collectd | Florian Foster
OSMC 2014: Introduction into collectd | Florian FosterOSMC 2014: Introduction into collectd | Florian Foster
OSMC 2014: Introduction into collectd | Florian Foster
NETWAYS
 
Effectively deploying hadoop to the cloud
Effectively deploying hadoop to the cloudEffectively deploying hadoop to the cloud
Effectively deploying hadoop to the cloud
Avinash Ramineni
 
NUMA and Java Databases
NUMA and Java DatabasesNUMA and Java Databases
NUMA and Java Databases
Raghavendra Prabhu
 
OSDC 2012 | Taking hot backups with XtraBackup by Alexey Kopytov
OSDC 2012 | Taking hot backups with XtraBackup by Alexey KopytovOSDC 2012 | Taking hot backups with XtraBackup by Alexey Kopytov
OSDC 2012 | Taking hot backups with XtraBackup by Alexey Kopytov
NETWAYS
 
Mapping
MappingMapping
Mapping
Syed Ali Sherazi
 
Boosting I/O Performance with KVM io_uring
Boosting I/O Performance with KVM io_uringBoosting I/O Performance with KVM io_uring
Boosting I/O Performance with KVM io_uring
ShapeBlue
 
Full Text Search in PostgreSQL
Full Text Search in PostgreSQLFull Text Search in PostgreSQL
Full Text Search in PostgreSQL
Aleksander Alekseev
 
Introduction to Hadoop - FinistJug
Introduction to Hadoop - FinistJugIntroduction to Hadoop - FinistJug
Introduction to Hadoop - FinistJug
David Morin
 
Update on OpenTSDB and AsyncHBase
Update on OpenTSDB and AsyncHBase Update on OpenTSDB and AsyncHBase
Update on OpenTSDB and AsyncHBase
HBaseCon
 
PgconfSV compression
PgconfSV compressionPgconfSV compression
PgconfSV compression
Anastasia Lubennikova
 
Dataframes Showdown (miniConf 2022)
Dataframes Showdown (miniConf 2022)Dataframes Showdown (miniConf 2022)
Dataframes Showdown (miniConf 2022)
8thLight
 
Go and Uber’s time series database m3
Go and Uber’s time series database m3Go and Uber’s time series database m3
Go and Uber’s time series database m3
Rob Skillington
 
NetFlow Data processing using Hadoop and Vertica
NetFlow Data processing using Hadoop and VerticaNetFlow Data processing using Hadoop and Vertica
NetFlow Data processing using Hadoop and Vertica
Josef Niedermeier
 
C++ CoreHard Autumn 2018. Знай свое "железо": иерархия памяти - Александр Титов
C++ CoreHard Autumn 2018. Знай свое "железо": иерархия памяти - Александр ТитовC++ CoreHard Autumn 2018. Знай свое "железо": иерархия памяти - Александр Титов
C++ CoreHard Autumn 2018. Знай свое "железо": иерархия памяти - Александр Титов
corehard_by
 
Tuning Apache Phoenix/HBase
Tuning Apache Phoenix/HBaseTuning Apache Phoenix/HBase
Tuning Apache Phoenix/HBase
Anil Gupta
 
Falando de MySQL
Falando de MySQLFalando de MySQL
Falando de MySQL
Márcio Junior
 
Mongo db cluster administration and Shredded Databases
Mongo db cluster administration and Shredded DatabasesMongo db cluster administration and Shredded Databases
Mongo db cluster administration and Shredded Databases
Abhinav Jha
 
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016
Tomas Vondra
 
cache memory management
cache memory managementcache memory management
cache memory management
VELAMMAL INSTITUTE OF TECHNOLOGY
 
It322 intro 2
It322 intro 2It322 intro 2
It322 intro 2
J Cza Àkera
 

More Related Content

What's hot

Java one2015 - Work With Hundreds of Hot Terabytes in JVMs
Java one2015 - Work With Hundreds of Hot Terabytes in JVMsJava one2015 - Work With Hundreds of Hot Terabytes in JVMs
Java one2015 - Work With Hundreds of Hot Terabytes in JVMs
Speedment, Inc.
 
OSMC 2014: Introduction into collectd | Florian Foster
OSMC 2014: Introduction into collectd | Florian FosterOSMC 2014: Introduction into collectd | Florian Foster
OSMC 2014: Introduction into collectd | Florian Foster
NETWAYS
 
Boosting I/O Performance with KVM io_uring
Boosting I/O Performance with KVM io_uringBoosting I/O Performance with KVM io_uring
Boosting I/O Performance with KVM io_uring
ShapeBlue
 
C++ CoreHard Autumn 2018. Знай свое "железо": иерархия памяти - Александр Титов
C++ CoreHard Autumn 2018. Знай свое "железо": иерархия памяти - Александр ТитовC++ CoreHard Autumn 2018. Знай свое "железо": иерархия памяти - Александр Титов
C++ CoreHard Autumn 2018. Знай свое "железо": иерархия памяти - Александр Титов
corehard_by
 

What's hot (20)

InfiniFlux Minmax Cache
InfiniFlux Minmax CacheInfiniFlux Minmax Cache
InfiniFlux Minmax Cache
 
Java one2015 - Work With Hundreds of Hot Terabytes in JVMs
Java one2015 - Work With Hundreds of Hot Terabytes in JVMsJava one2015 - Work With Hundreds of Hot Terabytes in JVMs
Java one2015 - Work With Hundreds of Hot Terabytes in JVMs
 
OSMC 2014: Introduction into collectd | Florian Foster
OSMC 2014: Introduction into collectd | Florian FosterOSMC 2014: Introduction into collectd | Florian Foster
OSMC 2014: Introduction into collectd | Florian Foster
 
Effectively deploying hadoop to the cloud
Effectively deploying hadoop to the cloudEffectively deploying hadoop to the cloud
Effectively deploying hadoop to the cloud
 
NUMA and Java Databases
NUMA and Java DatabasesNUMA and Java Databases
NUMA and Java Databases
 
OSDC 2012 | Taking hot backups with XtraBackup by Alexey Kopytov
OSDC 2012 | Taking hot backups with XtraBackup by Alexey KopytovOSDC 2012 | Taking hot backups with XtraBackup by Alexey Kopytov
OSDC 2012 | Taking hot backups with XtraBackup by Alexey Kopytov
 
Mapping
MappingMapping
Mapping
 
Boosting I/O Performance with KVM io_uring
Boosting I/O Performance with KVM io_uringBoosting I/O Performance with KVM io_uring
Boosting I/O Performance with KVM io_uring
 
Full Text Search in PostgreSQL
Full Text Search in PostgreSQLFull Text Search in PostgreSQL
Full Text Search in PostgreSQL
 
Introduction to Hadoop - FinistJug
Introduction to Hadoop - FinistJugIntroduction to Hadoop - FinistJug
Introduction to Hadoop - FinistJug
 
Update on OpenTSDB and AsyncHBase
Update on OpenTSDB and AsyncHBase Update on OpenTSDB and AsyncHBase
Update on OpenTSDB and AsyncHBase
 
PgconfSV compression
PgconfSV compressionPgconfSV compression
PgconfSV compression
 
Dataframes Showdown (miniConf 2022)
Dataframes Showdown (miniConf 2022)Dataframes Showdown (miniConf 2022)
Dataframes Showdown (miniConf 2022)
 
Go and Uber’s time series database m3
Go and Uber’s time series database m3Go and Uber’s time series database m3
Go and Uber’s time series database m3
 
NetFlow Data processing using Hadoop and Vertica
NetFlow Data processing using Hadoop and VerticaNetFlow Data processing using Hadoop and Vertica
NetFlow Data processing using Hadoop and Vertica
 
C++ CoreHard Autumn 2018. Знай свое "железо": иерархия памяти - Александр Титов
C++ CoreHard Autumn 2018. Знай свое "железо": иерархия памяти - Александр ТитовC++ CoreHard Autumn 2018. Знай свое "железо": иерархия памяти - Александр Титов
C++ CoreHard Autumn 2018. Знай свое "железо": иерархия памяти - Александр Титов
 
Tuning Apache Phoenix/HBase
Tuning Apache Phoenix/HBaseTuning Apache Phoenix/HBase
Tuning Apache Phoenix/HBase
 
Falando de MySQL
Falando de MySQLFalando de MySQL
Falando de MySQL
 
Mongo db cluster administration and Shredded Databases
Mongo db cluster administration and Shredded DatabasesMongo db cluster administration and Shredded Databases
Mongo db cluster administration and Shredded Databases
 
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016
 

Similar to EncExec: Secure In-Cache Execution

cachegrand: A Take on High Performance Caching
cachegrand: A Take on High Performance Cachingcachegrand: A Take on High Performance Caching
cachegrand: A Take on High Performance Caching
ScyllaDB
 
Computer Memory Hierarchy Computer Architecture
Computer Memory Hierarchy Computer ArchitectureComputer Memory Hierarchy Computer Architecture
Computer Memory Hierarchy Computer Architecture
Haris456
 
Memory_Unit Cache Main Virtual Associative
Memory_Unit Cache Main Virtual AssociativeMemory_Unit Cache Main Virtual Associative
Memory_Unit Cache Main Virtual Associative
RNShukla7
 

Similar to EncExec: Secure In-Cache Execution (20)

cache memory management
cache memory managementcache memory management
cache memory management
 
It322 intro 2
It322 intro 2It322 intro 2
It322 intro 2
 
cachegrand: A Take on High Performance Caching
cachegrand: A Take on High Performance Cachingcachegrand: A Take on High Performance Caching
cachegrand: A Take on High Performance Caching
 
Computer Memory Hierarchy Computer Architecture
Computer Memory Hierarchy Computer ArchitectureComputer Memory Hierarchy Computer Architecture
Computer Memory Hierarchy Computer Architecture
 
1083 wang
1083 wang1083 wang
1083 wang
 
SHARE Virtual Flash Memory VFM VSM_04-17-19.pdf
SHARE Virtual Flash Memory VFM VSM_04-17-19.pdfSHARE Virtual Flash Memory VFM VSM_04-17-19.pdf
SHARE Virtual Flash Memory VFM VSM_04-17-19.pdf
 
Memory (Computer Organization)
Memory (Computer Organization)Memory (Computer Organization)
Memory (Computer Organization)
 
Pros and Cons of Erasure Coding & Replication vs. RAID in Next-Gen Storage
Pros and Cons of Erasure Coding & Replication vs. RAID in Next-Gen StoragePros and Cons of Erasure Coding & Replication vs. RAID in Next-Gen Storage
Pros and Cons of Erasure Coding & Replication vs. RAID in Next-Gen Storage
 
Memory_Unit Cache Main Virtual Associative
Memory_Unit Cache Main Virtual AssociativeMemory_Unit Cache Main Virtual Associative
Memory_Unit Cache Main Virtual Associative
 
Memory Hierarchy PPT of Computer Organization
Memory Hierarchy PPT of Computer OrganizationMemory Hierarchy PPT of Computer Organization
Memory Hierarchy PPT of Computer Organization
 
Oracle real application_cluster
Oracle real application_clusterOracle real application_cluster
Oracle real application_cluster
 
In-memory Data Management Trends & Techniques
In-memory Data Management Trends & TechniquesIn-memory Data Management Trends & Techniques
In-memory Data Management Trends & Techniques
 
Computer System Architecture Lecture Note 8.1 primary Memory
Computer System Architecture Lecture Note 8.1 primary MemoryComputer System Architecture Lecture Note 8.1 primary Memory
Computer System Architecture Lecture Note 8.1 primary Memory
 
Optimizing Latency-sensitive queries for Presto at Facebook: A Collaboration ...
Optimizing Latency-sensitive queries for Presto at Facebook: A Collaboration ...Optimizing Latency-sensitive queries for Presto at Facebook: A Collaboration ...
Optimizing Latency-sensitive queries for Presto at Facebook: A Collaboration ...
 
cache memory
cache memory cache memory
cache memory
 
Memory organisation
Memory organisationMemory organisation
Memory organisation
 
Main Memory
Main MemoryMain Memory
Main Memory
 
Lec10 Computer Architecture by Hsien-Hsin Sean Lee Georgia Tech -- Memory part2
Lec10 Computer Architecture by Hsien-Hsin Sean Lee Georgia Tech -- Memory part2Lec10 Computer Architecture by Hsien-Hsin Sean Lee Georgia Tech -- Memory part2
Lec10 Computer Architecture by Hsien-Hsin Sean Lee Georgia Tech -- Memory part2
 
18CSC205J-UNIT-5.pptx
18CSC205J-UNIT-5.pptx18CSC205J-UNIT-5.pptx
18CSC205J-UNIT-5.pptx
 
Coa presentation3
Coa presentation3Coa presentation3
Coa presentation3
 

More from Yue Chen

Ravel: Pinpointing Vulnerabilities
Ravel: Pinpointing VulnerabilitiesRavel: Pinpointing Vulnerabilities
Ravel: Pinpointing Vulnerabilities
Yue Chen
 
SecPod: A Framework for Virtualization-based Security Systems
SecPod: A Framework for Virtualization-based Security SystemsSecPod: A Framework for Virtualization-based Security Systems
SecPod: A Framework for Virtualization-based Security Systems
Yue Chen
 

More from Yue Chen (10)

KARMA: Adaptive Android Kernel Live Patching
KARMA: Adaptive Android Kernel Live PatchingKARMA: Adaptive Android Kernel Live Patching
KARMA: Adaptive Android Kernel Live Patching
 
Ravel: Pinpointing Vulnerabilities
Ravel: Pinpointing VulnerabilitiesRavel: Pinpointing Vulnerabilities
Ravel: Pinpointing Vulnerabilities
 
Pinpointing Vulnerabilities (Ravel)
Pinpointing Vulnerabilities (Ravel)Pinpointing Vulnerabilities (Ravel)
Pinpointing Vulnerabilities (Ravel)
 
SecPod: A Framework for Virtualization-based Security Systems
SecPod: A Framework for Virtualization-based Security SystemsSecPod: A Framework for Virtualization-based Security Systems
SecPod: A Framework for Virtualization-based Security Systems
 
Remix: On-demand Live Randomization (Fine-grained live ASLR during runtime)
Remix: On-demand Live Randomization (Fine-grained live ASLR during runtime)Remix: On-demand Live Randomization (Fine-grained live ASLR during runtime)
Remix: On-demand Live Randomization (Fine-grained live ASLR during runtime)
 
Impala SQL Support
Impala SQL SupportImpala SQL Support
Impala SQL Support
 
Cloudera Impala Source Code Explanation and Analysis
Cloudera Impala Source Code Explanation and AnalysisCloudera Impala Source Code Explanation and Analysis
Cloudera Impala Source Code Explanation and Analysis
 
Inside Parquet Format
Inside Parquet FormatInside Parquet Format
Inside Parquet Format
 
Inside HDFS Append
Inside HDFS AppendInside HDFS Append
Inside HDFS Append
 
How Impala Works
How Impala WorksHow Impala Works
How Impala Works
 

Recently uploaded

AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAGAI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
Alluxio, Inc.
 
First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
Globus
 
AI/ML Infra Meetup | Improve Speed and GPU Utilization for Model Training & S...
AI/ML Infra Meetup | Improve Speed and GPU Utilization for Model Training & S...AI/ML Infra Meetup | Improve Speed and GPU Utilization for Model Training & S...
AI/ML Infra Meetup | Improve Speed and GPU Utilization for Model Training & S...
Alluxio, Inc.
 
Corporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMSCorporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMS
Tendenci - The Open Source AMS (Association Management Software)
 
How to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good PracticesHow to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good Practices
Globus
 

Recently uploaded (20)

Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume MontevideoVitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume Montevideo
 
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
 
Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...
Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...
Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...
 
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAGAI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
 
Enhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdfEnhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdf
 
First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
 
AI/ML Infra Meetup | Improve Speed and GPU Utilization for Model Training & S...
AI/ML Infra Meetup | Improve Speed and GPU Utilization for Model Training & S...AI/ML Infra Meetup | Improve Speed and GPU Utilization for Model Training & S...
AI/ML Infra Meetup | Improve Speed and GPU Utilization for Model Training & S...
 
AI/ML Infra Meetup | Perspective on Deep Learning Framework
AI/ML Infra Meetup | Perspective on Deep Learning FrameworkAI/ML Infra Meetup | Perspective on Deep Learning Framework
AI/ML Infra Meetup | Perspective on Deep Learning Framework
 
Breaking the Code : A Guide to WhatsApp Business API.pdf
Breaking the Code : A Guide to WhatsApp Business API.pdfBreaking the Code : A Guide to WhatsApp Business API.pdf
Breaking the Code : A Guide to WhatsApp Business API.pdf
 
Corporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMSCorporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMS
 
De mooiste recreatieve routes ontdekken met RouteYou en FME
De mooiste recreatieve routes ontdekken met RouteYou en FMEDe mooiste recreatieve routes ontdekken met RouteYou en FME
De mooiste recreatieve routes ontdekken met RouteYou en FME
 
Designing for Privacy in Amazon Web Services
Designing for Privacy in Amazon Web ServicesDesigning for Privacy in Amazon Web Services
Designing for Privacy in Amazon Web Services
 
Using IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New ZealandUsing IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New Zealand
 
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
 
BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024
 
How to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good PracticesHow to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good Practices
 
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
 
Studiovity film pre-production and screenwriting software
Studiovity film pre-production and screenwriting softwareStudiovity film pre-production and screenwriting software
Studiovity film pre-production and screenwriting software
 

EncExec: Secure In-Cache Execution

  • 1. Secure In-Cache Execution Yue Chen, Mustakimur Khandaker, Zhi Wang Florida State University 20th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2017)
  • 2. Cold Boot Attack • Dump memory by freezing and transplanting​ • Steal sensitive information
  • 3. Cold Boot Attack • Sensitive memory content in plaintext Memory “Secret Message”
  • 4. Cold Boot Attack • Sensitive memory content in plaintext Memory “Secret Message” “Secret Message”
  • 5. Our Solution • Sensitive memory content cannot be read with encryption Memory “XXXXXXXXXXXX”
  • 6. Our Solution • Sensitive memory content cannot be read with encryption Memory “XXXXXXXXXXXX” ? ? ?
  • 7. EncExec: Design Goals • Data secrecy – Plaintext view only in cache; key protected as well • Performance isolation – Performance impact isolated from other processes • Application transparency – User program unmodified to run under EncExec
  • 8. Threat Model • Able to perform cold boot attacks • No malware installed (e.g., kernel rootkit) • Typical use scenario: – Laptops lost in public places, even protected by encrypted hard disks and screen locks
  • 9. Design Overview • Data in memory always encrypted; decrypted into the L3 cache only when accessed • Use reserved cache as a window over protected data – Use L3 (instead of L1 or L2) cache to minimize performance impact
  • 10. Design Overview • Decrypted data will never be evicted to memory (no cache conflict) – Extend kernel’s virtual memory management to strictly control access – Only data in the window are mapped in the address space – If more data than window size -> page replacement
  • 11. Design Overview Two modes: 1. Given a block of secure memory for storing critical data – Need to (slightly) modify the program 2. Use reserved cache to protect all the data of the process – Use the reserved cache as a moving window
  • 12. Design: Key Techniques • Spatial cache reservation – Reserves a small part of the L3 cache for its use • Secure in-cache execution – Data encrypted in memory, plaintext view only in cache
  • 13. CPU Cache Intel Core i7 4790 cache architecture
  • 14. CPU Cache 2-way set-associative cache, 8 cache lines in 4 sets. Each cache line has 16 bytes.
  • 15. Challenges: Spatial Cache Reservation • Fine-grained cache control – x86 transparently manages cache assignment and replacement • Countermeasures: – Rule 1 • Protected data are only cached by the reserved cache • No other memory is cached by the reserved cache – Rule 2: • Accessible (decrypted) protected data is less than the reserved cache size – Thus, reserved cache content will not be evicted
  • 16. Design: Spatial Cache Reservation • Use page table to control reserved memory usage • Page table can only map page-sized and page-aligned memory • Reserve at least a whole page on the L3 cache • Reserve a smallest page of the cache (4KB) – How much space in total we need to reserve?
  • 17. Design: Spatial Cache Reservation 0400 08 0C 10 14 18 1C 20 24 28 2C 30 34 38 3C *4*0 *8 *C 40 44 48 4C Cache Memory *0 *4 *8 *C Set 0 Set 1 Set 3Set 2
  • 18. Design: Spatial Cache Reservation 0400 08 0C 10 14 18 1C 20 24 28 2C 30 34 38 3C *4*0 *8 *C 40 44 48 4C Cache Memory *0 *4 *8 *C Set 0 Set 1 Set 3Set 2 : Needs to be reserved
  • 19. Design: Spatial Cache Reservation 0400 08 0C 10 14 18 1C 20 24 28 2C 30 34 38 3C *4*0 *8 *C 40 44 48 4C Cache Memory *0 *4 *8 *C Set 0 Set 1 Set 3Set 2 : Needs to be reserved
  • 20. Design: Spatial Cache Reservation 0400 08 0C 10 14 18 1C 20 24 28 2C 30 34 38 3C *4*0 *8 *C 40 44 48 4C Cache Memory *0 *4 *8 *C Set 0 Set 1 Set 3Set 2 : Needs to be reserved
  • 21. Example: Spatial Cache Reservation • Intel Core-i7 4790 L3 cache – 16-way set-associative; physically indexed and physically tagged – Cache line size: 64 bytes = 26 bytes (offset field: 6 bits) – Cache size: 8 MB • Set number: 8M/(64*16) = 8192 = 213 (set field: 13 bits) • If machine has 16GB (234) of physical memory, tag field has 15 bits (34 – 6 - 13 = 15).
  • 22. Example: Spatial Cache Reservation • Reserve one page (4KB) • 64 cache lines in one page – Page_size/cache_line_size = 4K/64 = 64 • Need to reserve 64 cache sets – All the cache lines in the same set reserved together (16-way) • Reserve 64KB cache in total – 64 (set number) * 16 (associativity ways) * 64B (cache line size) = 64KB
  • 23. Example: Spatial Cache Reservation • Reserve 1/128 of the physical memory – 64 (reserved sets) / 8192 (total) = 1/128 • Reserve one physical page for every 128 pages • If RAM is 16GB, the total reserved memory is: – 16GB * 1/128 = 128MB • Ensure no cache eviction: – Can use 64KB (16 pages) at a time of the 128MB – Name these 16 pages as plaintext pages – Protected data can be larger than 64KB as we use demand paging
  • 24. Design: Secure In-Cache Execution Desynchronize memory (encrypted) and cache (plaintext) • Cache in write-back mode – Guaranteed by hardware and existing kernels (in most OS’es) • L3 cache is inclusive of L1 and L2 caches – Guaranteed by hardware and existing kernels • No conflict in the reserved cache – No more protected data at a time than the reserved cache size
  • 25. Design: Secure In-Cache Execution More data to protect? • Demand paging – Access unmapped data -> page fault – Allocate a plaintext page (for securing data) – If no page available, select one for replacement • Encrypt the plaintext page, copy it back • Decrypt faulting page into plaintext, update page table if necessary
  • 26. Design: Secure In-Cache Execution • Dedicate one plaintext page to store keys and sub-keys – Cannot be evicted or replaced • Frequent protected data encryption/decryption – Use CPU built-in support to speed up cryptographic algorithms
  • 27. Implementation: Spatial Cache Reservation • Reserve physical pages in the booting process – Modify allocators to skip reserved pages • Make sure no reserved pages exist in page table • Hook run-time page allocator and kernel’s whole-cache flushing function
  • 28. Implementation: Secure In-Cache Execution • pmap is used to unmap a page – Consist of architecture-specific data and functions to manage the process’ page table – Maintain a reverse mapping for physical pages – Track page usage information for page replacement • Remove shared protected pages from other processes
  • 29. Performance Evaluation • Use the hardware-accelerated AES (AES-NI) to encrypt and decrypt data • About 3μs on average to encrypt/decrypt 4KB data using 128- bit AES algorithm – 6μs to replace an existing page
  • 30. Performance Evaluation Overhead of common cryptographic algorithms Mode 1: Choose data to encrypt Mode 2: Encrypt all the data Test with 15 or 31 plaintext pages
  • 31. Performance Evaluation Overhead of RSA and DH handshakes Mode 1: Choose data to encrypt Mode 2: Encrypt all the data Test with 15 or 31 plaintext pages
  • 32. Performance Evaluation Performance of Bonnie while concurrently running the mbed TLS benchmark. The unit on the Y-axis is MB/sec or thousand_seeks/sec (for RandomSeeks only).
  • 35. Compared to Intel SGX • SGX is great! • EncExec – Works on old CPUs – No time-consuming context switch – Supports unmodified programs