SaTC: CORE: Medium: Collaborative: Hardening Off-the-Shelf Software Against Side Channel Attacks

SaTC：核心：媒介：协作：强化现成软件以抵御侧通道攻击

• 批准号: 1955270
• 负责人: Srini Devadas
• 金额: $ 30万
• 依托单位: Massachusetts Institute of Technology
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2020
• 资助国家: 美国
• 起止时间: 2020-10-01 至 2024-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1955270&HistoricalAwards=false
• 关键词: SaTC; CORE; Medium; Collaborative; Hardening

Side channel attacks study leakage due to timing variation in software execution, resulting from contention for hardware resources. By analyzing these variations, an attacker can obtain additional information and use it to deduce the victim’s secrets. As proven by Spectre and Meltdown, these side channel attacks pose a severe threat to the security of nearly all computing devices. Given that side channel protection often requires hardware redesign, something must be done in the interim to secure existing software on currently deployed hardware. This project studies transformations on existing software in an attempt to harden it against side channel attacks. The project consists of three main tasks. In Task 1, the project will attempt to reverse engineer various hardware structures in the processor so as to determine where attacks might occur. Next, in Task 2, the project will use the data from Task 1 to design transformations that will protect leaky software against side channels. Finally, Task 3 will develop methods to confirm that the outputs of Task 2 are indeed side channel free. While typical analysis of side channel leakage requires manual effort, Task 3 aims to develop automated tools for leakage detection, avoiding the need for manual analysis.Hardware is the ultimate root of trust, the correctness of which is the foundation to the security of all software. However, unlike software, hardware security has received much less attention, from both academic and industry. Until new and secure hardware becomes available, the proposed project aims to protect existing software deployed on leaky hardware. While the project cannot hope to eliminate all leakage, it does aim to harden existing software, making leakage harder to exploit. Tools and methodologies developed by this project will be used to design safer hardware, as well as help mitigate leakage in existing software. The project will retain all data, simulators, and code produced in a central GIT repository which will be publicly available at github.com.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

侧信道攻击研究由于硬件资源争用而导致的软件执行时间变化造成的泄漏，攻击者可以通过分析这些变化来推断受害者的秘密，如 Spectre 和 Meltdown 所证明的那样。攻击对几乎所有计算设备的安全构成严重威胁。鉴于侧通道保护通常需要重新设计硬件，因此必须在此期间采取一些措施来保护当前部署的硬件上的现有软件。使其侧面变硬该项目由三个主要任务组成，在任务 1 中，该项目将尝试对处理器中的各种硬件结构进行逆向工程，以确定攻击可能发生的位置。任务 1 设计能够保护泄漏软件免受侧信道影响的转换。最后，任务 3 将开发方法来确认任务 2 的输出确实是无侧信道的。虽然对侧信道泄漏的典型分析需要手动操作，但任务 3 的目的是：开发用于泄漏检测的自动化工具，硬件是信任的最终根源，其正确性是所有软件安全的基础。然而，与软件不同，硬件安全在学术界和工业界受到的关注要少得多。当安全硬件可用时，拟议的项目旨在保护部署在泄漏硬件上的现有软件，虽然该项目不能希望消除所有泄漏，但它确实旨在强化现有软件，使泄漏更难以利用该项目开发的工具和方法。将用于设计更安全的硬件，因为以及帮助减少现有软件的泄漏。该项目将保留中央 GIT 存储库中生成的所有数据、模拟器和代码，这些数据将在 github.com 上公开。该奖项反映了 NSF 的法定使命，并被认为值得通过以下方式获得支持：使用基金会的智力价值和更广泛的影响审查标准进行评估。

项目成果

CaSA: End-to-end Quantitative Security Analysis of Randomly Mapped Caches

• DOI: 10.1109/micro50266.2020.00092
• 发表时间: 2020-10
• 期刊: 2020 53rd Annual IEEE/ACM International Symposium on Microarchitecture (MICRO)
• 作者: Thomas Bourgeat;Jules Drean;Yuheng Yang;L. Tsai;J. Emer;Mengjia Yan

Don't Mesh Around: Side-Channel Attacks and Mitigations on Mesh Interconnects

• 发表时间: 2022
• 作者: Miles Dai;Riccardo Paccagnella;Miguel Gomez-Garcia;John D. McCalpin;Mengjia Yan