SaTC: CORE: Medium: Collaborative: Hardening Off-the-Shelf Software Against Side Channel Attacks

SaTC：核心：媒介：协作：强化现成软件以抵御侧通道攻击

• 批准号: 1955270
• 负责人: Srini Devadas
• 金额: $ 30万
• 依托单位: Massachusetts Institute of Technology
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2020
• 资助国家: 美国
• 起止时间: 2020-10-01 至 2024-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1955270&HistoricalAwards=false
• 关键词: SaTC; CORE; Medium; Collaborative; Hardening

Side channel attacks study leakage due to timing variation in software execution, resulting from contention for hardware resources. By analyzing these variations, an attacker can obtain additional information and use it to deduce the victim’s secrets. As proven by Spectre and Meltdown, these side channel attacks pose a severe threat to the security of nearly all computing devices. Given that side channel protection often requires hardware redesign, something must be done in the interim to secure existing software on currently deployed hardware. This project studies transformations on existing software in an attempt to harden it against side channel attacks. The project consists of three main tasks. In Task 1, the project will attempt to reverse engineer various hardware structures in the processor so as to determine where attacks might occur. Next, in Task 2, the project will use the data from Task 1 to design transformations that will protect leaky software against side channels. Finally, Task 3 will develop methods to confirm that the outputs of Task 2 are indeed side channel free. While typical analysis of side channel leakage requires manual effort, Task 3 aims to develop automated tools for leakage detection, avoiding the need for manual analysis.Hardware is the ultimate root of trust, the correctness of which is the foundation to the security of all software. However, unlike software, hardware security has received much less attention, from both academic and industry. Until new and secure hardware becomes available, the proposed project aims to protect existing software deployed on leaky hardware. While the project cannot hope to eliminate all leakage, it does aim to harden existing software, making leakage harder to exploit. Tools and methodologies developed by this project will be used to design safer hardware, as well as help mitigate leakage in existing software. The project will retain all data, simulators, and code produced in a central GIT repository which will be publicly available at github.com.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

侧信道攻击研究由于软件执行时的时间变化而导致的泄漏，这是由于争夺硬件资源造成的。通过分析这些变化，攻击者可以获得额外的信息，并使用它来推断受害者的秘密。正如Spectre和Meltdown所证明的那样，这些侧信道攻击对几乎所有计算设备的安全构成了严重威胁。考虑到侧信道保护通常需要重新设计硬件，因此必须在此期间采取一些措施来保护当前部署的硬件上的现有软件。该项目研究现有软件的转换，试图加强其对侧信道攻击的抵抗力。该项目包括三个主要任务。在任务1中，该项目将尝试对处理器中的各种硬件结构进行逆向工程，以确定可能发生攻击的位置。接下来，在任务2中，项目将使用任务1中的数据来设计转换，以保护泄漏的软件免受侧通道的侵害。最后，任务3将开发方法来确认任务2的输出确实是无侧信道的。虽然侧通道泄漏的典型分析需要人工进行，但Task 3旨在开发泄漏检测的自动化工具，从而避免人工分析的需要。硬件是信任的根本，其正确性是所有软件安全的基础。然而，与软件不同，硬件安全受到学术界和工业界的关注要少得多。在新的安全硬件出现之前，拟议的项目旨在保护部署在有漏洞硬件上的现有软件。虽然该项目不能指望消除所有泄漏，但它确实旨在加强现有软件，使泄漏更难被利用。该项目开发的工具和方法将用于设计更安全的硬件，并有助于减少现有软件的泄漏。该项目将保留所有数据、模拟器和代码，这些数据、模拟器和代码将保存在GIT中央存储库中，该存储库将在github.com上公开提供。该奖项反映了NSF的法定使命，并通过使用基金会的智力价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

CaSA: End-to-end Quantitative Security Analysis of Randomly Mapped Caches

• DOI: 10.1109/micro50266.2020.00092
• 发表时间: 2020-10
• 期刊: 2020 53rd Annual IEEE/ACM International Symposium on Microarchitecture (MICRO)
• 作者: Thomas Bourgeat;Jules Drean;Yuheng Yang;L. Tsai;J. Emer;Mengjia Yan

Don't Mesh Around: Side-Channel Attacks and Mitigations on Mesh Interconnects

• 发表时间: 2022
• 作者: Miles Dai;Riccardo Paccagnella;Miguel Gomez-Garcia;John D. McCalpin;Mengjia Yan