Worcester Polytechnic Institute

Side-Channel Attacks

MIST: Systematic Analysis of Microarchitectural Information Leakage on Mobile Platforms

Supported by NSF-CNS Award #1618837.
PIs: Thomas Eisenbarth, Berk Sunar

Smart phones have permeated all facets of our lives facilitating daily activities from shopping to social interactions. Mobile devices collect sensitive information about our behavior via various sensors. Operating systems (OS) enforce strict isolation between apps to protect data and complex permission management. Yet, apps get free access to hardware including CPU and caches. Access to shared hardware resources result in information leakage across apps. Microarchitectural attacks have already proven to succeed in stealing information on PC and even on virtualized cloud servers. This project (MIST) quantifies the vulnerability of mobile platforms to microarchitectural attacks and develops countermeasures.

MIST systematically explores which resources enable these attacks on the mobile platform, identifies mechanisms that are essential to an attack, and quantifies the amount of information obtainable from given resources. By making use of machine learning techniques, methods for detecting malicious code exploiting microarchitectural leakage are developed. To remedy microarchitectural attacks, MIST explores countermeasures that can manage resources in a way that they are no longer exploitable by side channels. In addition, tools that help app developers prevent leakage when writing code processing sensitive information are provided. The studied detection and prevention techniques apply to a wide range of interactions as experienced in mobile computing today. Thereby, MIST helps to secure personal information stored on mobile platforms with immediate benefits to virtually all mobile platform users. Many of the envisioned Internet of Things hubs build on the same platforms, further increasing the impact of this research.



RAIN: Analyzing Information Leakage in the Cloud

Supported by NSF-CNS Award #1318919.
PIs: Berk Sunar, Thomas Eisenbarth

Cloud computing is growing at exponential rates due to its great benefits to virtually all companies relying on IT systems. The biggest concern preventing further cloud adoption is data security and privacy. The main security principle in the design of cloud servers has been virtual isolation which ignores information leakage through subtle channels shared by the processes running on the same physical hardware.

The goal of this project is to explore side-channel leakage on virtualized machines that form the cloud. By utilizing a cloud testbed, this project explores interactions of the underlying hardware, virtualization platforms, and cryptographic software. A better understanding of side-channel leakages is aiding the design of effective countermeasures. To facilitate effective transition to practice the project is taking a pragmatic approach by focusing on commonly used cryptographic softwares which lie at the heart of virtually any security solution. To address identified weaknesses in existing crypto libraries, countermeasures in the form of patches will be released, ensuring the security of cloud servers.



A Unified Statistics-Based Framework for Side-Channel Attack Analysis and Security Evaluation of Cryptosystems

Supported by NSF-CNS Award #1314770.
Local PI: Thomas Eisenbarth.
This is a collaborative project with Yunsi Fei and Adam Ding from Northeastern University.

Side-channel attack (SCA) has shown to be a serious implementation attack to many cryptosystems. Practical countermeasures only mitigate the vulnerability to some extent. Considerable research efforts on leakage-resilient cryptography have so far not led to practical leakage-resilient implementations. One hindering reason is the lack of commonly accepted and sound metrics, standards, and evaluation procedures to measure and evaluate the vulnerability/resilience of cryptosystems to various side-channel attacks. Accurate modeling of side channels, however, is one of the open problems in applied crypto research. This project aims to close the gap between SCA theories and practices by formalizing a general framework for side-channel attack analysis and security evaluation of cryptosystems.

The proposed framework quantifies the effect of algorithmic and implementation characteristics on the success rate of the theoretically strongest maximum likelihood attack, revealing system-inherent SCA-related parameters for security improvement. The framework will extract maximum leakage from the observed measurement data in the black-box scenario, often the realistic situation for adversaries. State-of-the-art statistical methods are employed in the framework to precisely analyze and evaluate the overall side-channel leakage. This holistic framework will significantly alleviate the burden of security system architects, software developers, and hardware designers in their quest to build SCA security into systems they design, so as to ultimately yield provably secure hardware.



Practical Leakage Resilience: Provable Side-Channel Resistance for Embedded Systems

NSF-TC Award #1261399 (formerly #1054776)
PI: Thomas Eisenbarth

The project investigates solutions for basic cryptographic services that are secure in the presence of physical attacks and are comparable in performance and costs to state-of-the-art implementations of cryptography. This is achieved by enhancing the concepts of leakage resilience to make them applicable in the constrained regimes of embedded pervasive systems. A thorough practical evaluation of the applied methods and the well-defined leakage-resilience of the theoretical approaches will derive stronger, more reliable, and practical solutions. Besides increased security for the wide range of embedded products, the findings give valuable feedback to both theoretic cryptographers and practical security architects.