Hardware Security and Memory Integrity Verification

lecture security n.w
1 / 8
Embed
Share

Explore topics like Spectre and Meltdown attacks, information leakage, and integrity verification in hardware security. Learn about defenses against physical access, compromised OS, and untrusted applications. Discover Meltdown attacker code, Spectre variants, and defenses strategies. Dive into memory integrity verification using techniques like Bonsai Merkle Tree.

  • Security
  • Hardware
  • Spectre
  • Meltdown
  • Integrity
rayaanacharya
aval946 Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Lecture: Security Topics: Spectre and Meltdown attacks, information leakage, integrity verification 1

  2. Hardware Security Several types of attacks: physical access to hardware, compromised OS, untrusted co-scheduled applications Defenses include: hardware permission checks, encryption, microarchitecture partitions, signature checks, trusted execution environments like Intel SGX Information leakage still unresolved exploited by Meltdown, Spectre, and many subsequent attacks 2

  3. Meltdown Attacker code Fill the cache with your own data X lw R1 [illegal address] lw [R1] Scan through X and record time per access 3

  4. Spectre: Variant 1 x is controlled by attacker Thanks to bpred, x can be anything array1[ ] is the secret if (x < array1_size) y = array2[ array1[x] ]; Victim Code Access pattern of array2[ ] betrays the secret 4

  5. Spectre: Variant 2 Victim code R1 (from attacker) R2 some secret Label0: if ( ) Attacker code Label0: if (1) Label1: Victim code Label1: lw [R2] 5

  6. Defenses Disable speculation when violations happen (fixes Meltdown) Partition resources has a performance impact Several resources involved: bpred, caches, memory controller Constant behavior algorithms 6

  7. Memory Integrity Verification Implemented on commercial processors, e.g., Intel SGX Confirms that data has not been tampered by malicious agents attacker with physical access, rogue OS Every block has a MAC and a version number To prevent a replay attack (attacker sends an old version of data/MAC/counter), a tree of hashes is navigated 7

  8. Bonsai Merkle Tree Hash Hash Hash Counters Data Block MAC 8

Related


No related presentations.

More Related Content