Browsing by Author "Mahmod, Jubayer"

Now showing 1 - 4 of 4
  • Thumbnail Image
    The Art of SRAM Security: Tactics for Remanence-based Attack and Strategies for Defense
    Mahmod, Jubayer (Virginia Tech, 2024-05-02)
    The importance of securing hardware, particularly in the context of the Internet of Things (IoT), cannot be overstated in light of the increasing prevalence of low-level attacks. As the IoT industry continues to expand, security has become a more holistic concern, as evidenced by the wide range of attacks that we observed, from large-scale distributed denial-of-service attacks to data theft through monitoring a device's low-level behavior, such as power consumption. Traditional software-based security measures fall short in defending against the full spectrum of attacks, particularly those involving physical tampering with system hardware. This underscores the critical importance of proactively integrating attack vectors that encompass both hardware and software domains, with a particular emphasis on considering both the analog and digital characteristics of hardware. This thesis investigates system security from a hardware perspective, specifically examining how low-level circuit behavior and architectural design choices impact SRAM's data remanence and its implications for security. This dissertation not only identifies new vulnerabilities due to SRAM data remanence but also paves the way for novel security solutions in the ongoing "security arms race". I present an attack, volt boot, that executes cold-boot style short-term data remanence in on-chip SRAM without using temperature effect. This attack exploits the fact that SRAM's power bus is externally accessible and allows data retention using a simple voltage probe. Next, I present a steganography method that hides information in the SRAM exploiting long-term data remanence. This approach leverages aging-induced degradation to imprint data in SRAM's analog domain, ultimately resulting in hidden and plausibly deniable information storage in the hardware. Finally, I show how an adversary weaponizes SRAM data remanence to develop an attack on a hardware-backed security isolation mechanism. The following provides a brief overview of the three major contributions of this thesis: 1. Volt boot is an attack that demonstrates the vulnerability of on-chip SRAM due to the physical separation common in modern SoCs' power distribution networks. By probing external power pins (to the cache) of an SoC while simultaneously shutting down the main system power, Volt boot creates data retention across power cycles. On-chip SRAM can be a safe memory when the threat model considers traditional off-chip cold-boot-style attacks. This research demonstrates an alternative method for preserving information in on-chip SRAM through power cycles, expanding our understanding of data retention capabilities. Volt boot leverages asymmetrical power states (e.g., on vs. off) to force SRAM state retention across power cycles, eliminating the need for traditional cold boot attack enablers, such as low-temperature or intrinsic data retention time. 2. Invisible Bits is a hardware steganography technique that hides secret messages in the analog domain of SRAM embedded within a computing device. Exploiting accelerated transistor aging, Invisible Bits stores hidden data along with system data in an on-chip cache and provides a plausible deniability guarantee from statistical analysis. Aging changes the transistor's behavior which I exploit to store data permanently (ie long-term data remanence) in an SRAM. Invisible Bits presents unique opportunities for safeguarding electronic devices when subjected to inspections by authorities. 3. UntrustZone utilizes long-term data remanence to exfiltrate secrets from on-chip SRAM. An attacker application must be able to read retained states in the SRAM upon power cycles, but this needs changing the security privilege. Hardware security schemes, such as ARM TrustZone, erase a memory block before changing its security attributes and releasing it to other applications, making short-term data remanence attacks ineffective. That is, attacks such as Volt boot fail when hardware-backed isolation such as TEE is enforced. UntrustZone unveils a new threat to all forms of on-chip SRAM even when backed by hardware isolation: long-term data remanence. I show how an attacker systematically accelerates data imprinting on SRAM's analog domain to effectively burn in on-chip secrets and bypass TrustZone isolation.
  • Thumbnail Image
    Invisible Bits: Hiding Secret Messages in SRAM's Analog Domain
    Mahmod, Jubayer; Hicks, Matthew (ACM, 2022-02-28)
    Electronic devices are increasingly the subject of inspection by authorities. While encryption hides secret messages, it does not hide the transmission of those secret messages - in fact, it calls attention to them. Thus, an adversary, seeing encrypted data, turns to coercion to extract the credentials required to reveal the secret message. Steganographic techniques hide secret messages in plain sight, providing the user with plausible deniability, removing the threat of coercion. This paper unveils Invisible Bits a new steganographic technique that hides secret messages in the analog domain of Static Random Access Memory (SRAM) embedded within a computing device. Unlike other memory technologies, the power-on state of SRAM reveals the analog-domain properties of its individual cells. We show how to quickly and systematically change the analog-domain properties of SRAM cells to encode data in the analog domain and how to reveal those changes by capturing SRAM’s power-on state. Experiments with commercial devices show that Invisible Bits provides over 90% capacity - two orders-of-magnitude more than previous on-chip steganographic approaches, while retaining device functionality - even when the device undergoes subsequent normal operation or is shelved for months. Experiments also show that adversaries cannot differentiate between devices with encoded messages and those without. Lastly, we show how to layer encryption and error correction on top of our message encoding scheme in an end-to-end demonstration.
  • Thumbnail Image
    SRAM Has No Chill: Exploiting Power Domain Separation to Steal On-Chip Secrets
    Mahmod, Jubayer; Hicks, Matthew (ACM, 2022-02-28)
    The abundance of embedded systems and smart devices increases the risk of physical memory disclosure attacks. One such classic noninvasive attack exploits dynamic RAM’s temperature-dependent ability to retain information across power cyclesÐknown as a cold boot attack. When exposed to low temperatures, DRAM cells preserve their state for a short time without power, mimicking nonvolatile memories in that time frame. Attackers exploit this physical phenomenon to gain access to a system’s secrets, leading to data theft from encrypted storage. To prevent cold boot attacks, programmers hide secrets on-chip in Static Random-Access Memory (SRAM); by construction, on-chip SRAM is isolated from external probing and has little intrinsic capacitance, making it robust against cold boot attacks. While it is the case that SRAM protects against traditional cold boot attacks, we show that there is another way to retain information in on-chip SRAM across power cycles and software changes. This paper presents Volt Boot, an attack that demonstrates a vulnerability of on-chip volatile memories due to the physical separation common to modern system-on-chip power distribution networks. Volt Boot leverages asymmetrical power states (e.g., on vs. off) to force SRAM state retention across power cycles, eliminating the need for traditional cold boot attack enablers, such as low-temperature or intrinsic data retention time. Using several modern ARM Cortex-A devices, we demonstrate the effectiveness of the attack in caches, registers, and iRAMs. Unlike other forms of SRAM data retention attacks, Volt Boot retrieves data with 100% accuracyÐwithout any complex post-processing.
  • Thumbnail Image
    SRAM Imprinting for System Protection and Differentiation
    Mahmod, Jubayer; Hicks, Matthew (ACM, 2024-07-01)
    The foundation of trusted computation depends on the ability to verify the authenticity of the underlying hardware. This need is further compounded by the presence of counterfeit components in the market, highlighting the necessity for pre-deployment and run-time chip identification techniques. Current solutions involve burning authentication information in physical fuses or creating a unique mask for each integrated circuit, which are either costly or susceptible to forgery. While many solutions have been proposed to prevent chip counterfeiting at design time, no accurate, reference-free, and cost-effective solutions exist for chip buyers to authenticate their purchases in the pre-deployment phase and enable software-level verification at runtime. The lack of industrystandard authentication methods forces chip buyers to either adopt expensive solutions, such as X-Ray imaging, or simply rely on blind faith. This paper presents SKU-RAM, a technique for chip identification that allows manufacturers to embed their signature into integrated circuits, provides per-device identification, and facilitates hardwareenforced time-limited licensing functionality. Our approach takes advantage of the aging-induced power-on state changes in SRAM to encode authentication data into an already fabricated device, without modifying the mask of the chips. This hardware-overheadfree augmentation to the chips eliminates numerous instances of chip counterfeiting and enables software-level authentication. We demonstrate the effectiveness of SKU-RAM as a comprehensive and scalable anti-counterfeiting solution for existing and future computing devices using commercial off-the-shelf microcontrollers and microprocessors and multi-year real-time experiments.