Browsing by Author "Xiong, Wenjie"
Now showing 1 - 20 of 20
Results Per Page
Sort Options
- The application of DRAM PUF as a physical tokenAyaluru Venkata Krishnan, Sruthi (Virginia Tech, 2024-05-31)The exploration of leveraging physical attributes of hardware for cryptographic purposes has become a topic of research. Among these avenues, the utilization of Physical Unclonable Functions (PUFs) is one feature that is widely studied. PUFs provide the ability to generate encryption keys for device authentication by exploiting inherent variations in physical structures. In this research work, the focus lies on probing the characteristics of a DRAM-based PUF structure on the Intel Galileo Platform to discern its degradation traits and assess its suitability as a cryptographic primitive. As the adoption of PUFs in diverse applications surges, it becomes imperative to scrutinize their susceptibility to various forms of side-channel attacks. The research work is divided into two parts. First, experimental investigations have been undertaken to ascertain the vulnerability of the DRAM PUF which is the magnetic fault injection to understand its resilience against such threats. Secondly, the analysis of PUF measurements has been conducted to elucidate its potential as a dependable source for physical cryptography, particularly in the context of the oblivious transfer protocol which is based on the fuzzy transfer protocol. The results contributes to a deeper understanding of its application as a physical token as well as the security implications associated with deploying PUFs in cryptographic applications and pave the way for the development of robust countermeasures to mitigate emerging risks.
- The Art of SRAM Security: Tactics for Remanence-based Attack and Strategies for DefenseMahmod, Jubayer (Virginia Tech, 2024-05-02)The importance of securing hardware, particularly in the context of the Internet of Things (IoT), cannot be overstated in light of the increasing prevalence of low-level attacks. As the IoT industry continues to expand, security has become a more holistic concern, as evidenced by the wide range of attacks that we observed, from large-scale distributed denial-of-service attacks to data theft through monitoring a device's low-level behavior, such as power consumption. Traditional software-based security measures fall short in defending against the full spectrum of attacks, particularly those involving physical tampering with system hardware. This underscores the critical importance of proactively integrating attack vectors that encompass both hardware and software domains, with a particular emphasis on considering both the analog and digital characteristics of hardware. This thesis investigates system security from a hardware perspective, specifically examining how low-level circuit behavior and architectural design choices impact SRAM's data remanence and its implications for security. This dissertation not only identifies new vulnerabilities due to SRAM data remanence but also paves the way for novel security solutions in the ongoing "security arms race". I present an attack, volt boot, that executes cold-boot style short-term data remanence in on-chip SRAM without using temperature effect. This attack exploits the fact that SRAM's power bus is externally accessible and allows data retention using a simple voltage probe. Next, I present a steganography method that hides information in the SRAM exploiting long-term data remanence. This approach leverages aging-induced degradation to imprint data in SRAM's analog domain, ultimately resulting in hidden and plausibly deniable information storage in the hardware. Finally, I show how an adversary weaponizes SRAM data remanence to develop an attack on a hardware-backed security isolation mechanism. The following provides a brief overview of the three major contributions of this thesis: 1. Volt boot is an attack that demonstrates the vulnerability of on-chip SRAM due to the physical separation common in modern SoCs' power distribution networks. By probing external power pins (to the cache) of an SoC while simultaneously shutting down the main system power, Volt boot creates data retention across power cycles. On-chip SRAM can be a safe memory when the threat model considers traditional off-chip cold-boot-style attacks. This research demonstrates an alternative method for preserving information in on-chip SRAM through power cycles, expanding our understanding of data retention capabilities. Volt boot leverages asymmetrical power states (e.g., on vs. off) to force SRAM state retention across power cycles, eliminating the need for traditional cold boot attack enablers, such as low-temperature or intrinsic data retention time. 2. Invisible Bits is a hardware steganography technique that hides secret messages in the analog domain of SRAM embedded within a computing device. Exploiting accelerated transistor aging, Invisible Bits stores hidden data along with system data in an on-chip cache and provides a plausible deniability guarantee from statistical analysis. Aging changes the transistor's behavior which I exploit to store data permanently (ie long-term data remanence) in an SRAM. Invisible Bits presents unique opportunities for safeguarding electronic devices when subjected to inspections by authorities. 3. UntrustZone utilizes long-term data remanence to exfiltrate secrets from on-chip SRAM. An attacker application must be able to read retained states in the SRAM upon power cycles, but this needs changing the security privilege. Hardware security schemes, such as ARM TrustZone, erase a memory block before changing its security attributes and releasing it to other applications, making short-term data remanence attacks ineffective. That is, attacks such as Volt boot fail when hardware-backed isolation such as TEE is enforced. UntrustZone unveils a new threat to all forms of on-chip SRAM even when backed by hardware isolation: long-term data remanence. I show how an attacker systematically accelerates data imprinting on SRAM's analog domain to effectively burn in on-chip secrets and bypass TrustZone isolation.
- Automatic Source Code Transformation To Pass Compiler OptimizationKahla, Moustafa Mohamed (Virginia Tech, 2024-01-03)Loop vectorization is a powerful optimization technique that can significantly boost the runtime of loops. This optimization depends on functional equivalence between the original and optimized code versions, a requirement typically established through the compiler's static analysis. When this condition is not met, the compiler will miss the optimization. The process of manually rewriting the source code to pass an already missed compiler optimization is time-consuming, given the multitude of potential code variations, and demands a high level of expertise, making it impractical in many scenarios. In this work, we propose a novel framework that aims to take the code blocks that the compiler failed to optimize and transform them to another code block that passes the compiler optimization. We develop an algorithm to efficiently search for a code structure that automatically passes the compiler optimization (weakly verified through a correctness test). We focus on loop-vectorize optimization inside OpenMP directives, where the introduction of parallelism adds complexity to the compiler's vectorization task and is shown to hinder optimizations. Furthermore, we introduce a modified version of TSVC, a loop vectorization benchmark in which all original loops are executed within OpenMP directives. Our evaluation shows that our framework enables " loop-vectorize" optimizations that the compiler failed to pass, resulting in a speedup up to 340× in the blocks optimized. Furthermore, applying our tool to HPC benchmark applications, where those applications are already built with optimization and performance in mind, demonstrates that our technique successfully enables extended compiler optimization, thereby accelerating the execution time of the optimized blocks in 15 loops and the entire execution time of the three applications by up to 1.58 times.
- Characterizing Retention behavior of DDR4 SoDIMMPalani, Purushothaman (Virginia Tech, 2024-06-05)
- Dataset for Machine Learning Based Cache Timing Attacks and MitigationKalidasan, Vishnu Kumar (Virginia Tech, 2024-06-05)Cache side-channel attacks have evolved alongside increasingly complex microprocessor architectural designs. The attacks and their prevention mechanisms, such as cache partitioning, OS kernel isolation, and various hardware/operating system enhancements, have similarly progressed. Nonetheless, side-channel attacks necessitate effective and efficient prevention mechanisms or alterations to hardware architecture. Recently, machine learning (ML) is an emerging method for detecting and defending such attacks. However, The effectiveness of machine learning relies on the dataset it is trained on. The datasets for training these ML models today are not vast enough to enhance the robustness and consistency of the model performance. This thesis aims to enhance the ML method for exploring various cache side-channel attacks and defenses by offering a more reasonable and potentially realistic dataset to distinguish between the attacker and the victim process. The dataset is gathered through a computer system simulation model, which is subsequently utilized to train both the attacker and detector agents of the model. Different ways to collect datasets using the system simulation are explored. A New Dataset for training and detecting cache side-channel attacks is also explored and methodized. Lastly, the effectiveness of the dataset is studied by training a Flush+Reload attacker and detector model performance.
- Enforcing C/C++ Type and Scope at Runtime for Control-Flow and Data-Flow IntegrityIsmail, Mohannad; Jelesnianski, Christopher; Jang, Yeongjin; Min, Changwoo; Xiong, Wenjie (ACM, 2024-04-27)Control-flow hijacking and data-oriented attacks are becoming more sophisticated. These attacks, especially dataoriented attacks, can result in critical security threats, such as leaking an SSL key. Data-oriented attacks are hard to defend against with acceptable performance due to the sheer amount of data pointers present. The root cause of such attacks is using pointers in unintended ways; fundamentally, these attacks rely on abusing pointers to violate the original scope they were used in or the original types that they were declared as. This paper proposes Scope Type Integrity (STI), a new defense policy that enforces all pointers (both code and data pointers) to conform to the original programmer’s intent, as well as Runtime Scope Type Integrity (RSTI) mechanisms to enforce STI at runtime leveraging ARM Pointer Authentication. STI gathers information about the scope, type, and permissions of pointers. This information is then leveraged by RSTI to ensure pointers are legitimately utilized at runtime. We implemented three defense mechanisms of RSTI, with varying levels of security and performance tradeoffs to showcase the versatility of RSTI. We employ these three variants on a variety of benchmarks and real-world applications for a full security and performance evaluation of these mechanisms. Our results show that they have overheads of 5.29%, 2.97%, and 11.12%, respectively.
- Fault Injection Attacks on RSA and CSIDHChiu, TingHung (Virginia Tech, 2024-05-16)Fault injection attacks are a powerful technique that intentionally induces faults during computations to leak secret information. This thesis studies the fault injection attack techniques. The thesis first categorizes various fault attack methods by fault model and fault analysis and gives examples of the various fault attacks on symmetric key cryptosystems and public key cryptosystems. The thesis then demonstrates fault injection attacks on RSA-CRT and constant time CSIDH. The fault attack consists of two main components: fault modeling, which examines methods for injecting faults in a target device, and fault analysis, which analyzes the resulting faulty outputs to deduce secrets in each cryptosystem. The thesis aims to provide a comprehensive survey on fault attack research, directions for further study on securing real-world cryptosystems against fault injection attacks, testing fault injection attacks with RSA-CRT, and demonstrate and evaluate fault injection attacks on constant time CSIDH.
- GPU-based Private Information Retrieval for On-Device Machine Learning InferenceLam, Maximilian; Johnson, Jeff; Xiong, Wenjie; Maeng, Kiwan; Gupta, Udit; Li, Yang; Lai, Liangzhen; Leontiadis, Ilias; Rhu, Minsoo; Lee, Hsien-Hsin S.; Reddi, Vijay Janapa; Wei, Gu-Yeon; Brooks, David; Suh, Edward (ACM, 2024-04-27)On-device machine learning (ML) inference can enable the use of private user data on user devices without revealing them to remote servers. However, a pure on-device solution to private ML inference is impractical for many applications that rely on embedding tables that are too large to be stored on-device. In particular, recommendation models typically use multiple embedding tables each on the order of 1-10 GBs of data, making them impractical to store on-device. To overcome this barrier, we propose the use of private information retrieval (PIR) to efficiently and privately retrieve embeddings from servers without sharing any private information. As off-the-shelf PIR algorithms are usually too computationally intensive to directly use for latency-sensitive inference tasks, we 1) propose novel GPU-based acceleration of PIR, and 2) co-design PIR with the downstream ML application to obtain further speedup. Our GPU acceleration strategy improves system throughput by more than 20× over an optimized CPU PIR implementation, and our PIR-ML co-design provides an over 5× additional throughput improvement at fixed model quality. Together, for various on-device ML applications such as recommendation and language modeling, our system on a single V100 GPU can serve up to 100, 000 queries per second—a > 100× throughput improvement over a CPU-based baseline—while maintaining model accuracy.
- Oblivious RAM in Scalable SGXMarathe, Akhilesh Parag (Virginia Tech, 2024-06-05)The prevalence of cloud storage has yielded significant benefits to consumers. Trusted Exe- cution Environments (TEEs) have been introduced to protect program execution and data in the cloud. However, an attacker targeting the cloud storage server through side-channel attacks can still learn some data in TEEs. This data retrieval is possible through the monitor- ing and analysis of the encrypted ciphertext as well as a program's memory access patterns. As the attacks grow in complexity and accuracy, innovative protection methods must be de- signed to secure data. This thesis proposes and implements an ORAM controller primitive in TEE and protects it from all potential side-channel attacks. This thesis presents two vari- ations, each with two different encryption methods designed to mitigate attacks targeting both memory access patterns and ciphertext analysis. The latency for enabling this protec- tion is calculated and proven to be 75.86% faster overall than the previous implementation on which this thesis is based.
- Portable Micro-Gas Chromatography with Multidimensional Compound Identification AnalysisSharma, Arjun (Virginia Tech, 2023-03-16)Gas Chromatography (GC) is an analytical technique in the chemistry field widely used to separate compounds present in a sample mixture. Conventional GC systems are an extremely versatile and powerful tool to perform complex separations. However, these systems come with the cost of being bulky and requiring a high amount of power for operation. With considerable research for over 40 years, the advent of Micro-Gas Chromatography (µGC) made it possible for miniaturized, compact, low-power, and field portable GC systems. This thesis presents a portable µGC system that enables real-time analysis of complex compound separations, made possible with the use of multiple separation columns and a novel multidimensional compound identification algorithm. The system architecture and the software design with multiple features enabling portability of the µGC system are discussed. A set of microfabricated separation columns (µSCs) and photoionization detectors (PIDs) are integrated to realize a fully functional µGC system that is tested with different types of complex compound mixtures. An in-depth analysis of processing the output chromatograms obtained from the setup for signal filtering and peak detection is described in this thesis. A multidimensional analysis for compound identification in complex mixtures is presented.
- Practical Exploit Mitigation Design Against Code Re-Use and System Call Abuse AttacksJelesnianski, Christopher Stanislaw (Virginia Tech, 2023-01-09)Over the years, many defense techniques have been proposed by the security community. Even so, few have been adopted by the general public and deployed in production. This limited defense deployment and weak security has serious consequences, as large scale cyber-attacks are now a common occurrence in society. One major obstacle that stands in the way is practicality, the quality of being designed for actual use or having usefulness or convenience. For example, an exploit mitigation design may be considered not practical to deploy if it imposes high performance overhead, despite offering excellent and robust security guarantees. This is because achieving hallmarks of practical design, such as minimizing adverse side-effects like performance degradation or memory monopolization, is difficult in practice, especially when trying to provide a high level of security for users. Secure and practical exploit mitigation design must successfully navigate several challenges. To illustrate, modern-day attacks, especially code re-use attacks, understand that rudimentary defenses such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) will be deployed moving forward. These attacks have therefore evolved and diversified their angles of attack to become capable of leveraging a multitude of different code components. Accordingly, the security community has uncovered these threats and maintained progress in providing possible resolutions with new exploit mitigation designs. More specifically though, defenses have had to correspondingly extend their capabilities to protect more aspects of code, leading to defense techniques becoming increasingly complex. Trouble then arises as supporting such fine-grained defenses brings inherent disadvantages such as significant hardware resource utilization that could be otherwise used for useful work. This complexity has made performance, security, and scalability all competing ideals in practical system design. At the same time, other recent efforts have implemented mechanisms with negligible performance impact, but do so at the risk of weaker security guarantees. This dissertation first formalizes the challenges in modern exploit mitigation design. To illustrate these challenges, this dissertation presents a survey from the perspective of both attacker and defender to provide an overview of this current security landscape. This includes defining an informal taxonomy of exploit mitigation strategies, explaining prominent attack vectors that are faced by security experts today, and identifying and defining code components that are generally abused by code re-use. This dissertation then presents two practical design solutions. Both defense system designs uphold goals of achieving realistic performance, providing strong security guarantees, being robust for modern application code-bases, and being able to scale across the system at large. The first practical exploit mitigation design this dissertation presents is MARDU. MARDU is a novel re-randomization approach that utilizes on-demand randomization and the concept of code trampolines to support sharing of code transparently system-wide. To the best of my knowledge, MARDU is the first presented re-randomization technique capable of runtime code sharing for re-randomized code system-wide. Moreover, MARDU is one of the very few re-randomization mechanisms capable of performing seamless live thread migration to newly randomized code without pausing application execution. This dissertation describes the full design, implementation, and evaluation of MARDU to demonstrate its merits and show that careful design can uphold all practical design goals. For instance, scalability is a major challenge for randomization strategies, especially because traditional OS design expects code to be placed in known locations so that it can be reached by multiple processes, while randomization is purposefully trying to achieve the opposite, being completely unpredictable. This clash in expectations between system and defense design breaks a few very important assumptions for an application's runtime environment. This forces most randomization mechanisms to abandon the hope of upholding memory deduplication. MARDU resolves this challenge by applying trampolines to securely reach functions protected under secure memory. Even with this new calling convention in place, MARDU shows re-randomization degradation can be significantly reduced without sacrificing randomization entropy. Moreover, MARDU shows it is capable of defeating prominent code re-use variants with this practical design. This dissertation then presents its second practical exploit mitigation solution, BASTION. BASTION is a fine-grained system call filtering mechanism aimed at significantly strengthening the security surrounding system calls. Like MARDU, BASTION upholds the principles of this dissertation and was implemented with practicality in mind. BASTION's design is based on empirical observation of what a legitimate system call invocation consists of. BASTION introduces System Call Integrity to enforce the correct and intended use of system calls within a program. In order to enforce this novel security policy, BASTION proposes three new specialized contexts for the effective enforcement of legitimate system call usage. Namely, these contexts enforce that: system calls are only invoked with the correct calling convention, system calls are reached through legitimate control-flow paths, and all system call arguments are free from attacker corruption. By enforcing System Call Integrity with the previously mentioned contexts, this dissertation adds further evidence that context-sensitive defense strategies are superior to context-insensitive ones. BASTION is able to prevent over 32 real-world and synthesized exploits in its security evaluation and incurs negligible performance overhead (0.60%-2.01%). BASTION demonstrates that narrow and specialized exploit mitigation designs can be effective in more than one front, to the point that BASTION not only revents code re-use, but is capable of defending against any attack class that requires the utilization of system calls.
- Practical Mitigations Against Memory Corruption and Transient Execution AttacksIsmail, Mohannad Adel Abdelmoniem Ahmed (Virginia Tech, 2024-05-31)Memory corruption attacks have existed in C and C++ for more than 30 years, and over the years many defenses have been proposed. In addition to that, a new class of attacks, Spectre, has emerged that abuse speculative execution to leak secrets and sensitive data through micro-architectural side channels. Many defenses have been proposed to mitigate Spectre as well. However, with every new defense a new attack emerges, and then a new defense is proposed. This is an ongoing cycle between attackers and defenders. There exists many defenses for many different attack avenues. However, many suffer from either practicality or effectiveness issues, and security researchers need to balance out their compromises. Recently, many hardware vendors, such as Intel and ARM, have realized the extent of the issue of memory corruption attacks and have developed hardware security mechanisms that can be utilized to defend against these attacks. ARM, in particular, has released a mechanism called Pointer Authentication in which its main intended use is to protect the integrity of pointers by generating a Pointer Authentication Code (PAC) using a cryptographic hash function, as a Message Authentication Code (MAC), and placing it on the top unused bits of a 64-bit pointer. Placing the PAC on the top unused bits of the pointer changes its semantics and the pointer cannot be used unless it is properly authenticated. Hardware security features such as PAC are merely mechanisms not full fledged defences, and their effectiveness and practicality depends on how they are being utililzed. Naive use of these defenses doesn't alleviate the issues that exist in many state-of-the-art software defenses. The design of the defense that utilizes these hardware security features needs to have practicality and effectiveness in mind. Having both practicality and effectiveness is now a possible reality with these new hardware security features. This dissertation describes utilizing hardware security features, namely ARM PAC, to build effective and practical defense mechanisms. This dissertation first describes my past work called PACTight, a PAC based defense mechanism that defends against control-flow hijack- ing attacks. PACTight defines three security properties of a pointer such that, if achieved, prevent pointers from being tampered with. They are: 1) unforgeability: A pointer p should always point to its legitimate object; 2) non-copyability: A pointer p can only be used when it is at its specific legitimate location; 3) non-dangling: A pointer p cannot be used after it has been freed. PACTight tightly seals pointers and guarantees that a sealed pointer cannot be forged, copied, or dangling. PACTight protects all sensitive pointers, which are code pointers and pointers that point to code pointers. This completely prevents control-flow hijacking attacks, all while having low performance overhead. In addition to that, this dissertation proposes Scope-Type Integrity (STI), a new defense policy that enforces pointers to conform to the programmer's intended manner, by utilizing scope, type, and permission information. STI collects information offline about the type, scope, and permission (read/write) of every pointer in the program. This information can then be used at runtime to ensure that pointers comply with their intended purpose. This allows STI to defeat advanced pointer attacks since these attacks typically violate either the scope, type, or permission. We present Runtime Scope-Type Integrity (RSTI). RSTI leverages ARM Pointer Authentication (PA) to generate Pointer Authentication Codes (PACs), based on the information from STI, and place these PACs at the top bits of the pointer. At runtime, the PACs are then checked to ensure pointer usage complies with STI. RSTI overcomes two drawbacks that were present in PACTight: 1) PACTight relied on a large external metadata for protection, whereas RSTI uses very little metadata. 2) PACTight only protected a subset of pointers, whereas RSTI protects all pointers in a program. RSTI has large coverage with relatively low overhead. Also, this dissertation proposes sPACtre, a new and novel defense mechanism that aims to prevent Spectre control-flow attacks on existing hardware. sPACtre is an ARM-based defense mechanism that prevents Spectre control-flow attacks by relying on ARM's Pointer Authentication hardware security feature, annotations added to the program on the secrets that need to be protected from leakage and a dynamic tag-based bounds checking mechanism for arrays. We show that sPACtre can defend against these attacks. We evaluate sPACtre on a variety of cryptographic libraries with several cryptographic algorithms, as well as a synthetic benchmark, and show that it is efficient and has low performance overhead Finally, this dissertation explains a new direction for utilizing hardware security features to protect energy harvesting devices from checkpoint-recovery errors and malicious attackers.
- Practical Privacy-Preserving Federated Learning with Secure Multi-Party ComputationAkhtar, Benjamin Asad (Virginia Tech, 2024-08-12)
- RISCV Whisk: Unleashing the Power of Software Fuzzing on HardwareSingh, Nandita (Virginia Tech, 2023-06-30)In the hardware industry, the fabrication of a chip with hardware bugs represents a critical concern due to the permanent and irreversible nature of the process. The detection of bugs in intricate designs, such as those found in central processing units (CPUs), is a highly challenging and labor-intensive task, which leaves little margin for error. Modern CPU verification techniques often employ a blend of simulation, formal and emulation verification to guarantee the accuracy of the design. Although these methods are successful in identifying various types of design flaws, they still have some limitations. The biggest limitations is achieving comprehensive coverage of all conceivable scenarios and exceptional cases which may interrupt a core and put it in a halt state. We are presenting a design agnostic methodology involving a three-stage process for verification of a multi-core 32-bits RISC-V processor. This methodology leverages software fuzzing and utilizing state-of-the-art tools to analyze CPU's design after converting it into an equivalent software model. Our approach for hardware fuzzing incorporates the use of a sparse memory matrix as external memory to hold the inputs and state of the core, which are encountered during the fuzzing process. This approach has significantly increased the efficiency of our fuzzing process, enabling us to achieve a 609x improvement in the fuzzing rate compared to prevalent hardware fuzzing techniques. To further optimize our process, we precisely constrained the inputs of the fuzzer to provide only valid test scenarios, which eliminated the crash overhead of the fuzzer. By doing so, we have improved the accuracy of our testing results and reduced the time and resources required to analyze potential vulnerabilities. Our verification techniques are implemented using open-source tools, making our fast and cost-effective process accessible to a wide range of hardware engineers and security professionals. By leveraging the benefits of sparse memory and precise input constraints, our approach to hardware fuzzing offers a powerful and efficient tool for identifying potential hardware vulnerabilities and defects.
- Secure Data-Binding in FPGA-based Hardware Architectures utilizing PUFsFrank, Florian; Schmid, Martin; Klement, Felix; Palani, Purushothaman; Weber, Andreas; Kavun, Elif Bilge; Xiong, Wenjie; Arul, Tolga; Katzenbeisser, Stefan (ACM, 2024-07-01)In this work, a novel FPGA-based data-binding architecture incorporating PUFs and a user-specific encryption key to protect the confidentiality of data on external non-volatile memories is presented. By utilizing an intrinsic PUF derived from the same memory, the confidential data is additionally bound to the device. This feature proves valuable in cases where software is restricted to be executed exclusively on specific hardware or privacy-critical data is not allowed to be decrypted elsewhere. To improve the resistance against hardware attacks, a novel method to randomly select memory cells utilized for PUF measurements is presented. The FPGA-based design presented in this work allows for low latency as well as small area utilization, offers high adaptability to diverse hardware and software platforms, and is accessible from bare-metal programs to full Linux kernels. Moreover, a detailed performance and security evaluation is conducted on five boards. A single read or write operation can be executed in 0.58 𝜇𝑠 when utilizing the lightweight PRINCE cipher on an AMD Zync 7000 MPSoC. Furthermore, the entire architecture occupies only about 10% of the FPGA’s available space on a resource-constrained AMD PYNQ-Z2. Ultimately, the implementation is demonstrated by storing confidential user data on new generations of network base stations equipped with FPGAs
- Side-Channel Attacks in RISC-V BOOM Front-endChavda, Rutvik Jayantbhai (Virginia Tech, 2023-06-29)The prevalence of side-channel attacks exploiting hardware vulnerabilities leads to the exfil- tration of secretive data such as secret keys, which poses a significant threat to the security of modern processors. The RISC-V BOOM core is an open-source modern processor design widely utilized in research and industry. It enables experimentation with microarchitec- tures and memory hierarchies for optimized performance in various workloads. The RISC-V BOOM core finds application in the IoT and Embedded systems sector, where addressing side-channel attacks becomes crucial due to the significant emphasis on security. While prior studies on BOOM mainly focus on the side channel in the memory hierarchy such as caches or physical attacks such as power side channel. Recently, the front-end of microprocessors, which is responsible for fetching and decoding instructions, is found to be another potential source of side-channel attacks on Intel Processors. In this study, I present four timing-based side-channel attacks that leverage components in the front-end of BOOM. I tested the effectiveness of the attacks using a simulator and Xilinx VCU118 FPGA board. Finally, I provided possible mitigation techniques for these types of attacks to improve the overall security of modern processors. Our findings underscore the importance of identifying and addressing vulnerabilities in the front-end of modern pro- cessors, such as the BOOM core, to mitigate the risk of side-channel attacks and enhance system security.
- Signal generation and evaluation using Digital-to-Analog Converter and Signal Defined RadioChoudhury, Aakash (Virginia Tech, 2023-08-08)In contemporary communication systems, Digital-to-Analog Converters (DAC), Signal Defined Radio (SDR) signal creation, and clock data recovery are essential components. DACs convert digital signals to analog signals, creating continuous waveforms. DACs provide versatility in the transmission of SDR by supporting a range of communication protocols. Clock data recovery enables precise signal recovery and synchronization at the receiver end. These elements work together to provide effective and high-quality communication systems across several sectors. With the development of quantum computing, these SDR systems also find extensive use in generating precisely timed signals for controlling components of a quantum computer and also for read-out operations from various specialized instruments. This thesis demonstrates an FPGA (Xilinx vcu118) with a DAC (Analog Devices AD9081) platform. It employs SDR for generating of periodic signals and also stream of bits which are then recovered using a simple Clock Data Recovery technique. The signal integrity of the generated signals and error-rate from the proposed Clock Data Recovery technique is also analyzed.
- SoK: Fault Injection Attacks on CryptosystemsChiu, Tinghung; Xiong, Wenjie (ACM, 2023-10-29)Fault injection attacks are a powerful technique that intentionally induces faults during cryptographic computations to leak secret information. This paper provides a survey of fault attack techniques on different cryptosystems. The fault attack consists of two main components: fault modeling, which examines methods for injecting faults in a target device, and fault analysis, which analyzes the resulting faulty outputs to deduce secrets in each cryptosystem. We first categorize various fault attack methods by fault model and fault analysis.We then give examples of the various fault attacks on symmetric key cryptosystems and public key cryptosystems. This paper aims to provide a background on fault attack research and directions for further study on securing real-world cryptosystems against fault injection attacks.
- Survey of Approaches and Techniques for Security Verification of Computer SystemsErata, Ferhat; Deng, Shuwen; Zaghloul, Faisal; Xiong, Wenjie; Demir, Onur; Szefer, Jakub (ACM)This paper surveys the landscape of security verification approaches and techniques for computer systems at different levels: from a software-application level all the way to the physical hardware level. Different existing projects are compared, based on the tools used and security aspects being examined. Since many systems require both hardware and software components to work together to provide the system's promised security protections, it is not sufficient to verify just the software levels or just the hardware levels in a mutually exclusive fashion. This survey especially highlights system levels that are verified by the different existing projects and presents to the readers the state of the art in hardware and software system security verification. Few approaches come close to providing full-system verification, and there is still much room for improvement.
- Verification of DMAC Device Driver Operations in HOL4Platt, Robert Davis (Virginia Tech, 2024-05-31)Modern computer systems require efficient data transfers involving memory in order to get the best possible performance. However, even the most optimized CPUs take too long to access memory regions, which takes time away from doing the typical computations that a CPU is designed to do. To solve this, Direct Memory Access (DMA) is used, which allows peripherals and other hardware accelerators, such as stand-alone DMA Controllers (DMACs), to read and write memory without CPU intervention. However, DMA introduces security problems in which attackers are able to leak data and overwrite critical system components by bypassing typical operating system security mechanisms. This thesis presents a case study to model as well as verify DMA device driver code in HOL4, which is an interactive theorem prover (ITP) used for machine-checked verification. This thesis verifies parts of Intel's IXGBE X550 device driver, which is a complex, 10 Gbit Network Interface Card (NIC). This verification takes the first significant step towards proving that the DMA device driver configures the DMA device such that it preserves memory isolation, which ensures that only memory that is intended to be readable and writable will be accessed. This thesis also provides a formal method to verify that a loop terminates under all possible cases. This can be used to further verify the correctness of a DMA driver. These contributions allow for the overall increased security of memory when using DMA device drivers that are verified by this approach, leading to the hindrance of attacks on systems utilizing DMA.