SecuStack: Securing the Leaky Hardware/Software Boundary
Problem: Side-channel leaks via timing, cache, and speculation can expose sensitive information across traditional isolation barriers, putting our data at risk. Unfortunately, despite decades-long attempts to eliminate these leaks...
Problem: Side-channel leaks via timing, cache, and speculation can expose sensitive information across traditional isolation barriers, putting our data at risk. Unfortunately, despite decades-long attempts to eliminate these leaks, new attacks are discovered by the day. Fundamentally, this is due to the following mismatch: Today's hardware is extremely complicated because of its myriad fast paths and performance optimizations, yet, we reason about it based on coarse, implicit, and inaccurate models. This divide between model and reality results in leaks and inefficient systems that fail to keep our data safe.
Aim: SecuStack wants to put an end to this seemingly endless cycle of new attacks and defenses through a radically new approach based on the following insight: To effectively secure computer systems against side-channel leaks, we need to know when the hardware leaks, at the level of gates, flip-flops, and wires.
Approach: SecuStack will leverage this insight via the following four research tasks. First, the SecuStack team will automatically construct per-processor, ground-truth leakage models at the hardware level (T1). Next, we will use those models to describe leakage at the assembly (ISA) level (T2), which in turn will allow us to synthesize provably correct software defenses (T3). These steps build on research breakthroughs from my recent work. To remain feasible for a small team in a five-year timeframe, SecuStack will not target legacy toolchains but instead aim for a breakthrough in a tightly controlled setting, based on open-source RISC-V processors and a custom compilation toolchain. Finally, we will demonstrate immediate practical impact by implementing two challenging case studies: a silicon root of trust and an enclave monitor (T4).
Impact: If successful, this ambitious effort will yield the first provably secure end-to-end timing, cache, and speculation safe systems and pave the way towards secure infrastructure for the future.ver más
Seleccionando "Aceptar todas las cookies" acepta el uso de cookies para ayudarnos a brindarle una mejor experiencia de usuario y para analizar el uso del sitio web. Al hacer clic en "Ajustar tus preferencias" puede elegir qué cookies permitir. Solo las cookies esenciales son necesarias para el correcto funcionamiento de nuestro sitio web y no se pueden rechazar.
Cookie settings
Nuestro sitio web almacena cuatro tipos de cookies. En cualquier momento puede elegir qué cookies acepta y cuáles rechaza. Puede obtener más información sobre qué son las cookies y qué tipos de cookies almacenamos en nuestra Política de cookies.
Son necesarias por razones técnicas. Sin ellas, este sitio web podría no funcionar correctamente.
Son necesarias para una funcionalidad específica en el sitio web. Sin ellos, algunas características pueden estar deshabilitadas.
Nos permite analizar el uso del sitio web y mejorar la experiencia del visitante.
Nos permite personalizar su experiencia y enviarle contenido y ofertas relevantes, en este sitio web y en otros sitios web.