Preventing Page Faults from Telling Your Secrets
Title | Preventing Page Faults from Telling Your Secrets |
Publication Type | Conference Paper |
Year of Publication | 2016 |
Authors | Shinde, Shweta, Chua, Zheng Leong, Narayanan, Viswesh, Saxena, Prateek |
Conference Name | Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security |
Publisher | ACM |
Conference Location | New York, NY, USA |
ISBN Number | 978-1-4503-4233-9 |
Keywords | channel coding, composability, defense, hardware security, Intel SGX, Metrics, pubcrawl, Resiliency, side-channel |
Abstract | New hardware primitives such as Intel SGX secure a user-level process in presence of an untrusted or compromised OS. Such "enclaved execution" systems are vulnerable to several side-channels, one of which is the page fault channel. In this paper, we show that the page fault side-channel has sufficient channel capacity to extract bits of encryption keys from commodity implementations of cryptographic routines in OpenSSL and Libgcrypt - leaking 27% on average and up to 100% of the secret bits in many case-studies. To mitigate this, we propose a software-only defense that masks page fault patterns by determinising the program's memory access behavior. We show that such a technique can be built into a compiler, and implement it for a subset of C which is sufficient to handle the cryptographic routines we study. This defense when implemented generically can have significant overhead of up to 4000X, but with help of developer-assisted compiler optimizations, the overhead reduces to at most 29.22% in our case studies. Finally, we discuss scope for hardware-assisted defenses, and show one solution that can reduce overheads to 6.77% with support from hardware changes. |
URL | http://doi.acm.org/10.1145/2897845.2897885 |
DOI | 10.1145/2897845.2897885 |
Citation Key | shinde_preventing_2016 |