Visible to the public Peapods: OS-Independent Memory Confidentiality for Cryptographic Engines

TitlePeapods: OS-Independent Memory Confidentiality for Cryptographic Engines
Publication TypeConference Paper
Year of Publication2018
AuthorsLi, Congwu, Lin, Jingqiang, Cai, Quanwei, Luo, Bo
Conference Name2018 IEEE Intl Conf on Parallel Distributed Processing with Applications, Ubiquitous Computing Communications, Big Data Cloud Computing, Social Computing Networking, Sustainable Computing Communications (ISPA/IUCC/BDCloud/SocialCom/SustainCom)
Date Publisheddec
Keywordsautomatic protection, code fragments, compiler, compiler security, compositionality, confidentiality, cryptographic engines, Cryptographic Implementation, cryptographic keys, cryptography, data protection, DRAM chips, Encryption, Engines, Kernel, memory disclosure attack, memory disclosure attacks, Metrics, operating systems (computers), OS kernel, OS-independent memory confidentiality, Peapods, program compilers, pubcrawl, Random access memory, Registers, Resiliency, Scalability, sensitive variables, software engines, Transactional memory, user-mode protection
AbstractCryptography is widely adopted in computer systems to protect the confidentiality of sensitive information. The security relies on the assumption that cryptography keys are never leaked, which may be broken by the memory disclosure attacks, e.g., the Heartbleed and coldboot attacks. Various schemes are proposed to defend against memory disclosure attacks, e.g., performing the cryptographic computations in registers, or adopting the hardware features (e.g., Intel TSX and Intel SGX) to ensure that the plaintext of the cryptography key never appears in memory. However, these schemes are still not widely deployed due to the following limitations: (a) Most of the schemes are deployed in the OS kernel and require the root (or administrator) privileges of the host; and (b) They require the programmers to integrate these protection schemes in the implementation of different cryptography algorithms on different platforms. In this paper, we propose a tool implemented in Clang/LLVM, named Peapods, which provides the user-mode protection for cryptographic keys in software engines. It introduces one qualifier and three intrinsics for the programmers to specify the sensitive variables and code fragments to be protected, making it easier to be deployed. Peapods adopts transactional memory to protect cryptographic keys, while it is OS-independent and does not require the cryptographic computation performed in the OS kernel. Peapods supports the automatic protection between transactions for better performance. We have implemented the prototype of Peapods. Evaluation results demonstrate that Peapods achieves the design goals with a modest overhead (less than 10%).
DOI10.1109/BDCloud.2018.00128
Citation Keyli_peapods:_2018