Search

Your search keyword '"Sunar, Berk"' showing total 388 results
Start Over Author "Sunar, Berk"

Refine your results

more »

more »

more »

more »
388 results on '"Sunar, Berk"'

1. FAULT+PROBE: A Generic Rowhammer-based Bit Recovery Attack

Author

Derya, Kemal, Tol, M. Caner, and Sunar, Berk

Subjects
Computer Science - Cryptography and Security, Computer Science - Hardware Architecture
Abstract

Rowhammer is a security vulnerability that allows unauthorized attackers to induce errors within DRAM cells. To prevent fault injections from escalating to successful attacks, a widely accepted mitigation is implementing fault checks on instructions and data. We challenge the validity of this assumption by examining the impact of the fault on the victim's functionality. Specifically, we illustrate that an attacker can construct a profile of the victim's memory based on the directional patterns of bit flips. This profile is then utilized to identify the most susceptible bit locations within DRAM rows. These locations are then subsequently leveraged during an online attack phase with side information observed from the change in the victim's behavior to deduce sensitive bit values. Consequently, the primary objective of this study is to utilize Rowhammer as a probe, shifting the emphasis away from the victim's memory integrity and toward statistical fault analysis (SFA) based on the victim's operational behavior. We show FAULT+PROBE may be used to circumvent the verify-after-sign fault check mechanism, which is designed to prevent the generation of erroneous signatures that leak sensitive information. It does so by injecting directional faults into key positions identified during a memory profiling stage. The attacker observes the signature generation rate and decodes the secret bit value accordingly. This circumvention is enabled by an observable channel in the victim. FAULT+PROBE is not limited to signing victims and can be used to probe secret bits on arbitrary systems where an observable channel is present that leaks the result of the fault injection attempt. To demonstrate the attack, we target the fault-protected ECDSA in wolfSSL's implementation of the TLS 1.3 handshake. We recover 256-bit session keys with an average recovery rate of 22 key bits/hour and a 100% success rate.

Published
2024

2. LeapFrog: The Rowhammer Instruction Skip Attack

Author

Adiletta, Andrew, Tol, Caner, and Sunar, Berk

Subjects
Computer Science - Cryptography and Security, Computer Science - Hardware Architecture
Abstract

Since its inception, Rowhammer exploits have rapidly evolved into increasingly sophisticated threats not only compromising data integrity but also the control flow integrity of victim processes. Nevertheless, it remains a challenge for an attacker to identify vulnerable targets (i.e., Rowhammer gadgets), understand the outcome of the attempted fault, and formulate an attack that yields useful results. In this paper, we present a new type of Rowhammer gadget, called a LeapFrog gadget, which, when present in the victim code, allows an adversary to subvert code execution to bypass a critical piece of code (e.g., authentication check logic, encryption rounds, padding in security protocols). The Leapfrog gadget manifests when the victim code stores the Program Counter (PC) value in the user or kernel stack (e.g., a return address during a function call) which, when tampered with, re-positions the return address to a location that bypasses a security-critical code pattern. This research also presents a systematic process to identify Leapfrog gadgets. This methodology enables the automated detection of susceptible targets and the determination of optimal attack parameters. We first showcase this new attack vector through a practical demonstration on a TLS handshake client/server scenario, successfully inducing an instruction skip in a client application. We then demonstrate the attack on real-world code found in the wild, implementing an attack on OpenSSL. Our findings extend the impact of Rowhammer attacks on control flow and contribute to the development of more robust defenses against these increasingly sophisticated threats., Comment: Accepted at Hardware.io 2024

Published
2024

3. Mayhem: Targeted Corruption of Register and Stack Variables

Author

Adiletta, Andrew J., Tol, M. Caner, Doröz, Yarkın, and Sunar, Berk

Subjects
Computer Science - Cryptography and Security
Abstract

In the past decade, many vulnerabilities were discovered in microarchitectures which yielded attack vectors and motivated the study of countermeasures. Further, architectural and physical imperfections in DRAMs led to the discovery of Rowhammer attacks which give an adversary power to introduce bit flips in a victim's memory space. Numerous studies analyzed Rowhammer and proposed techniques to prevent it altogether or to mitigate its effects. In this work, we push the boundary and show how Rowhammer can be further exploited to inject faults into stack variables and even register values in a victim's process. We achieve this by targeting the register value that is stored in the process's stack, which subsequently is flushed out into the memory, where it becomes vulnerable to Rowhammer. When the faulty value is restored into the register, it will end up used in subsequent iterations. The register value can be stored in the stack via latent function calls in the source or by actively triggering signal handlers. We demonstrate the power of the findings by applying the techniques to bypass SUDO and SSH authentication. We further outline how MySQL and other cryptographic libraries can be targeted with the new attack vector. There are a number of challenges this work overcomes with extensive experimentation before coming together to yield an end-to-end attack on an OpenSSL digital signature: achieving co-location with stack and register variables, with synchronization provided via a blocking window. We show that stack and registers are no longer safe from the Rowhammer attack., Comment: ACM ASIACCS 2024

Published
2023

4. ZeroLeak: Using LLMs for Scalable and Cost Effective Side-Channel Patching

Author

Tol, M. Caner and Sunar, Berk

Subjects
Computer Science - Cryptography and Security, Computer Science - Machine Learning, Computer Science - Software Engineering
Abstract

Security critical software, e.g., OpenSSL, comes with numerous side-channel leakages left unpatched due to a lack of resources or experts. The situation will only worsen as the pace of code development accelerates, with developers relying on Large Language Models (LLMs) to automatically generate code. In this work, we explore the use of LLMs in generating patches for vulnerable code with microarchitectural side-channel leakages. For this, we investigate the generative abilities of powerful LLMs by carefully crafting prompts following a zero-shot learning approach. All generated code is dynamically analyzed by leakage detection tools, which are capable of pinpointing information leakage at the instruction level leaked either from secret dependent accesses or branches or vulnerable Spectre gadgets, respectively. Carefully crafted prompts are used to generate candidate replacements for vulnerable code, which are then analyzed for correctness and for leakage resilience. From a cost/performance perspective, the GPT4-based configuration costs in API calls a mere few cents per vulnerability fixed. Our results show that LLM-based patching is far more cost-effective and thus provides a scalable solution. Finally, the framework we propose will improve in time, especially as vulnerability detection tools and LLMs mature.

Published
2023

6. An End-to-End Analysis of EMFI on Bit-sliced Post-Quantum Implementations

Author

Singh, Richa, Islam, Saad, Sunar, Berk, and Schaumont, Patrick

Subjects
Computer Science - Cryptography and Security
Abstract

Bit-slicing is a software implementation technique that treats an N-bit processor datapath as N parallel single-bit datapaths. The natural spatial redundancy of bit-sliced software can be used to build countermeasures against implementation attacks. While the merits of bit-slicing for side-channel countermeasures have been studied before, their application for protection of post-quantum algorithms against fault injection is still unexplored. We present an end-to-end analysis of the efficacy of bit-slicing to detect and thwart electromagnetic fault injection (EMFI) attacks on post-quantum cryptography (PQC). We study Dilithium, a digital signature finalist of the NIST PQC competition. We present a bit-slice-redundant design for the Number-Theoretic Transform (NTT), the most complex and compute-intensive component in Dilithium. We show a data-redundant countermeasure for NTT which offers two concurrent bits for every single bit in the original implementation. We then implement a full Dilithium signature sequence on a 667 MHz ARM Cortex-A9 processor integrated in a Xilinx Zynq SoC. We perform a detailed EM fault-injection parameter search to optimize the location, intensity and timing of injected EM pulses. We demonstrate that, under optimized fault injection parameters, about 10% of the injected faults become potentially exploitable. However, the bit-sliced NTT design is able to catch the majority of these potentially exploitable faults, even when the remainder of the Dilithium algorithm as well as the control flow is left unprotected. To our knowledge, this is the first demonstration of a bitslice-redundant design of Dilithium that offers distributed fault detection throughout the execution of the algorithm.

Published
2022

7. Signature Correction Attack on Dilithium Signature Scheme

Author

Islam, Saad, Mus, Koksal, Singh, Richa, Schaumont, Patrick, and Sunar, Berk

Subjects
Computer Science - Cryptography and Security
Abstract

Motivated by the rise of quantum computers, existing public-key cryptosystems are expected to be replaced by post-quantum schemes in the next decade in billions of devices. To facilitate the transition, NIST is running a standardization process which is currently in its final Round. Only three digital signature schemes are left in the competition, among which Dilithium and Falcon are the ones based on lattices. Classical fault attacks on signature schemes make use of pairs of faulty and correct signatures to recover the secret key which only works on deterministic schemes. To counter such attacks, Dilithium offers a randomized version which makes each signature unique, even when signing identical messages. In this work, we introduce a novel Signature Correction Attack which not only applies to the deterministic version but also to the randomized version of Dilithium and is effective even on constant-time implementations using AVX2 instructions. The Signature Correction Attack exploits the mathematical structure of Dilithium to recover the secret key bits by using faulty signatures and the public-key. It can work for any fault mechanism which can induce single bit-flips. For demonstration, we are using Rowhammer induced faults. Thus, our attack does not require any physical access or special privileges, and hence could be also implemented on shared cloud servers. We perform a thorough classical and quantum security analysis of Dilithium and successfully recover 1,851 bits out of 3,072 bits of secret key $s_1$ for security level 2. The lattice strength against quantum attackers is reduced from $2^{128}$ to $2^{81}$ while the strength against classical attackers is reduced from $2^{141}$ to $2^{89}$. Hence, the Signature Correction Attack may be employed to achieve a practical attack on Dilithium (security level 2) as proposed in Round 3 of the NIST post-quantum standardization process.

Published
2022

8. IOTLB-SC: An Accelerator-Independent Leakage Source in Modern Cloud Systems

Author

Tiemann, Thore, Weissman, Zane, Eisenbarth, Thomas, and Sunar, Berk

Subjects
Computer Science - Cryptography and Security, Computer Science - Hardware Architecture, C.0, D.4.6
Abstract

Hardware peripherals such as GPUs and FPGAs are commonly available in server-grade computing to accelerate specific compute tasks, from database queries to machine learning. CSPs have integrated these accelerators into their infrastructure and let tenants combine and configure these components flexibly, based on their needs. Securing I/O interfaces is critical to ensure proper isolation between tenants in these highly complex, heterogeneous, yet shared server systems, especially in the cloud, where some peripherals may be under control of a malicious tenant. In this work, we investigate the interfaces that connect peripheral hardware components to each other and the rest of the system.We show that the I/O memory management units (IOMMUs) - intended to ensure proper isolation of peripherals - are the source of a new attack surface: the I/O translation look-aside buffer (IOTLB). We show that by using an FPGA accelerator card one can gain precise information over IOTLB activity. That information can be used for covert communication between peripherals without bothering CPU or to directly extract leakage from neighboring accelerated compute jobs such as GPU-accelerated databases. We present the first qualitative and quantitative analysis of this newly uncovered attack surface before fine-grained channels become widely viable with the introduction of CXL and PCIe 5.0. In addition, we propose possible countermeasures that software developers, hardware designers, and system administrators can use to suppress the observed side-channel leakages and analyze their implicit costs., Comment: 14 pages. 8 figures, 2 of which in appendix. To be published in ACM ASIA Conference on Computer and Communications Security (ASIA CCS '23)

Published
2022
Full Text
View/download PDF

9. Don't Knock! Rowhammer at the Backdoor of DNN Models

Author

Tol, M. Caner, Islam, Saad, Adiletta, Andrew J., Sunar, Berk, and Zhang, Ziming

Subjects
Computer Science - Machine Learning, Computer Science - Cryptography and Security
Abstract

State-of-the-art deep neural networks (DNNs) have been proven to be vulnerable to adversarial manipulation and backdoor attacks. Backdoored models deviate from expected behavior on inputs with predefined triggers while retaining performance on clean data. Recent works focus on software simulation of backdoor injection during the inference phase by modifying network weights, which we find often unrealistic in practice due to restrictions in hardware. In contrast, in this work for the first time, we present an end-to-end backdoor injection attack realized on actual hardware on a classifier model using Rowhammer as the fault injection method. To this end, we first investigate the viability of backdoor injection attacks in real-life deployments of DNNs on hardware and address such practical issues in hardware implementation from a novel optimization perspective. We are motivated by the fact that vulnerable memory locations are very rare, device-specific, and sparsely distributed. Consequently, we propose a novel network training algorithm based on constrained optimization to achieve a realistic backdoor injection attack in hardware. By modifying parameters uniformly across the convolutional and fully-connected layers as well as optimizing the trigger pattern together, we achieve state-of-the-art attack performance with fewer bit flips. For instance, our method on a hardware-deployed ResNet-20 model trained on CIFAR-10 achieves over 89% test accuracy and 92% attack success rate by flipping only 10 out of 2.2 million bits., Comment: 2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

Published
2021

10. FastSpec: Scalable Generation and Detection of Spectre Gadgets Using Neural Embeddings

Author

Tol, M. Caner, Gulmezoglu, Berk, Yurtseven, Koray, and Sunar, Berk

Subjects
Computer Science - Cryptography and Security, Computer Science - Machine Learning
Abstract

Several techniques have been proposed to detect vulnerable Spectre gadgets in widely deployed commercial software. Unfortunately, detection techniques proposed so far rely on hand-written rules which fall short in covering subtle variations of known Spectre gadgets as well as demand a huge amount of time to analyze each conditional branch in software. Moreover, detection tool evaluations are based only on a handful of these gadgets, as it requires arduous effort to craft new gadgets manually. In this work, we employ both fuzzing and deep learning techniques to automate the generation and detection of Spectre gadgets. We first create a diverse set of Spectre-V1 gadgets by introducing perturbations to the known gadgets. Using mutational fuzzing, we produce a data set with more than 1 million Spectre-V1 gadgets which is the largest Spectre gadget data set built to date. Next, we conduct the first empirical usability study of Generative Adversarial Networks (GANs) in the context of assembly code generation without any human interaction. We introduce SpectreGAN which leverages masking implementation of GANs for both learning the gadget structures and generating new gadgets. This provides the first scalable solution to extend the variety of Spectre gadgets. Finally, we propose FastSpec which builds a classifier with the generated Spectre gadgets based on a novel high dimensional Neural Embeddings technique (BERT). For the case studies, we demonstrate that FastSpec discovers potential gadgets with a high success rate in OpenSSL libraries and Phoronix benchmarks. Further, FastSpec offers much greater flexibility and time-related performance gain compared to the existing tools and therefore can be used for gadget detection in large-scale software., Comment: IEEE European Symposium on Security and Privacy 2021

Published
2020

11. CopyCat: Controlled Instruction-Level Attacks on Enclaves

Author

Moghimi, Daniel, Van Bulck, Jo, Heninger, Nadia, Piessens, Frank, and Sunar, Berk

Subjects
Computer Science - Cryptography and Security
Abstract

The adversarial model presented by trusted execution environments (TEEs) has prompted researchers to investigate unusual attack vectors. One particularly powerful class of controlled-channel attacks abuses page-table modifications to reliably track enclave memory accesses at a page-level granularity. In contrast to noisy microarchitectural timing leakage, this line of deterministic controlled-channel attacks abuses indispensable architectural interfaces and hence cannot be mitigated by tweaking microarchitectural resources. We propose an innovative controlled-channel attack, named CopyCat, that deterministically counts the number of instructions executed within a single enclave code page. We show that combining the instruction counts harvested by CopyCat with traditional, coarse-grained page-level leakage allows the accurate reconstruction of enclave control flow at a maximal instruction-level granularity. CopyCat can identify intra-page and intra-cache line branch decisions that ultimately may only differ in a single instruction, underscoring that even extremely subtle control flow deviations can be deterministically leaked from secure enclaves. We demonstrate the improved resolution and practicality of CopyCat on Intel SGX in an extensive study of single-trace and deterministic attacks against cryptographic implementations, and give novel algorithmic attacks to perform single-trace key extraction that exploit subtle vulnerabilities in the latest versions of widely-used cryptographic libraries. Our findings highlight the importance of stricter verification of cryptographic implementations, especially in the context of TEEs., Comment: This paper will be presented at USENIX Security Symposium 2020. Please cite this work as: Daniel Moghimi, Jo Van Bulck, Nadia Heninger, Frank Piessens, Berk Sunar, "CopyCat: Controlled Instruction-Level Attacks on Enclaves" in Proceedings of the 29th USENIX Security Symposium, Boston, MA, August 2020

Published
2020

12. JackHammer: Efficient Rowhammer on Heterogeneous FPGA-CPU Platforms

Author

Weissman, Zane, Tiemann, Thore, Moghimi, Daniel, Custodio, Evan, Eisenbarth, Thomas, and Sunar, Berk

Subjects
Computer Science - Cryptography and Security, Computer Science - Hardware Architecture
Abstract

After years of development, FPGAs are finally making an appearance on multi-tenant cloud servers. These heterogeneous FPGA-CPU architectures break common assumptions about isolation and security boundaries. Since the FPGA and CPU architectures share hardware resources, a new class of vulnerabilities requires us to reassess the security and dependability of these platforms. In this work, we analyze the memory and cache subsystem and study Rowhammer and cache attacks enabled on two proposed heterogeneous FPGA-CPU platforms by Intel: the Arria 10 GX with an integrated FPGA-CPU platform, and the Arria 10 GX PAC expansion card which connects the FPGA to the CPU via the PCIe interface. We show that while Intel PACs currently are immune to cache attacks from FPGA to CPU, the integrated platform is indeed vulnerable to Prime and Probe style attacks from the FPGA to the CPU's last level cache. Further, we demonstrate JackHammer, a novel and efficient Rowhammer from the FPGA to the host's main memory. Our results indicate that a malicious FPGA can perform twice as fast as a typical Rowhammer attack from the CPU on the same system and causes around four times as many bit flips as the CPU attack. We demonstrate the efficacy of JackHammer from the FPGA through a realistic fault attack on the WolfSSL RSA signing implementation that reliably causes a fault after an average of fifty-eight RSA signatures, 25% faster than a CPU rowhammer attack. In some scenarios our JackHammer attack produces faulty signatures more than three times more often and almost three times faster than a conventional CPU rowhammer attack., Comment: Accepted to IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES), Volume 2020, Issue 3

Published
2019
Full Text
View/download PDF

13. TPM-FAIL: TPM meets Timing and Lattice Attacks

Author

Moghimi, Daniel, Sunar, Berk, Eisenbarth, Thomas, and Heninger, Nadia

Subjects
Computer Science - Cryptography and Security
Abstract

Trusted Platform Module (TPM) serves as a hardware-based root of trust that protects cryptographic keys from privileged system and physical adversaries. In this work, we perform a black-box timing analysis of TPM 2.0 devices deployed on commodity computers. Our analysis reveals that some of these devices feature secret-dependent execution times during signature generation based on elliptic curves. In particular, we discovered timing leakage on an Intel firmware-based TPM as well as a hardware TPM. We show how this information allows an attacker to apply lattice techniques to recover 256-bit private keys for ECDSA and ECSchnorr signatures. On Intel fTPM, our key recovery succeeds after about 1,300 observations and in less than two minutes. Similarly, we extract the private ECDSA key from a hardware TPM manufactured by STMicroelectronics, which is certified at Common Criteria (CC) EAL 4+, after fewer than 40,000 observations. We further highlight the impact of these vulnerabilities by demonstrating a remote attack against a StrongSwan IPsec VPN that uses a TPM to generate the digital signatures for authentication. In this attack, the remote client recovers the server's private authentication key by timing only 45,000 authentication handshakes via a network connection. The vulnerabilities we have uncovered emphasize the difficulty of correctly implementing known constant-time techniques, and show the importance of evolutionary testing and transparent evaluation of cryptographic implementations. Even certified devices that claim resistance against attacks require additional scrutiny by the community and industry, as we learn more about these attacks., Comment: The 29th USENIX Security Symposium (Usenix SEC 2020)

Published
2019

14. FortuneTeller: Predicting Microarchitectural Attacks via Unsupervised Deep Learning

Author

Gulmezoglu, Berk, Moghimi, Ahmad, Eisenbarth, Thomas, and Sunar, Berk

Subjects
Computer Science - Cryptography and Security, Computer Science - Machine Learning
Abstract

The growing security threat of microarchitectural attacks underlines the importance of robust security sensors and detection mechanisms at the hardware level. While there are studies on runtime detection of cache attacks, a generic model to consider the broad range of existing and future attacks is missing. Unfortunately, previous approaches only consider either a single attack variant, e.g. Prime+Probe, or specific victim applications such as cryptographic implementations. Furthermore, the state-of-the art anomaly detection methods are based on coarse-grained statistical models, which are not successful to detect anomalies in a large-scale real world systems. Thanks to the memory capability of advanced Recurrent Neural Networks (RNNs) algorithms, both short and long term dependencies can be learned more accurately. Therefore, we propose FortuneTeller, which for the first time leverages the superiority of RNNs to learn complex execution patterns and detects unseen microarchitectural attacks in real world systems. FortuneTeller models benign workload pattern from a microarchitectural standpoint in an unsupervised fashion, and then, it predicts how upcoming benign executions are supposed to behave. Potential attacks and malicious behaviors will be detected automatically, when there is a discrepancy between the predicted execution pattern and the runtime observation. We implement FortuneTeller based on the available hardware performance counters on Intel processors and it is trained with 10 million samples obtained from benign applications. For the first time, the latest attacks such as Meltdown, Spectre, Rowhammer and Zombieload are detected with one trained model and without observing these attacks during the training. We show that FortuneTeller achieves F-score of 0.9970.

Published
2019

15. Fallout: Reading Kernel Writes From User Space

Author

Minkin, Marina, Moghimi, Daniel, Lipp, Moritz, Schwarz, Michael, Van Bulck, Jo, Genkin, Daniel, Gruss, Daniel, Piessens, Frank, Sunar, Berk, and Yarom, Yuval

Subjects
Computer Science - Cryptography and Security, Computer Science - Hardware Architecture
Abstract

Recently, out-of-order execution, an important performance optimization in modern high-end processors, has been revealed to pose a significant security threat, allowing information leaks across security domains. In particular, the Meltdown attack leaks information from the operating system kernel to user space, completely eroding the security of the system. To address this and similar attacks, without incurring the performance costs of software countermeasures, Intel includes hardware-based defenses in its recent Coffee Lake R processors. In this work, we show that the recent hardware defenses are not sufficient. Specifically, we present Fallout, a new transient execution attack that leaks information from a previously unexplored microarchitectural component called the store buffer. We show how unprivileged user processes can exploit Fallout to reconstruct privileged information recently written by the kernel. We further show how Fallout can be used to bypass kernel address space randomization. Finally, we identify and explore microcode assists as a hitherto ignored cause of transient execution. Fallout affects all processor generations we have tested. However, we notice a worrying regression, where the newer Coffee Lake R processors are more vulnerable to Fallout than older generations.

Published
2019

16. Credential Masquerading and OpenSSL Spy: Exploring ROS 2 using DDS security

Author

DiLuoffo, Vincenzo, Michalson, William R., and Sunar, Berk

Subjects
Computer Science - Cryptography and Security
Abstract

The trend toward autonomous robot deployments is on an upward growth curve. These robots are undertaking new tasks and are being integrated into society. Examples of this trend are autonomous vehicles, humanoids, and eldercare. The movement from factory floors to streets and homes has also increased the number of vulnerabilities that adversaries can utilize. To improve security, Robot Operating System (ROS) 2 has standardized on using Data Distributed Services (DDS) as the messaging layer, which supports a security standard for protecting messages between parties with access control enforcement. DDS security is dependent on the OpenSSL and a security configuration file that specifies sensitive data location. DSS Security assumes that the underlining Operating System (OS) is secure and that the dependencies are consistent, but ongoing integrity checks are not performed. This paper looks at two vulnerabilities that we exploit using an OpenSSL spy process and a security property file manipulation. An overview of each exploit is provided with an evaluation of mitigation technologies that may be employed in client computers, servers, and other areas. Since, ROS 2 and DDS run in user space, these processes are prone to vulnerabilities. We provide recommendations about mitigation technology, as currently autonomous platforms are being deployed without safe-guards for on or off-line threats. The Trust Platform Module (TPM) is new to robotic systems, but the standard usage model does not provide risk mitigation above the OS layer for the types of attacks we discuss.

Published
2019

17. SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks

Author

Islam, Saad, Moghimi, Ahmad, Bruhns, Ida, Krebbel, Moritz, Gulmezoglu, Berk, Eisenbarth, Thomas, and Sunar, Berk

Subjects
Computer Science - Cryptography and Security
Abstract

Modern microarchitectures incorporate optimization techniques such as speculative loads and store forwarding to improve the memory bottleneck. The processor executes the load speculatively before the stores, and forwards the data of a preceding store to the load if there is a potential dependency. This enhances performance since the load does not have to wait for preceding stores to complete. However, the dependency prediction relies on partial address information, which may lead to false dependencies and stall hazards. In this work, we are the first to show that the dependency resolution logic that serves the speculative load can be exploited to gain information about the physical page mappings. Microarchitectural side-channel attacks such as Rowhammer and cache attacks like Prime+Probe rely on the reverse engineering of the virtual-to-physical address mapping. We propose the SPOILER attack which exploits this leakage to speed up this reverse engineering by a factor of 256. Then, we show how this can improve the Prime+Probe attack by a 4096 factor speed up of the eviction set search, even from sandboxed environments like JavaScript. Finally, we improve the Rowhammer attack by showing how SPOILER helps to conduct DRAM row conflicts deterministically with up to 100% chance, and by demonstrating a double-sided Rowhammer attack with normal user's privilege. The later is due to the possibility of detecting contiguous memory pages using the SPOILER leakage., Comment: The 28th USENIX Security Symposium (USENIX Security '19)

Published
2019

18. Undermining User Privacy on Mobile Devices Using AI

Author

Gulmezoglu, Berk, Zankl, Andreas, Tol, M. Caner, Islam, Saad, Eisenbarth, Thomas, and Sunar, Berk

Subjects
Computer Science - Cryptography and Security, Computer Science - Artificial Intelligence
Abstract

Over the past years, literature has shown that attacks exploiting the microarchitecture of modern processors pose a serious threat to the privacy of mobile phone users. This is because applications leave distinct footprints in the processor, which can be used by malware to infer user activities. In this work, we show that these inference attacks are considerably more practical when combined with advanced AI techniques. In particular, we focus on profiling the activity in the last-level cache (LLC) of ARM processors. We employ a simple Prime+Probe based monitoring technique to obtain cache traces, which we classify with Deep Learning methods including Convolutional Neural Networks. We demonstrate our approach on an off-the-shelf Android phone by launching a successful attack from an unprivileged, zeropermission App in well under a minute. The App thereby detects running applications with an accuracy of 98% and reveals opened websites and streaming videos by monitoring the LLC for at most 6 seconds. This is possible, since Deep Learning compensates measurement disturbances stemming from the inherently noisy LLC monitoring and unfavorable cache characteristics such as random line replacement policies. In summary, our results show that thanks to advanced AI techniques, inference attacks are becoming alarmingly easy to implement and execute in practice. This once more calls for countermeasures that confine microarchitectural leakage and protect mobile phone applications, especially those valuing the privacy of their users.

Published
2018

20. MicroWalk: A Framework for Finding Side Channels in Binaries

Author

Wichelmann, Jan, Moghimi, Ahmad, Eisenbarth, Thomas, and Sunar, Berk

Subjects
Computer Science - Cryptography and Security
Abstract

Microarchitectural side channels expose unprotected software to information leakage attacks where a software adversary is able to track runtime behavior of a benign process and steal secrets such as cryptographic keys. As suggested by incremental software patches for the RSA algorithm against variants of side-channel attacks within different versions of cryptographic libraries, protecting security-critical algorithms against side channels is an intricate task. Software protections avoid leakages by operating in constant time with a uniform resource usage pattern independent of the processed secret. In this respect, automated testing and verification of software binaries for leakage-free behavior is of importance, particularly when the source code is not available. In this work, we propose a novel technique based on Dynamic Binary Instrumentation and Mutual Information Analysis to efficiently locate and quantify memory based and control-flow based microarchitectural leakages. We develop a software framework named \tool~for side-channel analysis of binaries which can be extended to support new classes of leakage. For the first time, by utilizing \tool, we perform rigorous leakage analysis of two widely-used closed-source cryptographic libraries: \emph{Intel IPP} and \emph{Microsoft CNG}. We analyze $15$ different cryptographic implementations consisting of $112$ million instructions in about $105$ minutes of CPU time. By locating previously unknown leakages in hardened implementations, our results suggest that \tool~can efficiently find microarchitectural leakages in software binaries.

Published
2018
Full Text
View/download PDF

21. DeepCloak: Adversarial Crafting As a Defensive Measure to Cloak Processes

Author

Inci, Mehmet Sinan, Eisenbarth, Thomas, and Sunar, Berk

Subjects
Computer Science - Cryptography and Security
Abstract

Over the past decade, side-channels have proven to be significant and practical threats to modern computing systems. Recent attacks have all exploited the underlying shared hardware. While practical, mounting such a complicated attack is still akin to listening on a private conversation in a crowded train station. The attacker has to either perform significant manual labor or use AI systems to automate the process. The recent academic literature points to the latter option. With the abundance of cheap computing power and the improvements made in AI, it is quite advantageous to automate such tasks. By using AI systems however, malicious parties also inherit their weaknesses. One such weakness is undoubtedly the vulnerability to adversarial samples. In contrast to the previous literature, for the first time, we propose the use of adversarial learning as a defensive tool to obfuscate and mask private information. We demonstrate the viability of this approach by first training CNNs and other machine learning classifiers on leakage trace of different processes. After training highly accurate models (99+% accuracy), we investigate their resolve against adversarial learning methods. By applying minimal perturbations to input traces, the adversarial traffic by the defender can run as an attachment to the original process and cloak it against a malicious classifier. Finally, we investigate whether an attacker can protect her classifier model by employing adversarial defense methods, namely adversarial re-training and defensive distillation. Our results show that even in the presence of an intelligent adversary that employs such techniques, all 10 of the tested adversarial learning methods still manage to successfully craft adversarial perturbations and the proposed cloaking methodology succeeds., Comment: 12 pages, 8 figures, published at DYNAMICS 2019

Published
2018

22. MemJam: A False Dependency Attack against Constant-Time Crypto Implementations

Author

Moghimi, Ahmad, Eisenbarth, Thomas, and Sunar, Berk

Subjects
Computer Science - Cryptography and Security
Abstract

Cache attacks exploit memory access patterns of cryptographic implementations. Constant-Time implementation techniques have become an indispensable tool in fighting cache timing attacks. These techniques engineer the memory accesses of cryptographic operations to follow a uniform key independent pattern. However, the constant-time behavior is dependent on the underlying architecture, which can be highly complex and often incorporates unpublished features. CacheBleed attack targets cache bank conflicts and thereby invalidates the assumption that microarchitectural side-channel adversaries can only observe memory with cache line granularity. In this work, we propose MemJam, a side-channel attack that exploits false dependency of memory read-after-write and provides a high quality intra cache level timing channel. As a proof of concept, we demonstrate the first key recovery attacks on a constant-time implementation of AES, and a SM4 implementation with cache protection in the current Intel Integrated Performance Primitives (Intel IPP) cryptographic library. Further, we demonstrate the first intra cache level timing attack on SGX by reproducing the AES key recovery results on an enclave that performs encryption using the aforementioned constant-time implementation of AES. Our results show that we can not only use this side channel to efficiently attack memory dependent cryptographic operations but also to bypass proposed protections. Compared to CacheBleed, which is limited to older processor generations, MemJam is the first intra cache level attack applicable to all major Intel processors including the latest generations that support the SGX extension.

Published
2017
Full Text
View/download PDF

23. Did we learn from LLC Side Channel Attacks? A Cache Leakage Detection Tool for Crypto Libraries

Author

Irazoqui, Gorka, Cong, Kai, Guo, Xiaofei, Khattri, Hareesh, Kanuparthi, Arun, Eisenbarth, Thomas, and Sunar, Berk

Subjects
Computer Science - Cryptography and Security
Abstract

This work presents a new tool to verify the correctness of cryptographic implementations with respect to cache attacks. Our methodology discovers vulnerabilities that are hard to find with other techniques, observed as exploitable leakage. The methodology works by identifying secret dependent memory and introducing forced evictions inside potentially vulnerable code to obtain cache traces that are analyzed using Mutual Information. If dependence is observed, the cryptographic implementation is classified as to leak information. We demonstrate the viability of our technique in the design of the three main cryptographic primitives, i.e., AES, RSA and ECC, in eight popular up to date cryptographic libraries, including OpenSSL, Libgcrypt, Intel IPP and NSS. Our results show that cryptographic code designers are far away from incorporating the appropriate countermeasures to avoid cache leakages, as we found that 50% of the default implementations analyzed leaked information that lead to key extraction. We responsibly notified the designers of all the leakages found and suggested patches to solve these vulnerabilities.

Published
2017

24. PerfWeb: How to Violate Web Privacy with Hardware Performance Events

Author

Gulmezoglu, Berk, Zankl, Andreas, Eisenbarth, Thomas, and Sunar, Berk

Subjects
Computer Science - Cryptography and Security
Abstract

The browser history reveals highly sensitive information about users, such as financial status, health conditions, or political views. Private browsing modes and anonymity networks are consequently important tools to preserve the privacy not only of regular users but in particular of whistleblowers and dissidents. Yet, in this work we show how a malicious application can infer opened websites from Google Chrome in Incognito mode and from Tor Browser by exploiting hardware performance events (HPEs). In particular, we analyze the browsers' microarchitectural footprint with the help of advanced Machine Learning techniques: k-th Nearest Neighbors, Decision Trees, Support Vector Machines, and in contrast to previous literature also Convolutional Neural Networks. We profile 40 different websites, 30 of the top Alexa sites and 10 whistleblowing portals, on two machines featuring an Intel and an ARM processor. By monitoring retired instructions, cache accesses, and bus cycles for at most 5 seconds, we manage to classify the selected websites with a success rate of up to 86.3%. The results show that hardware performance events can clearly undermine the privacy of web users. We therefore propose mitigation strategies that impede our attacks and still allow legitimate use of HPEs.

Published
2017

25. Homomorphic Rank Sort Using Surrogate Polynomials

Author

Çetin, Gizem S., Sunar, Berk, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Lange, Tanja, editor, and Dunkelman, Orr, editor

Published
2019
Full Text
View/download PDF

26. Flattening NTRU for Evaluation Key Free Homomorphic Encryption

Author

Doröz Yarkın and Sunar Berk

Subjects
homomorphic encryption, flattening, ntru, dspr, subfield lattice attack, 94a60, 03g10, 81p94, Mathematics, QA1-939
Abstract

We propose a new FHE scheme F-NTRU that adopts the flattening technique proposed in GSW to derive an NTRU based scheme that (similar to GSW) does not require evaluation keys or key switching. Our scheme eliminates the decision small polynomial ratio assumption but relies only on the standard R-LWE assumption. It uses wide key distributions, and hence is immune to Subfield Lattice Attack. In practice, our scheme achieves competitive timings compared to the existing schemes. We are able to compute a homomorphic multiplication in 24.4 msec and 76.0 msec for 5 and 30 levels, respectively, without amortization. Furthermore, our scheme features small ciphertexts, e.g. 2376 KB for 30 levels. The assurance gained by using wide key distributions along with the message space flexibility of the scheme, i.e. bits, binary polynomials, and integers with a large message space, allows the use of the proposed scheme in a wide array of applications.

Published
2020
Full Text
View/download PDF

27. MemJam: A False Dependency Attack Against Constant-Time Crypto Implementations in SGX

Author

Moghimi, Ahmad, Eisenbarth, Thomas, Sunar, Berk, Hutchison, David, Series Editor, Kanade, Takeo, Series Editor, Kittler, Josef, Series Editor, Kleinberg, Jon M., Series Editor, Mattern, Friedemann, Series Editor, Mitchell, John C., Series Editor, Naor, Moni, Series Editor, Pandu Rangan, C., Series Editor, Steffen, Bernhard, Series Editor, Terzopoulos, Demetri, Series Editor, Tygar, Doug, Series Editor, Weikum, Gerhard, Series Editor, and Smart, Nigel P., editor

Published
2018
Full Text
View/download PDF

28. Fully Homomorphic Encryption from the Finite Field Isomorphism Problem

Author

Doröz, Yarkın, Hoffstein, Jeffrey, Pipher, Jill, Silverman, Joseph H., Sunar, Berk, Whyte, William, Zhang, Zhenfei, Hutchison, David, Series Editor, Kanade, Takeo, Series Editor, Kittler, Josef, Series Editor, Kleinberg, Jon M., Series Editor, Mattern, Friedemann, Series Editor, Mitchell, John C., Series Editor, Naor, Moni, Series Editor, Pandu Rangan, C., Series Editor, Steffen, Bernhard, Series Editor, Terzopoulos, Demetri, Series Editor, Tygar, Doug, Series Editor, Weikum, Gerhard, Series Editor, Abdalla, Michel, editor, and Dahab, Ricardo, editor

Published
2018
Full Text
View/download PDF

32. On-the-fly Homomorphic Batching/Unbatching

Author

Doröz, Yarkın, Çetin, Gizem S., Sunar, Berk, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Clark, Jeremy, editor, Meiklejohn, Sarah, editor, Ryan, Peter Y.A., editor, Wallach, Dan, editor, Brenner, Michael, editor, and Rohloff, Kurt, editor

Published
2016
Full Text
View/download PDF

33. Cache Attacks Enable Bulk Key Recovery on the Cloud

Author

İnci, Mehmet Sinan, Gulmezoglu, Berk, Irazoqui, Gorka, Eisenbarth, Thomas, Sunar, Berk, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Gierlichs, Benedikt, editor, and Poschmann, Axel Y., editor

Published
2016
Full Text
View/download PDF

34. Co-location Detection on the Cloud

Author

İnci, Mehmet Sinan, Gulmezoglu, Berk, Eisenbarth, Thomas, Sunar, Berk, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Standaert, François-Xavier, editor, and Oswald, Elisabeth, editor

Published
2016
Full Text
View/download PDF

35. cuHE: A Homomorphic Encryption Accelerator Library

Author

Dai, Wei, Sunar, Berk, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Pasalic, Enes, editor, and Knudsen, Lars R., editor

Published
2016
Full Text
View/download PDF

37. Accelerating LTV Based Homomorphic Encryption in Reconfigurable Hardware

Author

Doröz, Yarkın, Öztürk, Erdinç, Savaş, Erkay, Sunar, Berk, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Güneysu, Tim, editor, and Handschuh, Helena, editor

Published
2015
Full Text
View/download PDF

38. Accelerating SWHE Based PIRs Using GPUs

Author

Dai, Wei, Doröz, Yarkın, Sunar, Berk, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Brenner, Michael, editor, Christin, Nicolas, editor, Johnson, Benjamin, editor, and Rohloff, Kurt, editor

Published
2015
Full Text
View/download PDF

39. Depth Optimized Efficient Homomorphic Sorting

Author

Çetin, Gizem S., Doröz, Yarkın, Sunar, Berk, Savaş, Erkay, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Lauter, Kristin, editor, and Rodríguez-Henríquez, Francisco, editor

Published
2015
Full Text
View/download PDF

40. A Faster and More Realistic Flush+Reload Attack on AES

Author

Gülmezoğlu, Berk, İnci, Mehmet Sinan, Irazoqui, Gorka, Eisenbarth, Thomas, Sunar, Berk, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Mangard, Stefan, editor, and Poschmann, Axel Y., editor

Published
2015
Full Text
View/download PDF

41. Toward Practical Homomorphic Evaluation of Block Ciphers Using Prince

Author

Doröz, Yarkın, Shahverdi, Aria, Eisenbarth, Thomas, Sunar, Berk, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Kobsa, Alfred, Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Böhme, Rainer, editor, Brenner, Michael, editor, Moore, Tyler, editor, and Smith, Matthew, editor

Published
2014
Full Text
View/download PDF

42. Bandwidth Efficient PIR from NTRU

Author

Doröz, Yarkın, Sunar, Berk, Hammouri, Ghaith, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Kobsa, Alfred, Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Böhme, Rainer, editor, Brenner, Michael, editor, Moore, Tyler, editor, and Smith, Matthew, editor

Published
2014
Full Text
View/download PDF

43. Wait a Minute! A fast, Cross-VM Attack on AES

Author

Irazoqui, Gorka, Inci, Mehmet Sinan, Eisenbarth, Thomas, Sunar, Berk, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Kobsa, Alfred, Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Stavrou, Angelos, editor, Bos, Herbert, editor, and Portokalidis, Georgios, editor

Published
2014
Full Text
View/download PDF

50. An Emerging Threat: Eve Meets a Robot : (Work-in-Progress)

Author

Akdemir, Kahraman D., Karakoyunlu, Deniz, Padir, Taskin, Sunar, Berk, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Sudan, Madhu, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Vardi, Moshe Y., Series editor, Weikum, Gerhard, Series editor, Chen, Liqun, editor, and Yung, Moti, editor

Published
2011
Full Text
View/download PDF

Catalog

Books, media, physical & digital resources
See catalog results