Securing Cloud-assisted Services
|
|
- Allen Osborne
- 5 years ago
- Views:
Transcription
1 Securing Cloud-assisted Services N. Asokan
2 Services are moving to the cloud 2
3 Services are moving to the cloud Example: cloud-based malware scanning service Example: cloud storage 3
4 Cloud-based malware scanning service Needs to learn about apps installed on client devices Can therefore infer personal characteristics of users 4
5 Securing cloud storage Client-side encryption of user data is desirable But naïve client-side encryption conflicts with Storage provider s business requirement: deduplication ([LPA15] ACM CCS 15) End user s usability requirement: multi-device access ([P+17] IEEE IC 17, CeBIT 16) 5
6 New privacy and security concerns arise Example: cloud-based malware scanning service Example: cloud storage Naïve solutions conflict with other requirements privacy, usability, deployability 6
7 CloSer project: the big picture Cloud Security Services , funded by Academy of Finland , funded by Tekes Academics collaborating with Industry Security Usability Deployability/Cost 7
8 The Circle Game: Scalable Private Membership Test Using Trusted Hardware Sandeep Tamrakar 1 Jian Liu 1 Andrew Paverd 1 Jan-Erik Ekberg 2 Benny Pinkas 3 N. Asokan 1 1. Aalto University, Finland 2. Huawei (work done while at Trustonic) 3. Bar-Ilan University, Israel
9 Malware checking Mobile device A h(apk) User Malware DB On-device checking High communication and computation costs Database changes frequently Database is revealed to everyone Cloud-based checking Minimal communication and computation costs Database can change frequently Database is not revealed to everyone User privacy at risk! 9
10 Private Membership Test (PMT) The problem: How to preserve end user privacy when querying cloud-hosted databases? Mobile device A q? Malware DB x 1 x 2 x 3 x n User Lookup Server Server must not learn contents of client query (q). Current solutions (e.g. private set intersection, private information retrieval): Single server: expensive in both computation and/or communication Multiple independent servers: unrealistic in commercial setting Can hardware-assisted trusted execution environments provide a practical solution? 10
11 Trusted Execution Environments are pervasive Other Software Trusted Software Protected Storage Hardware support for - Isolated execution: Trusted Execution Environment - Protected storage: Sealing - Ability to report status to a remote verifier: Remote Attestation Root of Trust Cryptocards Trusted Platform Modules ARM TrustZone Intel Software Guard Extensions [EKA14] Untapped potential of trusted execution environments, IEEE S&P Magazine, 12:04 (2014) 11
12 Background: Kinibi on ARM TrustZone Trusted Untrusted Rich Execution Environment (REE) Trusted Execution Environment (TEE) Kinibi Trusted OS from Trustonic Adversary Observe Client App Shared Memory *Kinibi: Trusted OS from Trustonic Trusted App On-Chip Memory Remote attestation Establish a trusted channel Rich OS TrustZone Hardware Extensions Trusted OS (Kinibi) Private memory Confidentiality Integrity Obliviousness 12
13 Background: Intel SGX Trusted Untrusted OS CPU enforced TEE (enclave) Adversary Observe System Memory Remote attestation User Process Secure memory Enclave App Data App Code TEE (Encrypted & integrity-protected) Enclave Page Cache Enclave Code Enclave Data Confidentiality Integrity Obliviousness only within 4 KB page granularity REE Physical address space 13
14 System model Dictionary provider x 1 x 2... x n Dictionary: X REE Untrusted application Lookup Server TEE Trusted application Information x leak: Memory access patterns i r (q == ) Mobile device A h(apk) Query: q Query buffer User Response: r Response buffer Secure channel with remote attestation 14
15 Path ORAM b 0 b 1 b 2 Untrusted Trusted b 3 b 4 b 5 b 6 b 7 b 8 b 9 b 10 b 11 b 12 b 13 b 14 P 0 P 1 P 2 P 3 P 4 P 5 P 6 P 7 TEE Position Map Stash P 3 P 0 P 37 P 3 b 15 P 1 P 0 b 0 P 3 b 1 P 0 O(log(n)) computational b 0 b 1 b 4 and bconstant 10 communication b 16 overhead per query b 4 P 37 q Not amenable q for simultaneous b 4? queries O(mlog(n)) f locate_block (q) = b4 b 10 P b 14 P 7 Stefanov et al. ACM CCS 2013, 15
16 Android app landscape On average a user installs 95 apps (Yahoo Aviate) Yahoo Aviate study Source: Unique new Android malware samples Source: G Data Source: G Data new-android-malware-samples-every-day Current dictionary size < 2 24 entries Even comparatively high FPR (e.g., ~2-10 ) may have negligible impact on privacy 16
17 Cloud-scale PMT Verify Apps: cloud-based service to check for harmful Android apps prior to installation over 1 billion devices protected by Google s security services, and over 400 million device security scans were conducted per day Android Security 2015 Year in Review (c.f. < 13 million malware samples) 17
18 Requirements Query Privacy: Adversary cannot learn/infer query or response content User can always choose to reveal query content Accuracy: No false negatives However, some false positives are tolerable (i.e. non-zero false positive rate) Response Latency: Respond quickly to each query Server Scalability: Maximize overall throughput (queries per second) 18
19 Requirements revisited Query Privacy: Adversary cannot learn/infer query or response content User can always choose to reveal queries Accuracy: No false negatives However, some false positives are tolerable (i.e. non-zero false positive rate) FPR* = 2-10 Response Latency: Respond quickly to each query Latency* ~ 1s Server Scalability: Maximize overall throughput (queries per second) Dictionary size* = 2 26 entries (~ 67 million entries) * parameters suggested by a major anti-malware vendor 19
20 Carousel design pattern Lookup Server REE Untrusted application TEE Trusted application Dictionary provider x 1 x 2... x n Dictionary: X r = ( q X ) User Mobile device A h(apk) Query: q Response: r Query buffer Response buffer 20
21 Carousel caveats 1. Adversary can measure dictionary processing time Spend equal time processing each dictionary entry 2. Adversary can measure query-response time Only respond after one full carousel cycle Both impact response latency (recall Requirements) Therefore, aim to minimize carousel cycle time 21
22 How to minimize carousel cycle time? Represent dictionary using efficient data structure Various existing data structures support membership test: Bloom Filter Cuckoo hash Experimental evaluation required for carousel approach 22
23 Carousel design pattern REE Lookup Server TEE Dictionary provider x 1 x 2... x n Dictionary: X Encode Untrusted application y 1 y 2... y m Trusted application r = ( q Y ) Dictionary representation: Y Query representation Mobile device A h(apk) Query: q Query buffer User Response: r Response buffer Secure channel with remote attestation 23
24 Experimental evaluation Kinibi on ARM TrustZone Samsung Exynos 5250 (Arndale) 1.7 GHz dual-core ARM Cortex-A17 Android ARM GCC compiler and Kinibi libraries Maximum TA private memory: 1 MB Maximum shared memory: 1 MB Intel SGX HP EliteDesk 800 G2 desktop 3.2 GHz Intel Core i CPU 8 GB RAM Windows 7 (64 bit), 4 KB page size Microsoft C/C++ compiler Intel SGX SDK for Windows Note: Different CPU speeds and architectures 24
25 Performance: batch queries Kinibi on ARM TrustZone Intel SGX 25
26 Performance: steady state Breakdown points Kinibi on ARM TrustZone Intel SGX Beyond breakdown point query response latency increases over time 26
27 Other applications of PMT Private contact discovery in messaging apps Discovery of leaked passwords Signal private contact discovery, Sep 2017 [KLSAP17] PETS
28 The Circle Game: Scalable Private Membership Test Using Trusted Hardware Sandeep Tamrakar 1 Jian Liu 1 Andrew Paverd 1 Jan-Erik Ekberg 2 Benny Pinkas 3 N. Asokan 1 1. Aalto University, Finland 2. Darkmatter (work done while at Trustonic) 3. Bar-Ilan University, Israel
29 Oblivious Neural Network Predictions via MiniONN Transformations N. Asokan (Joint work with Jian Liu, Mika Juuti, Yao Lu) By Source, Fair use,
30 Machine learning as a service (MLaaS) Input Predictions violation of clients privacy 3
31 Running predictions on client-side Model model theft evasion model inversion 4
32 Oblivious Neural Networks (ONN) Given a neural network, is it possible to make it oblivious? server learns nothing about clients' input; clients learn nothing about the model. 5
33 Example: CryptoNets FHE-encrypted input FHE-encrypted predictions High throughput for batch queries from same client High overhead for single queries: 297.5s and 372MB (MNIST dataset) Cannot support: high-degree polynomials, comparisons, [GDLLNW16] CryptoNets, ICML
34 MiniONN: Overview By Source, Fair use, Blinded input oblivious protocols Blinded predictions Low overhead: ~1s Support all common neural networks 7
35 Example Skip to performance z x' y x All operations are in a finite field 8
36 Skip to performance Core idea: use secret sharing for oblivious computation y' z + c s y' c x' client & server have shares and s.t. c y client & server have shares and s.t. Use efficient cryptographic primitives (2PC, additively homomorphic encryption) 9
37 Secret sharing initial input x Note that x c is independent of x. Can be pre-chosen 10
38 Oblivious linear transformation Compute locally by the server Dot-product 11
39 Oblivious linear transformation: dot-product Homomorphic Encryption with SIMD u + v = W x c ; Note: u, v, and W x c are independent of x. <u,v,x c > generated/stored in a precomputation phase 12
40 Oblivious linear transformation 13
41 Oblivious linear transformation 14
42 Oblivious activation/pooling functions Piecewise linear functions e.g., ReLU: Oblivious ReLU: - easily computed obliviously by a garbled circuit 15
43 Oblivious activation/pooling functions Smooth functions e.g., Sigmoid: Oblivious sigmoid: x s + x c : = 1/(1 + e ( y - approximate by a piecewise linear function - then compute obliviously by a garbled circuit - empirically: ~14 segments sufficient s + y c ) ) 16
44 Combining the final result They can jointly calculate max(y 1,y 2 ) (for minimizing information leakage) 18
45 Core idea: use secret sharing for oblivious computation y' z + c s y' c x' c y 19
46 Performance (for single queries) Model Latency (s) Msg sizes (MB) Loss of accuracy MNIST/Square 0.4 (+ 0.88) 44 (+ 3.6) none CIFAR-10/ReLU 472 (+ 72) 6226 (+ 3046) none PTB/Sigmoid 4.39 (+ 13.9) 474 (+ 86.7) Less than 0.5% (cross-entropy loss) Pre-computation phase timings in parentheses PTB = Penn Treebank 22
47 MiniONN pros and cons Skip to End x faster than CryptoNets Still ~1000x slower than without privacy Can transform any given neural network to its oblivious variant Server can no longer filter requests or do sophisticated metering Assumes online connectivity to server Reveals structure (but not params) of NN 23
48 Using a client-side TEE to vet input 5. MiniONN protocol + Input/Metering Certificate 4. Input, Input/Metering Certificate 3. Input 1. Attest client s TEE app 2. Provision filtering policy MiniONN + policy filtering + advanced metering 25
49 Using a client-side TEE to run the model 5. Metering Certificate 4. Predictions + Metering Certificate 3. Input 1. Attest client s TEE app 2. Provision model configuration, filtering policy MiniONN + policy filtering + advanced metering + disconnected operation + performance + better privacy - harder to reason about model secrecy 26
50 Using a server-side TEE to run the model 3. Provision model configuration, filtering policy 1. Attest server s TEE app 2. Input 4. Prediction MiniONN + policy filtering + advanced metering - disconnected operation + performance + better privacy 27
51 MiniONN: Efficiently transform any given neural network into oblivious form with no/negligible accuracy loss Trusted Computing can help realize improved security and privacy for ML ML is very fragile in adversarial settings ACM CCS
52 Conclusions Cloud-assisted services raise new security/privacy concerns But naïve solutions may conflict with privacy, usability, deployability, Cloud-assisted malware scanning Carousel approach is promising Generalization to privacy-preserving ML predictions [TLPEPA17] Circle Game, ASIACCS 2017 [LJLA17] MiniONN, ACM CCS
Jian Liu, Sara Ramezanian
CloSer WP2: Privacyenhancing Technologies Jian Liu, Sara Ramezanian Overview Seek to understand how user privacy is impacted by cloud-assisted security services Develop a suite of privacy-enhancing technologies
More informationarxiv: v4 [cs.cr] 17 Feb 2017
The Circle Game: Scalable Private Membership Test Using Trusted Hardware arxiv:160601655v4 [cscr] 17 Feb 2017 Abstract Sandeep Tamrakar Aalto University sandeeptamrakar@aaltofi Jan-Erik Ekberg Darkmatter
More informationInformation Security Research and Education at Aalto. N. Asokan
Information Security Research and Education at Aalto N. Asokan http://asokan.org/asokan/ @nasokan About me Professor, Aalto University, from Aug 2013 Professor, University of Helsinki, 2012-2017 IEEE Fellow
More informationInformation Security Research and Education at Aalto. N. Asokan
Information Security Research and Education at Aalto N. Asokan http://asokan.org/asokan/ @nasokan About me Professor, Aalto University, from Aug 2013 Professor, University of Helsinki, 2012-2017 IEEE Fellow
More informationPrivate Set Intersection for Unequal Set Sizes with Mobile Applications
Private Set Intersection for Unequal Set Sizes with Mobile Applications Ágnes Kiss (TU Darmstadt) Jian Liu (Aalto University) Thomas Schneider (TU Darmstadt) N. Asokan (Aalto University) Benny Pinkas (Bar-Ilan
More informationSearchable Encryption Using ORAM. Benny Pinkas
Searchable Encryption Using ORAM Benny Pinkas 1 Desiderata for Searchable Encryption Security No leakage about the query or the results Functionality Variety of queries that are supported Performance 2
More informationBUILDING SECURE (CLOUD) APPLICATIONS USING INTEL S SGX
BUILDING SECURE (CLOUD) APPLICATIONS USING INTEL S SGX FLORIAN KERSCHBAUM, UNIVERSITY OF WATERLOO JOINT WORK WITH BENNY FUHRY (SAP), ANDREAS FISCHER (SAP) AND MANY OTHERS DO YOU TRUST YOUR CLOUD SERVICE
More informationLecture 3 MOBILE PLATFORM SECURITY
Lecture 3 MOBILE PLATFORM SECURITY You will be learning: What techniques are used in mobile software platform security? What techniques are used in mobile hardware platform security? Is there a common
More informationSlalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian Tramèr (joint work with Dan Boneh) Intel, Santa Clara August 30 th 2018 Trusted execution of ML: 3 motivating
More informationFaster Private Set Intersection based on OT Extension
Faster Private Set Intersection based on OT Extension Michael Zohner (TU Darmstadt) Joint work with Benny Pinkas (Bar Ilan University) Thomas Schneider (TU Darmstadt) 22.08.14 Faster PSI based on OT extension
More informationKiss, Ágnes; Liu, Jian; Schneider, Thomas ; Asokan, N.; Pinkas, Benny Private Set Intersection for Unequal Set Sizes with Mobile Applications
Powered by TCPDF (www.tcpdf.org) This is an electronic reprint of the original article. This reprint may differ from the original in pagination and typographic detail. Kiss, Ágnes; Liu, Jian; Schneider,
More informationSlalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian Tramèr (joint work with Dan Boneh) Stanford security lunch June 13 th Trusted execution of ML: 3 motivating
More informationPractical Secure Two-Party Computation and Applications
Practical Secure Two-Party Computation and Applications Lecture 2: Private Set Intersection Estonian Winter School in Computer Science 2016 Overview of this lecture Private Set Intersection Special Purpose
More informationA HIGH-PERFORMANCE OBLIVIOUS RAM CONTROLLER ON THE CONVEY HC-2EX HETEROGENEOUS COMPUTING PLATFORM
A HIGH-PERFORMANCE OBLIVIOUS RAM CONTROLLER ON THE CONVEY HC-2EX HETEROGENEOUS COMPUTING PLATFORM BASED ON PHANTOM: PRACTICAL OBLIVIOUS COMPUTATION IN A SECURE PROCESSOR FROM CCS-2013! Martin Maas, Eric
More informationOld, New, Borrowed, Blue: A Perspective on the Evolution of Mobile Platform Security Architectures
Old, New, Borrowed, Blue: A Perspective on the Evolution of Mobile Platform Security Architectures N. Asokan ACM CODASPY 11 Joint work with Kari Kostiainen, Elena Reshetova, Jan-Erik Ekberg Feb 22, 2011
More informationIntel Software Guard Extensions (Intel SGX) Memory Encryption Engine (MEE) Shay Gueron
Real World Cryptography Conference 2016 6-8 January 2016, Stanford, CA, USA Intel Software Guard Extensions (Intel SGX) Memory Encryption Engine (MEE) Shay Gueron Intel Corp., Intel Development Center,
More informationCSC 5930/9010 Cloud S & P: Cloud Primitives
CSC 5930/9010 Cloud S & P: Cloud Primitives Professor Henry Carter Spring 2017 Methodology Section This is the most important technical portion of a research paper Methodology sections differ widely depending
More informationLectures 6+7: Zero-Leakage Solutions
Lectures 6+7: Zero-Leakage Solutions Contents 1 Overview 1 2 Oblivious RAM 1 3 Oblivious RAM via FHE 2 4 Oblivious RAM via Symmetric Encryption 4 4.1 Setup........................................ 5 4.2
More informationMachine Learning on Encrypted Data
Machine Learning on Encrypted Data Kim Laine Microsoft Research, Redmond WA January 5, 2017 Joint Mathematics Meetings 2017, Atlanta GA AMS-MAA Special Session on Mathematics of Cryptography Two Tracks
More informationMobile Platform Security Architectures A perspective on their evolution
Mobile Platform Security Architectures A perspective on their evolution N. Asokan CARDIS 2012 Graz, Austria November 29, 2012 1 NA, KKo, JEE, Nokia Resarch Center 2011-2012 Introduction Recent interest
More informationAscend: Architecture for Secure Computation on Encrypted Data Oblivious RAM (ORAM)
CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 7b Ascend: Architecture for Secure Computation on Encrypted Data Oblivious RAM (ORAM) Marten van Dijk Syed Kamran Haider, Chenglu Jin, Phuong Ha Nguyen
More informationPrivacy-Preserving Computation with Trusted Computing via Scramble-then-Compute
Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Hung Dang, Anh Dinh, Ee-Chien Chang, Beng Chin Ooi School of Computing National University of Singapore The Problem Context:
More informationHow I Learned to Stop Worrying and Love the Internet of Things
SESSION ID: SSC-W07 How I Learned to Stop Worrying and Love the Internet of Things Steven Sprague CEO Rivetz Corp @skswave The Big Shift Known Networks Ports Firewalls Packets SSL Known Devices Identity
More informationLeveraging Intel SGX to Create a Nondisclosure Cryptographic library
CS 2530 - Computer and Network Security Project presentation Leveraging Intel SGX to Create a Nondisclosure Cryptographic library Mohammad H Mofrad & Spencer L Gray University of Pittsburgh Thursday, December
More informationTrusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July IETF 99 th, Prague
Trusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July 2017 -- IETF 99 th, Prague 2 What do we mean by security? Communication Security Aims
More informationCLASS AGENDA. 9:00 9:15 a.m. 9:15 10:00 a.m. 10:00 12:00 p.m. 12:00 1:00 p.m. 1:00 3:00 p.m. 3:00 5:00 p.m.
CLASS AGENDA INTEL SGX OVERVIEW... DEVELOPER TOOLKIT... DEVELOPING FOR INTEL SGX... BREAK FOR LUNCH... PROVISIONING SECRETS... DATA SEALING...... 9:00 9:15 a.m. 9:15 10:00 a.m. 10:00 12:00 p.m. 12:00 1:00
More informationSanctum: Minimal HW Extensions for Strong SW Isolation
CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 7a Sanctum: Minimal HW Extensions for Strong SW Isolation Marten van Dijk Syed Kamran Haider, Chenglu Jin, Phuong Ha Nguyen Department of Electrical &
More informationA Machine Learning Approach to Privacy-Preserving Data Mining Using Homomorphic Encryption
A Machine Learning Approach to Privacy-Preserving Data Mining Using Homomorphic Encryption Seiichi Ozawa Center for Mathematical Data Science Graduate School of Engineering Kobe University 2 What is PPDM?
More informationOn-board Credentials. N. Asokan Kari Kostiainen. Joint work with Jan-Erik Ekberg, Pekka Laitinen, Aarne Rantala (VTT)
On-board Credentials N. Asokan Kari Kostiainen Joint work with Jan-Erik Ekberg, Pekka Laitinen, Aarne Rantala (VTT) SPACE 2012 Chennai, India October 31, 2012 Outline On-board Credentials (ObCs): What
More informationGraphene-SGX. A Practical Library OS for Unmodified Applications on SGX. Chia-Che Tsai Donald E. Porter Mona Vij
Graphene-SGX A Practical Library OS for Unmodified Applications on SGX Chia-Che Tsai Donald E. Porter Mona Vij Intel SGX: Trusted Execution on Untrusted Hosts Processing Sensitive Data (Ex: Medical Records)
More informationA Comparison Study of Intel SGX and AMD Memory Encryption Technology
A Comparison Study of Intel SGX and AMD Memory Encryption Technology Saeid Mofrad, Fengwei Zhang Shiyong Lu Wayne State University {saeid.mofrad, Fengwei, Shiyong}@wayne.edu Weidong Shi (Larry) University
More informationRISCV with Sanctum Enclaves. Victor Costan, Ilia Lebedev, Srini Devadas
RISCV with Sanctum Enclaves Victor Costan, Ilia Lebedev, Srini Devadas Today, privilege implies trust (1/3) If computing remotely, what is the TCB? Priviledge CPU HW Hypervisor trusted computing base OS
More informationEmbedded System Security Mobile Hardware Platform Security
1 Embedded System Security Mobile Hardware Platform Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Germany Summer Term 2017 Acknowledgement This slide set
More informationDemo Day 2015 N. Asokan, Tuomas Aura, Valtteri Niemi
Secure Systems Groups Demo Day 2015 N. Asokan, Tuomas Aura, Valtteri Niemi State of the Union 2 Who are we? Aalto University 2 professors 1 (+1) postdocs 5 full-time & several industrial PhD students Several
More informationEmbedded System Security Mobile Hardware Platform Security
1 Embedded System Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Germany Summer Term 2016 Acknowledgement This slide set is based on slides provided by
More informationUsable PIR. Network Security and Applied. Cryptography Laboratory.
Network Security and Applied Cryptography Laboratory http://crypto.cs.stonybrook.edu Usable PIR NDSS '08, San Diego, CA Peter Williams petertw@cs.stonybrook.edu Radu Sion sion@cs.stonybrook.edu ver. 2.1
More informationDemonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions. Andrei Costin
Demonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions Topic Prerequisites Security concepts Security-related concepts (e.g., entropy) Virtualization
More informationSafeBricks: Shielding Network Functions in the Cloud
SafeBricks: Shielding Network Functions in the Cloud Rishabh Poddar, Chang Lan, Raluca Ada Popa, Sylvia Ratnasamy UC Berkeley Network Functions (NFs) in the cloud Clients 2 Enterprise Destination Network
More informationTRUSTED COMPUTING TECHNOLOGIES
TRUSTED COMPUTING TECHNOLOGIES TEE = Trusted Execution Environment Mandatory reading Innovative Instructions and Software Model for Isolated Execution, Frank McKeen, Ilya Alexandrovich, Alex Berenzon,
More informationMemory Defenses. The Elevation from Obscurity to Headlines. Rajeev Balasubramonian School of Computing, University of Utah
Memory Defenses The Elevation from Obscurity to Headlines Rajeev Balasubramonian School of Computing, University of Utah Image sources: pinterest, gizmodo 2 Spectre Overview Victim Code x is controlled
More informationA Developer's Guide to Security on Cortex-M based MCUs
A Developer's Guide to Security on Cortex-M based MCUs 2018 Arm Limited Nazir S Arm Tech Symposia India Agenda Why do we need security? Types of attacks and security assessments Introduction to TrustZone
More informationSecure Remote Storage Using Oblivious RAM
Secure Remote Storage Using Oblivious RAM Giovanni Malloy Mentors: Georgios Kellaris, Kobbi Nissim August 11, 2016 Abstract Oblivious RAM (ORAM) is a protocol that allows a user to access the data she
More informationObliviate: A Data Oblivious File System for Intel SGX. Adil Ahmad Kyungtae Kim Muhammad Ihsanulhaq Sarfaraz Byoungyoung Lee
Obliviate: A Data Oblivious File System for Intel SGX Adil Ahmad Kyungtae Kim Muhammad Ihsanulhaq Sarfaraz Byoungyoung Lee 1 Clouds? The Ultimate Dream? User Clouds 2 Clouds? The Ultimate Dream? User Clouds
More informationPrivate Set Intersection for Unequal Set Sizes with Mobile Applications
Private Set Intersection for Unequal Set Sizes with Mobile Applications (Full Version) Ágnes Kiss 1, Jian Liu 2, Thomas Schneider 1, N. Asokan 2, Benny Pinkas 3 1 TU Darmstadt, Germany {agnes.kiss, thomas.schneider}@crisp-da.de
More informationM 2 R: Enabling Stronger Privacy in MapReduce Computa;on
M 2 R: Enabling Stronger Privacy in MapReduce Computa;on Anh Dinh, Prateek Saxena, Ee- Chien Chang, Beng Chin Ooi, Chunwang Zhang School of Compu,ng Na,onal University of Singapore 1. Mo;va;on Distributed
More informationTown Crier. Authenticated Data Feeds For Smart Contracts. CS5437 Lecture by Kyle Croman and Fan Zhang Mar 18, 2016
Town Crier Authenticated Data Feeds For Smart Contracts CS5437 Lecture by Kyle Croman and Fan Zhang Mar 18, 2016 Smart Contract Decentralized App: Programs are executed by all miners who reach consensus
More informationKomodo: Using Verification to Disentangle Secure-Enclave Hardware from Software
Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software Andrew Ferraiuolo, Andrew Baumann, Chris Hawblitzel, Bryan Parno* Microsoft Research, Cornell University, Carnegie Mellon
More informationBuilding Trust Despite Digital Personal Devices
Building Trust Despite Digital Personal Devices OpenIT - 07.03.2014 by Javier González Javier González - jgon@itu.dk Philippe Bonnet - phbo@itu.dk Digital Society Distrust Users Personal Information! Information
More informationCache Side Channel Attacks on Intel SGX
Cache Side Channel Attacks on Intel SGX Princeton University Technical Report CE-L2017-001 January 2017 Zecheng He Ruby B. Lee {zechengh, rblee}@princeton.edu Department of Electrical Engineering Princeton
More informationThe Ascend Secure Processor. Christopher Fletcher MIT
The Ascend Secure Processor Christopher Fletcher MIT 1 Joint work with Srini Devadas, Marten van Dijk Ling Ren, Albert Kwon, Xiangyao Yu Elaine Shi & Emil Stefanov David Wentzlaff & Princeton Team (Mike,
More informationMassively Parallel Hardware Security Platform
Massively Parallel Hardware Security Platform Dan Cvrček, Enigma Bridge, UK dan@enigmabridge.com Petr Švenda, CRoCS, Masaryk University, CZ svenda@fi.muni.cz Overview 1. Cryptography as a Service 2. Usage
More informationFirmware Updates for Internet of Things Devices
Firmware Updates for Internet of Things Devices Brendan Moran, Milosch Meriac, Hannes Tschofenig Drafts: draft-moran-suit-architecture draft-moran-suit-manifest 1 WHY DO WE CARE? 2 IoT needs a firmware
More informationEncrypted Deep Learning: A Guide to Privacy Preserving Speech Processing
Encrypted Deep Learning: A Guide to Privacy Preserving Speech Processing Nigel Cannings CTO nigel.cannings@intelligentvoice.com www.intelligentvoice.com @intelligentvox #GTC17 For $100 What is this encrypted
More informationResearch Statement. Yehuda Lindell. Dept. of Computer Science Bar-Ilan University, Israel.
Research Statement Yehuda Lindell Dept. of Computer Science Bar-Ilan University, Israel. lindell@cs.biu.ac.il www.cs.biu.ac.il/ lindell July 11, 2005 The main focus of my research is the theoretical foundations
More informationTerra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006)
Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006) Trusted Computing Hardware What can you do if you have
More informationAvanan for G Suite. Technical Overview. Copyright 2017 Avanan. All rights reserved.
Avanan for G Suite Technical Overview Contents Intro 1 How Avanan Works 2 Email Security for Gmail 3 Data Security for Google Drive 4 Policy Automation 5 Workflows and Notifications 6 Authentication 7
More informationHardening Fingerprint Authentication Systems Using Intel s SGX Enclave Technology. Interim Progress Report
Hardening Fingerprint Authentication Systems Using Intel s SGX Enclave Technology Interim Progress Report DELL-EMC Envision the Future Competition 2018 Table of Contents List of Figures... 3 List of tables...
More informationDepartment of Computer Science
Department of Computer Science A pplications of Trusted E xecution Environments (TEEs) Sandeep Tamrakar D O C T O R A L D I S S E R T A T I O N S series publication University Aalto DISSERTATIONS OCTORAL
More informationUsing Fully Homomorphic Encryption for Statistical Analysis of Categorical, Ordinal and Numerical Data
Using Fully Homomorphic Encryption for Statistical Analysis of Categorical, Ordinal and Numerical Data Wen-jie Lu 1, Shohei Kawasaki 1, Jun Sakuma 1,2,3 1. University of Tsukuba, Japan 2. JST CREST 3.
More informationCIS 4360 Secure Computer Systems SGX
CIS 4360 Secure Computer Systems SGX Professor Qiang Zeng Spring 2017 Some slides are stolen from Intel docs Previous Class UEFI Secure Boot Windows s Trusted Boot Intel s Trusted Boot CIS 4360 Secure
More informationOn the Revocation of U-Prove Tokens
On the Revocation of U-Prove Tokens Christian Paquin, Microsoft Research September nd 04 U-Prove tokens provide many security and privacy benefits over conventional credential technologies such as X.509
More informationSGX BigMatrix A Practical Encrypted Data Analytic Framework with Trusted Processors
UT DALLAS Erik%Jonsson%School%of%Engineering%&%Computer%Science SGX BigMatrix A Practical Encrypted Data Analytic Framework with Trusted Processors Fahad Shaon Murat Kantarcioglu Zhiqiang Lin Latifur Khan
More informationINFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD
Faculty of Computer Science Institute of Systems Architecture, Operating Systems Group INFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD OVERVIEW Fundamental
More informationCOMPOSABLE AND ROBUST OUTSOURCED STORAGE
SESSION ID: CRYP-R14 COMPOSABLE AND ROBUST OUTSOURCED STORAGE Christian Badertscher and Ueli Maurer ETH Zurich, Switzerland Motivation Server/Database Clients Write Read block 2 Outsourced Storage: Security
More informationEC-Bench: Benchmarking Onload and Offload Erasure Coders on Modern Hardware Architectures
EC-Bench: Benchmarking Onload and Offload Erasure Coders on Modern Hardware Architectures Haiyang Shi, Xiaoyi Lu, and Dhabaleswar K. (DK) Panda {shi.876, lu.932, panda.2}@osu.edu The Ohio State University
More informationEfficient Private Information Retrieval
Efficient Private Information Retrieval K O N S T A N T I N O S F. N I K O L O P O U L O S T H E G R A D U A T E C E N T E R, C I T Y U N I V E R S I T Y O F N E W Y O R K K N I K O L O P O U L O S @ G
More informationKey Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering. Key Threats Internet was just growing Mail was on the verge
Key Threats Internet was just growing Mail was on the verge Key Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering Key Threats Code Red and Nimda (2001), Blaster (2003), Slammer
More informationMLCapsule: Guarded Offline Deployment of Machine Learning as a Service
MLCapsule: Guarded Offline Deployment of Machine Learning as a Service Lucjan Hanzlik, Yang Zhang, Kathrin Grosse, Ahmed Salem, Max Augustin, Michael Backes, Mario Fritz CISPA, Saarland Informatics Campus
More information(Ever More) Efficient Protocols for Secure Jonathan Katz Associate Professor Dept. of Computer Science
(Ever More) Efficient Protocols for Secure Computa@on Jonathan Katz Associate Professor Dept. of Computer Science x 7 x 6 x 1 (y 1,y 2,,y n ) = f(x 1,x 2,,x n ) x 5 x 2 x 4 x 3 x 7 xy 7 x 6 x 1 xy 1 xy
More informationA Proposed Standard for Entity Attestation draft-mandyam-eat-00. Laurence Lundblade. November 2018
A Proposed Standard for Entity Attestation draft-mandyam-eat-00 Laurence Lundblade November 2018 1 EAT Overall System Entity (e.g., Chip, Device ) Immutable private key for signing. Stored securely on
More informationUS Census Bureau Workshop on Multi-party Computing. David W. Archer, PhD 16-Nov-2017
US Census Bureau Workshop on Multi-party Computing David W. Archer, PhD 16-Nov-2017 Census First-round Adoption Concerns Technology maturity Computational overhead Complexity of getting this stuff to work
More informationAnd Then There Were More:
David Naylor Carnegie Mellon And Then There Were More: Secure Communication for More Than Two Parties Richard Li University of Utah Christos Gkantsidis Microsoft Research Thomas Karagiannis Microsoft Research
More informationBinding keys to programs using Intel SGX remote attestation
Binding keys to programs using Intel SGX remote attestation Mark D. Ryan London Crypto Day 22 September 2017 1 Intel SGX Intel SGX is a set of processor instructions which allow one: To set up an enclave
More informationOn-board Credentials. N. Asokan Nokia Research Center, Helsinki. Joint work with Jan-Erik Ekberg, Kari Kostiainen, Pekka Laitinen, Aarne Rantala (VTT)
On-board Credentials N. Asokan Nokia Research Center, Helsinki Joint work with Jan-Erik Ekberg, Kari Kostiainen, Pekka Laitinen, Aarne Rantala (VTT) Padova, July 2012 Outline On-board Credentials (ObCs):
More informationCPS 510 final exam, 4/27/2015
CPS 510 final exam, 4/27/2015 Your name please: This exam has 25 questions worth 12 points each. For each question, please give the best answer you can in a few sentences or bullets using the lingo of
More informationSearchable Symmetric Encryption: Optimal Locality in Linear Space via Two-Dimensional Balanced Allocations
Searchable Symmetric Encryption: Optimal Locality in Linear Space via Two-Dimensional Balanced Allocations Gilad Asharov Cornell-Tech Moni Naor Gil Segev Ido Shahaf (Hebrew University) Weizmann Hebrew
More informationLECTURE 4: LARGE AND FAST: EXPLOITING MEMORY HIERARCHY
LECTURE 4: LARGE AND FAST: EXPLOITING MEMORY HIERARCHY Abridged version of Patterson & Hennessy (2013):Ch.5 Principle of Locality Programs access a small proportion of their address space at any time Temporal
More informationSoftFlash: Programmable Storage in Future Data Centers Jae Do Researcher, Microsoft Research
SoftFlash: Programmable Storage in Future Data Centers Jae Do Researcher, Microsoft Research 1 The world s most valuable resource Data is everywhere! May. 2017 Values from Data! Need infrastructures for
More information9 GENERATION INTEL CORE DESKTOP PROCESSORS
PRODUCT BRIEF 9 GENERATION INTEL CORE DESKTOP PROCESSORS TH The Most Powerful Generation of Intel Core Processors Introducing the NEW 9th Gen Intel Core desktop processors - the most powerful generation
More informationHow to (not) Share a Password:
How to (not) Share a Password: Privacy preserving protocols for finding heavy hitters with adversarial behavior Moni Naor Benny Pinkas Eyal Ronen Passwords First modern use in MIT's CTSS (1961) Passwords
More informationMaking Searchable Encryption Scale to the Cloud. Ian Miers and Payman Mohassel
Making Searchable Encryption Scale to the Cloud Ian Miers and Payman Mohassel End to end Encryption No encryption Transport encryption End2End Encryption Service provider Service provider Service provider
More informationRecommendations for TEEP Support of Intel SGX Technology
Recommendations for TEEP Support of Intel SGX Technology Overview of SGX & Selected TEEP Topics David M. Wheeler david.m.wheeler@intel.com 1 Apologies If you are really interested in the details of SGX
More informationFORWARD PRIVATE SEARCHABLE ENCRYPTION
FORWARD PRIVATE SEARCHABLE ENCRYPTION DATE 13/07/2016 MSR CAMBRIDGE - RAPHAEL BOST Searchable Encryption Outsource data securely keep search functionalities Generic Solutions We can use generic tools
More informationSecurely Outsourcing Garbled Circuit Evaluation
Securely Outsourcing Garbled Circuit Evaluation USENIX Security Symposium 2013 Henry Hank Carter Patrick Traynor Benjamin Mood Kevin Butler SMC on mobile devices Mobile devices loaded with private and
More informationNear-Data Processing for Differentiable Machine Learning Models
Near-Data Processing for Differentiable Machine Learning Models Hyeokjun Choe 1, Seil Lee 1, Hyunha Nam 1, Seongsik Park 1, Seijoon Kim 1, Eui-Young Chung 2 and Sungroh Yoon 1,3 1 Electrical and Computer
More informationIntel Security Dev API 1.0 Production Release
1.0 Production Release Release Notes 24 August 2017 Version History/Revision History Date Revision Description August 2017 1.0 Limited Production Release March 2017 0.61 Limited External Distribution Intended
More informationAuthenticated Storage Using Small Trusted Hardware Hsin-Jung Yang, Victor Costan, Nickolai Zeldovich, and Srini Devadas
Authenticated Storage Using Small Trusted Hardware Hsin-Jung Yang, Victor Costan, Nickolai Zeldovich, and Srini Devadas Massachusetts Institute of Technology November 8th, CCSW 2013 Cloud Storage Model
More informationMicro-Architectural Attacks and Countermeasures
Micro-Architectural Attacks and Countermeasures Çetin Kaya Koç koc@cs.ucsb.edu Çetin Kaya Koç http://koclab.org Winter 2017 1 / 25 Contents Micro-Architectural Attacks Cache Attacks Branch Prediction Attack
More informationIntel Software Guard Extensions
Intel Software Guard Extensions Dr. Matthias Hahn, Intel Deutschland GmbH July 12 th 2017 cryptovision Mindshare, Gelsenkirchen Intel SGX Making Headlines Premium Content requiring Intel SGX on PC Intel
More informationSide Channels and Runtime Encryption Solutions with Intel SGX
Leader in Runtime Encryption Whitepaper Side Channels and Runtime Encryption Solutions with Intel SGX by Andy Leiserson, Chief Architect at Fortanix Executive Summary Introduction to Side Channel Attacks
More informationRacing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races. CS 563 Young Li 10/31/18
Racing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races CS 563 Young Li 10/31/18 Intel Software Guard extensions (SGX) and Hyper-Threading What is Intel SGX? Set of
More informationfrom circuits to RAM programs in malicious-2pc
from circuits to RAM programs in malicious-2pc Abstract: Secure 2-party computation (2PC) is becoming practical in some domains However, most approaches are limited by the fact that the desired functionality
More informationCrypto Background & Concepts SGX Software Attestation
CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 4b Slide deck extracted from Kamran s tutorial on SGX, presented during ECE 6095 Spring 2017 on Secure Computation and Storage, a precursor to this course
More informationFujitsu World Tour 2018
Fujitsu World Tour 2018 May 30, 2018 #FujitsuWorldTour 1 Copyright 2018 FUJITSU Security and Privacy of Big Data A NIST Perspective Arnab Roy Fujitsu Laboratories of America Co-Chair, NIST Big Data WG:
More informationSMART DEVICES: DO THEY RESPECT YOUR PRIVACY?
SMART DEVICES: DO THEY RESPECT YOUR PRIVACY? Systems and Mobile Research Lab, Department of Computer Science and Engineering INDIAN INSTITUTE OF TECHNOLOGY KHARAGPUR Presenter: Sandip Chakraborty sandipc@cse.iitkgp.ac.in
More informationROTE: Rollback Protection for Trusted Execution
ROTE: Rollback Protection for Trusted Execution Sinisa Matetic, Mansoor Ahmed, Kari Kostiainen, Aritra Dhar, David Sommer, Arthur Gervais, Ari Juels, Srdjan Capkun Siniša Matetić ETH Zurich Institute of
More informationInfluential OS Research Security. Michael Raitza
Influential OS Research Security Michael Raitza raitza@os.inf.tu-dresden.de 1 Security recap Various layers of security Application System Communication Aspects of security Access control / authorization
More informationThomas Lippert Principal Product Manager. Sophos Mobile. Spring 2017
Thomas Lippert Principal Product Manager Sophos Mobile Spring 2017 Market Overview Trends Security or data breaches involving mobile devices are on the rise More people use mobile devices for work than
More informationSecure Set Intersection with Untrusted Hardware Tokens
Secure Set Intersection with Untrusted Hardware Tokens Thomas Schneider Engineering Cryptographic Protocols Group, TU Darmstadt http://encrypto.de joint work with Marc Fischlin (TU Darmstadt) Benny Pinkas
More informationT-SGX: Eradicating Controlled-Channel
T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs Ming-Wei Shih Sangho Lee Taesoo Kim Marcus Peinado Georgia Institute of Technology Microsoft Research 2 3 Intel SGX aims to secure
More information