Securing Interruptible Enclaves (PriSC 2020 - Principles of Secure Compilation 2020)

Sun 19 - Sat 25 January 2020 New Orleans, Louisiana, United States

Who

Matteo Busi, Job Noorman, Jo Van Bulck, Letterio Galletta, Pierpaolo Degano, Jan Tobias Mühlberg, Frank Piessens

Track

PriSC 2020 Principles of Secure Compilation

The program is currently displayed in (GMT-06:00) Saskatchewan, Central America.

Use conference time zone: (GMT-06:00) Saskatchewan, Central AmericaSelect other time zone

Apply

When

Sat 25 Jan 2020 16:23 - 16:47 at Rosalie - Compartmentalization, memory safety, and isolation Chair(s): Marco Patrignani, Jonathan Protzenko

Abstract

Computer systems often provide hardware support for isolation mechanisms like privilege levels, virtual memory, or enclaved execution. Over the past few years, several successful software-based side-channel attacks have been developed that break, or at least significantly weaken, the isolation that these mechanisms offer. Extending a processor with new (micro)architectural features brings a risk of enabling new such side-channel attacks.

Here, we summarize our work in extending a processor with new features \emph{without} weakening the security of the isolation mechanisms that it offers.

For that, we first argue that a sensible formal criterion for proving the security of a processor extension is \emph{full abstraction}. Then, we sketch the proof that our carefully designed extension of a microprocessor supports interruptibility of enclaved executions in a secure manner.

File attachments

(talk.pdf)	252KiB

Matteo Busi

Università di Pisa - Dipartimento di Informatica

Job Noorman

imec-DistriNet, Dept. of Computer Science, KU Leuven, Belgium

Jo Van Bulck

imec-DistriNet, Dept. of Computer Science, KU Leuven, Belgium

Letterio Galletta

IMT School for Advanced Studies

Pierpaolo Degano

Università di Pisa - Dipartimento di Informatica

Jan Tobias Mühlberg

imec-DistriNet, Dept. of Computer Science, KU Leuven, Belgium

Frank Piessens

KU Leuven

Presentation

The program is currently displayed in (GMT-06:00) Saskatchewan, Central America.

Use conference time zone: (GMT-06:00) Saskatchewan, Central AmericaSelect other time zone

Apply

Session Program

Sat 25 Jan
Times are displayed in time zone: (GMT-06:00) Saskatchewan, Central America change

15:35 - 17:45: Principles of Secure Compilation 2020 - Compartmentalization, memory safety, and isolation at Rosalie
Chair(s): Marco PatrignaniStanford University & CISPA , Jonathan ProtzenkoMicrosoft Research, Redmond

15:35 - 15:59
Talk

Flexible Tag-based Policies for Compartmentalized C

Sean AndersonPortland State University, Andrew TolmachPortland State University, Chris ChhakPortland State University

Media Attached File Attached

15:59 - 16:23
Talk

Mechanized Reasoning about a Capability Machine

Aina Linn GeorgesAarhus University, Alix TrieuAarhus University, Lars BirkedalAarhus University

Media Attached

16:23 - 16:47
Talk

Securing Interruptible Enclaves

Matteo BusiUniversità di Pisa - Dipartimento di Informatica, Job Noormanimec-DistriNet, Dept. of Computer Science, KU Leuven, Belgium, Jo Van Bulckimec-DistriNet, Dept. of Computer Science, KU Leuven, Belgium, Letterio GallettaIMT School for Advanced Studies, Pierpaolo DeganoUniversità di Pisa - Dipartimento di Informatica, Jan Tobias Mühlbergimec-DistriNet, Dept. of Computer Science, KU Leuven, Belgium, Frank PiessensKU Leuven

Media Attached File Attached

16:47 - 16:57
Break

Mini-break

16:57 - 17:21
Talk

WebAssembly as an Intermediate Language for Provably-Safe Software Sandboxing

Jay BosamiyaCarnegie Mellon University, Benjamin LimCarnegie Mellon University, Bryan ParnoCarnegie Mellon University

Media Attached File Attached

17:21 - 17:45
Talk

Memory Safety Preservation for WebAssembly

Marco VassenaCISPA Helmholtz Center for Information Security, Marco PatrignaniStanford University & CISPA

Link to publication Media Attached File Attached