ABSTRACT
We present OASIS, a CPU instruction set extension for externally verifiable initiation, execution, and termination of an isolated execution environment with a trusted computing base consisting solely of the CPU. OASIS leverages the hardware components available on commodity CPUs to achieve a low-cost, low-overhead design.
- ARM Security Technology - Building a Secure System using TrustZone Technology, 2009. Available at http://infocenter.arm.com/.Google Scholar
- The CDW 2011 Cloud Computing Tracking Poll, 2011. Available at www.cdw.com.Google Scholar
- Intel Trusted Execution Technology (Intel TXT) - Software Development Guide, 2013. Document Number: 315168-009 Available at www.intel.com.{4} Bosch, C., Guajardo, J., Sadeghi, A.-R., Shokrollahi, J., and Tuyls, P. Efficient Helper Data Key Extractor on FPGAs. In Cryptographic Hardware and Embedded Systems (CHES) (2008).Google Scholar
- Boyen, X., Dodis, Y., Katz, J., Ostrovsky, R., and Smith, A. Secure Remote Authentication Using Biometric Data. In Advances in Cryptology (EUROCRYPT) (2005). Google ScholarDigital Library
- Brian Krebs. Coordinated ATM Heist Nets Thieves $13M, 2011. Available at http://krebsonsecurity.com.Google Scholar
- Chen, L. Recommendation for Key Derivation Using Pseudorandom Functions (Revised). NIST Special Publication 800--108, 2009.Google Scholar
- Chhabra, S., Rogers, B., Solihin, Y., and Prvulovic, M. SecureME: A Hardware-Software Approach to Full System Security. In ACM International conference on Supercomputing (ICS) (2011). Google ScholarDigital Library
- Dodis, Y., Katz, J., Reyzin, L., and Smith, A. Robust Fuzzy Extractors and Authenticated Key Agreement from Close Secrets. In Advances in Cryptology (CRYPTO) (2006). Google ScholarDigital Library
- Dodis, Y., Reyzin, M., and Smith, A. Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data. In Advances in Cryptology (EUROCRYPT) (2004).Google Scholar
- Dolev, D., Dwork, C., and Naor, M. Non-Malleable Cryptography. In SIAM Journal on Computing (2000). Google ScholarDigital Library
- Dwoskin, J. S., and Lee, R. B. Hardware-rooted trust for secure key management and transient trust. In ACM conference on Computer and communications security (CCS) (2007). Google ScholarDigital Library
- El Defrawy, K., Francillon, A., Perito, D., and Tsudik, G. SMART: Secure and Minimal Architecture for (Establishing a Dynamic) Root of Trust. In Network and Distributed System Security Symposium (NDSS) (2012).Google Scholar
- Gassend, B., Clarke, D., van Dijk, M., and Devadas, S. Controlled Physical Random Functions. In Proceedings of Annual Computer Security Applications Conference (ACSAC) (2002). Google ScholarDigital Library
- Gassend, B., Clarke, D., van Dijk, M., and Devadas, S. Silicon Physical Random Functions. In ACM conference on Computer and Communications Security (CCS) (2002). Google ScholarDigital Library
- Guajardo, J., Kumar, S. S., Schrijen, G.-J., and Tuyls, P. FPGA Intrinsic PUFs and Their Use for IP Protection. In Cryptographic Hardware and Embedded Systems (CHES) (2007). Google ScholarDigital Library
- Holcomb, D. E., Burleson, W. P., and Fu, K. Power-Up SRAM State as an Identifying Fingerprint and Source of True Random Numbers. IEEE Trans. Computers (2009). Google ScholarDigital Library
- IEEE. IEEE Standard Specifications for Public-Key Cryptography -- IEEE Std 1363TM-2000, 2000. Available at www.ieee.org.Google Scholar
- Ittai Anati, Shay Gueron, S. P. J. Innovative Technology for CPU Attestation and Sealing. In Workshop on Hardware Architecture for Security and Privacy (2013).Google Scholar
- Jason Kincaid. Google Confirms That It Fired Engineer For Breaking Internal Privacy Policies, 2010. Available at http://techcrunch.com.Google Scholar
- Juels, A., and Wattenberg, M. A Fuzzy Commitment Scheme. In ACM conference on Computer and Communications Security (CCS) (1999). Google ScholarDigital Library
- Krawczyk, H. Cryptographic Extraction and Key Derivation: The HKDF Scheme. In Advances in Cryptology (2010), CRYPTO. Google ScholarDigital Library
- Kursawe, K., Sadeghi, A.-R., Schellekens, D., Skoric, B., and Tuyls, P. Reconfigurable Physical Unclonable Functions -- Enabling Technology for Tamper-Resistant Storage. In IEEE International Workshop on Hardware-Oriented Security and Trust (HOST) (2009). Google ScholarDigital Library
- Lee, R., Kwan, P., McGregor, J., Dwoskin, J., and Wang, Z. Architecture for Protecting Critical Secrets in Microprocessors. In Proceedings of the International Symposium on Computer Architecture (ISCA) (2005). Google ScholarDigital Library
- Li, J., Krohn, M., Mazi'eres, D., and Shasha, D. Secure Untrusted Data Depository (SUNDR). In USENIX Symposium on Operating Systems Design & Implementation (OSDI) (2004). Google ScholarDigital Library
- Lie, D., Thekkath, C., Mitchell, M., Lincoln, P., Boneh, D., Mitchell, J., and Horowitz, M. Architectural Support for Copy and Tamper Resistant Software. ACM SIGPLAN Notices (2000). Google ScholarDigital Library
- Linnartz, J.-P., and Tuyls, P. New Shielding Functions to Enhance Privacy and Prevent Misuse of Biometric Templates. In International conference on Audio and Video Based Biometric Person Authentication (AVBPA) (2003). Google ScholarDigital Library
- Lu, Y., Lo, L.-T., Watson, G., and Minnich, R. CAR: Using Cache as RAM in LinuxBIOS, 2012. Available at http://rere.qmqm.pl/ mirq.Google Scholar
- Lucian Constantin. One year after DigiNotar breach, Fox-IT details extent of compromise, 2012. Available at www.wired.com.Google Scholar
- Maes, R., Tuyls, P., and Verbauwhede, I. Low-Overhead Implementation of a Soft Decision Helper Data Algorithm for SRAM PUFs. In Cryptographic Hardware and Embedded Systems (CHES) (2009). Google ScholarDigital Library
- Magnusson, P., Christensson, M., Eskilson, J., Forsgren, D., Hallberg, G., Hogberg, J., Larsson, F., Moestedt, A., and Werner, B. Simics: A full system simulation platform. Computer (2002). Google ScholarDigital Library
- McCune, J. M., Li, Y., Qu, N., Zhou, Z., Datta, A., Gligor, V. D., and Perrig, A. TrustVisor: Efficient TCB Reduction and Attestation. In IEEE Symposium on Security and Privacy (S&P) (2010). Google ScholarDigital Library
- McCune, J. M., Parno, B., Perrig, A., Reiter, M. K., and Isozaki, H. Flicker: An Execution Infrastructure for TCB Minimization. In ACM European Conference in Computer Systems (EuroSys) (2008). Google ScholarDigital Library
- McCune, J. M., Parno, B., Perrig, A., Reiter, M. K., and Seshadri, A. How Low Can You Go? Recommendations for Hardware-Supported Minimal TCB Code Execution. In ACM Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS) (2008). Google ScholarDigital Library
- Pappu, R. S., Recht, B., Taylor, J., and Gershenfeld, N. Physical One-way Functions. Science (2002). Available at web.media.mit.edu.Google Scholar
- Parno, B., Lorch, J. R., Douceur, J. R., Mickens, J. W., and McCune, J. M. Memoir: Practical state continuity for protected modules. In IEEE Symposium on Security and Privacy (S&P) (2011). Google ScholarDigital Library
- Schmitz, J., Loew, J., Elwell, J., Ponomarev, D., and Abu-Ghazaleh, N. B. TPM-SIM: A Framework for Performance Evaluation of Trusted Platform Modules. In ACM Design Automation Conference (DAC) (2011). Google ScholarDigital Library
- Shoup, V. A Proposal for an ISO Standard for Public Key Encryption. Version 2.1, 2001. Available at www.shoup.net.Google Scholar
- Shoup, V. OAEP Reconsidered. In Advances in Cryptology (CRYPTO) (2001). Available at www.shoup.net. Google ScholarDigital Library
- Smith, S. W., and Weingart, S. "building a high-performance, programmable secure coprocessor". Computer Networks (1999). Google ScholarDigital Library
- Song, D., Shi, E., Fischer, I., and Shankar, U. Cloud data protection for the masses. IEEE Computer (2012). Google ScholarDigital Library
- Suh, G. E., O'Donnell, C. W., and Devadas, S. AEGIS: A Single-Chip Secure Processor. Information Security Technical Report (2005). Google ScholarDigital Library
- Symantec. Symantec-Sponsored Ponemon Report Finds Negligent Employees Top Cause of Data Breaches in the U.S. While Malicious Attacks Most Costly, 2012. Available at www.symantec.com.Google Scholar
- Taylor, G., and Cox, G. Behind Intel's New Random-Number Generator. IEEE Spectrum (2011). Available at http://spectrum.ieee.org.Google Scholar
- Tuyls, P., Schrijen, G.-J., Skoric, B., van Geloven, J., Verhaegh, N., and Wolters, R. Read-Proof Hardware from Protective Coatings. In Cryptographic Hardware and Embedded Systems (CHES) (2006). Google ScholarDigital Library
- Vasudevan, A., McCune, J., Newsome, J., Perrig, A., and van Doorn, L. CARMA: A Hardware Tamper-Resistant Isolated Execution Environment on Commodity x86 Platforms. In ACM Symposium on Information, Computer and Communications Security (ASIACCS) (2012). Google ScholarDigital Library
- Virtutech. Simics x86--440BX Target Guide, 2010.Google Scholar
- Wang, Y., kei Yu, W., Wu, S., Malysa, G., Suh, G. E., and Kan, E. C. Flash Memory for Ubiquitous Hardware Security Functions: True Random Number Generation and Device Fingerprints. In IEEE Symposium on Security and Privacy (S&P) (2012). Google ScholarDigital Library
- Williams, P., and Boivie, R. CPU Support for Secure Executables. In Trust and Trustworthy Computing (2011). Google ScholarDigital Library
Index Terms
- OASIS: on achieving a sanctuary for integrity and secrecy on untrusted platforms
Recommendations
Oasis Digital Signature Services: Digital Signing without the Headaches
Digital signatures have yet to obtain widespread adoption--not least because key management can be burdensome and often requires the use of special smart-card devices to ensure the keys' security. To face these issues and simplify digital signature use, ...
Compile-time function memoization
CC 2017: Proceedings of the 26th International Conference on Compiler ConstructionMemoization is the technique of saving the results of computations so that future executions can be omitted when the same inputs repeat. Recent work showed that memoization can be applied to dynamically linked pure functions using a load-time technique ...
Comments