The Ultimate Survey: Transient Execution Attacks
Resumo
Após a divulgação do primeiro ataque de execução transitória, esta categoria de ataques tem crescido a cada ano, visto que por meio desses ataques é possível vazar dados críticos de usuários. Ataques transitórios consistem em duas fases: (1) a execução de um canal transitório para o vazamento dos dados, e (2) a execução de um canal lateral em cache para a captura das informações. Por meio desse tipo de ataque, é possível vazar dados críticos de usuários. Tais ataques são viáveis pelo fato de aspectos de segurança serem deixados de lado durante a implementação de recursos de hardware. Devido aos potenciais danos causados, tanto a indústria quanto a academia desenvolveram técnicas para mitigar as falhas relacionadas. Apesar desses esforços, ainda é possível explorar brechas que permitem o surgimento de diferentes variantes de ataques. Este trabalho apresenta os principais conceitos relacionados a ataques de execução transitória, descrevendo suas fases de execução, os principais trabalhos da área e diferentes técnicas de mitigação.
Palavras-chave:
Ataque de canal lateral, execução transitória, ataque de execução transitória
Referências
J. L. Hennessy and D. A. Patterson, Computer architecture: a quantitative approach. New York, USA: Elsevier, 2011.
LIPP, M. SCHWARZ, M. GRUSS, D. PRESCHER, T. HASS, W. FOGH, A. HORN, J. MANGARD, S. KOCHER, P. GENKIN, D. YAROM, Y. HAMBURG, "Meltdown: Reading kernel memory from user space," In: Proceedings of the Usenix Security Symposium, pp. 973-990, 06 2018.
KOCHER, P GENKIN, D GRUSS, D HASS, W HAMBURG, M LIPP, MANGARD, S PRESCHER, T SCHWARZ, M YAROM Y, "Spectre attacks: Exploiting speculative execution." In Proceedings on Security and Privacy Symposium, pp. 1-19, 06 2019.
CANELLA, C., VAN BULCK, J., SCHWARZ, M., LIPP, M., VON BERG, B., ORTNER, P., PIESSENS, F., EVTYUSHKIN, D., and GRUSS, D., "A systematic evaluation of transient execution attacks and defenses." in Proceedings of the Conference on Computer and Communications Security. New York, NY, USA: USENIX, 2020, pp. 943-959.
CANELLA, CLAUDIO AND GENKIN, DANIEL AND GINER, LUKAS AND GRUSS, DANIEL AND LIPP, MORITZ AND MINKIN, MARINA AND MOGHIMI, DANIEL AND PIESSENS, FRANK AND SCHWARZ, MICHAEL AND SUNAR, BERK AND VAN BULCK, JO AND YAROM, YUVAL, "Fallout: Leaking data on meltdown-resistant cpus," in Proceedings of the Conference on Computer and Communications Security. New York, NY, USA: Association for Computing Machinery, 2019, p. 769-784.
VAN BULCK, JO AND MINKIN, MARINA AND WEISSE, OFIR AND GENKIN, DANIEL AND KASIKCI, BARIS AND PIESSENS, FRANK AND SILBERSTEIN, MARK AND WENISCH, THOMAS F AND YAROM, YUVAL AND STRACKX, RAOUL, "Foreshadow: Extracting the keys to the intel sgx kingdom with transient out-of-order execution," in Security Symposium Security. New York, NY, USA: Association for Computing Machinery, 2018, pp. 991-1008.
CHEN, GUOXING AND CHEN, SANCHUAN AND XIAO, YUAN AND ZHANG, YINQIAN AND LIN, ZHIQIANG AND LAI, TEN H, "Sgxpectre: Stealing intel secrets from sgx enclaves via speculative execution," in European Symposium on Security and Privacy, IEEE. New York: IEEE, 2019, pp. 142-157.
KORUYEH, ESMAEIL MOHAMMADIAN AND KHASAWNEH, KHALED N AND SONG, CHENGYU AND ABU-GHAZALEH, NAEL, "Spectre returns! speculation attacks using the return stack buffer," in Workshop on Offensive Technologies. New York: IEEE, 2018. 9
CANELLA, C., SCHWARZ, M. HAUBENWALLNER, M. SCWARZL, M. GRUSS, D., "Kaslr: Break it, fix it, repeat," Proceedings of the Asia Conference on Computer and Communications Security, 2020.
LAPID and WOOL, "Cache-attacks on the arm trustzone implementations of aes-256 and aes-256-gcm via gpu-based analysis," International Association for Cryptologic Research, vol. 2018, p. 621, 2018.
COSTAN and DEVADAS, "Intel sgx explained," International Association for Cryptologic Research, p. 86, 2016.
SCHWARZ, M e MICHAEL, LIPP, M e MORITZ e MOGHIMI, DANIEL, BULCK, V e JO, STECKLINA, J, PRESCHER, T e GRUSS,D, "Zombieload: Cross-privilege-boundary data sampling." In Proceedings Conference on Computer and Communications Security, pp. 1-19, 06 2019.
ZHANG, Y., "Cache side channels: State of the art and research opportunities," in Proceedings of the Conference on Computer and Communications Security. New York, NY, USA: Association for Computing Machinery, 2017, p. 2617-2619.
W. HU, "Lattice scheduling and covert channels," in Proceedings of the Symposium on Security and Privacy. USA: IEEE Computer Society, 1992, p. 52.
BAZM, M. SAUTEREAU, T. LACOSTE, SUDHOLT, MENAUD, "Cache-Based Side-Channel Attacks Detection through Intel Cache Monitoring Technology and Hardware Performance Counters," in In: Proceedings of the International Conference on Fog and Mobile Edge Computing. Barcelona, Spain: IEEE, 2018, pp. 1-6.
ACIICCMEZ, BRUMLEY, GRABHER, "New results on instruction cache attacks," in Proceedings of the International Conference on Cryptographic Hardware and Embedded Systems. Berlin, Heidelberg: Springer-Verlag, 2010, p. 110-124.
LIPP, M. GRUSS, D. SPREITZER, D. MAURICE, S. MANGARD, "Armageddon: Cache attacks on mobile devices," in Proceedings of the USENIX Conference on Security Symposium. USA: Proceedings of the USENIX Conference on Security Symposium, 2016, p. 549-564.
PERCIVAL, C, "Cache missing for fun and profit," In: PROCEEDINGS OF THE BSD Linux conference, Washington. Anais... Washington: ACM, 2005, 2005.
OSVIK, D. SHAMIR, A. TROMER, E., "Cache attacks and countermeasures: The case of aes." in In: Proceedings of the Pointcheval Topics in Cryptology. San Jose, CA: Spring, 01 2006, pp. 1-20.
MUSHTAQ, M. AKRAM, A. BHATTI, M. K. RAIS, R. LAPOTRE, V. GOGNIAT, "Run-time detection of prime + probe side-channel attack on aes encryption algorithm," In: Proceedings of the Global Information Infrastructure and Networking Symposium, pp. 1-5, 2018.
OREN,Y. KEMERLIS, V. SETHUMADHAVAN, S. KEROMYTIS, ANGELOS D., "The spy in the sandbox: Practical cache attacks in java and their implications," in Proceedings of the Conference on Computer and Communications Security. New York, NY, USA: Association for Computing Machinery, 2015, p. 1406-1418.
GULMEZOGLU, INCI, IRAZOKI, EISENBARTH, SUNAR, "Cross-vm cache attacks on aes," Transactions on Multi-Scale Computing Systems, vol. 2, pp. 1-1, 04 2016.
Y. YAROM and K. FALKNER, "Flush+reload: A high resolution, low noise, l3 cache side-channel attack," Cryptology ePrint Archive, vol. 2013, p. 448, 2013.
LIU, F. YAROM, Y. GE, Q. HEISER, G. LEE, R., "Last-level cache side-channel attacks are practical," in Proceedings of the Symposium on Security and Privacy. USA: IEEE Computer Society, 2015, p. 605-622.
YAROM and BENGER, "Recovering openssl ecdsa nonces using the flush+reload cache side-channel attack," International Association for Cryptologic Research, vol. 2014, p. 140, 2014.
ZHOU, P. WANG, T. LI, G. ZHANG, ZHAO, "Analysis on the parameter selection method for flush+reload based cache timing attack on rsa," China Communications, vol. 12, no. 6, pp. 33-45, 2015.
PANDA, "Fooling the sense of cross-core last-level cache eviction based attacker by prefetching common sense," Proceedings of the International Conference on Parallel Architectures and Compilation Techniques, pp. 138-150, 2019.
GRUSS, D. SPREITZER, R.MANGARD, S., "Cache template attacks: Automating attacks on inclusive last-level caches," p. 897-912, 2015.
GOLDER, A. DAS, D. DANIAL, D. GHOSH, S. SEN, S. RAYCHOWDHURY, "Practical approaches toward deep-learning-based cross-device power side-channel attack," In: Proceedings of the Transactions on Very Large Scale Integration Systems, vol. 27, no. 12, pp. 2720-2733, 2019.
DISSELKOEN, C. KOHLBRENNER, D. PORTER, L. TULLSEN, D., "Prime+abort: A timer-free high-precision l3 cache attack using intel tsx," in Proceedings of the USENIX Conference on Security Symposium. USA: USENIX Association, 2017, p. 51-67.
GRUSS, LETTNER, SCHUSTER, OHRIMENKO, HALLER, COSTA, "Strong and efficient cache side-channel protection using hardware transactional memory," in Proceedings of the USENIX Conference on Security Symposium. USA: USENIX Association, 2017, p. 217-233.
BOGDANOV, EISENBARTH, PAAR, WIENECKE, "Differential cachecollision timing attacks on aes with applications to embedded cpus," in Proceedings of the International Conference on Topics in Cryptology. Berlin, Heidelberg: Springer-Verlag, 2010, p. 235-251.
FOG, A, "The microarchitecture of intel, amd and via cpus: An optimization guide for assembly programmers and compiler maker," Copenhagen University College of Engineering, pp. 190-193, 2012.
ESFAHANI, SOLEIMANY, AREF, "Practical implementation of a new flush+ reload side channel attack on aes," 2020.
SMITH, J. PLESZKUN, REW, "Implementing precise interrupts in pipelined processors," In: PROCEEDINGS OF THE IEEE SYMPOSIUM ON SECURITY AND PRIVACY, vol. 37, no. 5, pp. 562-573, 1988.
SILBERT, O. PORRAS, LINDELL, R., "The intel 80/spl times/86 processor architecture: pitfalls for secure systems," In: PROCEEDINGS OF THE IEEE SYMPOSIUM ON SECURITY AND PRIVACY, no. 11, pp. 11-22, 1995.
VAN BULCK, JO AND MINKIN, MARINA AND WEISSE, OFIR AND GENKIN, DANIEL AND KASIKCI, BARIS AND PIESSENS, FRANK AND SILBERSTEIN, MARK AND WENISCH, THOMAS F AND YAROM, YUVAL AND STRACKX, RAOUL, "LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection," in Symposium on Security and Privacy. New York, NY, USA: Association for Computing Machinery, 2020.
KOCHER, K. PAUL, C., "Timing attacks on implementations of diffiehellman, rsa, dss, and other systems," in Proceedings of the Annual International Cryptology Conference on Advances in Cryptology. Berlin, Heidelberg: Springer-Verlag, 1996, p. 104-113.
KIRIANSKY, VLADIMIR AND WALDSPURGER, CARL, "Speculative buffer overflows: Attacks and defenses," European Symposium on Security and Privacy, 2018.
EVTYUSHKIN, DMITRY AND RILEY, RYAN AND ABUGHAZALEH, NAEL CSE AND ECE AND PONOMAREV, DMITRY, "Branchscope: A new side-channel attack on directional branch predictor," ACM SIGPLAN Notices, vol. 53, no. 2, pp. 693-707, 2018.
GRUSS, D. HANSEN, D. GREGG, B, "Kernel isolation: From an academic idea to an efficient patch for every computer," Proceedings of the Conference on Security Symposium, vol. 43, 2018.
A. BILAL, "Real time detection of spectre and meltdown attacks using machine learning." Proceedings of the Conference on Security Symposium, 2020.
LIPP, M. SCHWARZ, M. GRUSS, D. PRESCHER, T. HASS, W. FOGH, A. HORN, J. MANGARD, S. KOCHER, P. GENKIN, D. YAROM, Y. HAMBURG, "Meltdown: Reading kernel memory from user space," In: Proceedings of the Usenix Security Symposium, pp. 973-990, 06 2018.
KOCHER, P GENKIN, D GRUSS, D HASS, W HAMBURG, M LIPP, MANGARD, S PRESCHER, T SCHWARZ, M YAROM Y, "Spectre attacks: Exploiting speculative execution." In Proceedings on Security and Privacy Symposium, pp. 1-19, 06 2019.
CANELLA, C., VAN BULCK, J., SCHWARZ, M., LIPP, M., VON BERG, B., ORTNER, P., PIESSENS, F., EVTYUSHKIN, D., and GRUSS, D., "A systematic evaluation of transient execution attacks and defenses." in Proceedings of the Conference on Computer and Communications Security. New York, NY, USA: USENIX, 2020, pp. 943-959.
CANELLA, CLAUDIO AND GENKIN, DANIEL AND GINER, LUKAS AND GRUSS, DANIEL AND LIPP, MORITZ AND MINKIN, MARINA AND MOGHIMI, DANIEL AND PIESSENS, FRANK AND SCHWARZ, MICHAEL AND SUNAR, BERK AND VAN BULCK, JO AND YAROM, YUVAL, "Fallout: Leaking data on meltdown-resistant cpus," in Proceedings of the Conference on Computer and Communications Security. New York, NY, USA: Association for Computing Machinery, 2019, p. 769-784.
VAN BULCK, JO AND MINKIN, MARINA AND WEISSE, OFIR AND GENKIN, DANIEL AND KASIKCI, BARIS AND PIESSENS, FRANK AND SILBERSTEIN, MARK AND WENISCH, THOMAS F AND YAROM, YUVAL AND STRACKX, RAOUL, "Foreshadow: Extracting the keys to the intel sgx kingdom with transient out-of-order execution," in Security Symposium Security. New York, NY, USA: Association for Computing Machinery, 2018, pp. 991-1008.
CHEN, GUOXING AND CHEN, SANCHUAN AND XIAO, YUAN AND ZHANG, YINQIAN AND LIN, ZHIQIANG AND LAI, TEN H, "Sgxpectre: Stealing intel secrets from sgx enclaves via speculative execution," in European Symposium on Security and Privacy, IEEE. New York: IEEE, 2019, pp. 142-157.
KORUYEH, ESMAEIL MOHAMMADIAN AND KHASAWNEH, KHALED N AND SONG, CHENGYU AND ABU-GHAZALEH, NAEL, "Spectre returns! speculation attacks using the return stack buffer," in Workshop on Offensive Technologies. New York: IEEE, 2018. 9
CANELLA, C., SCHWARZ, M. HAUBENWALLNER, M. SCWARZL, M. GRUSS, D., "Kaslr: Break it, fix it, repeat," Proceedings of the Asia Conference on Computer and Communications Security, 2020.
LAPID and WOOL, "Cache-attacks on the arm trustzone implementations of aes-256 and aes-256-gcm via gpu-based analysis," International Association for Cryptologic Research, vol. 2018, p. 621, 2018.
COSTAN and DEVADAS, "Intel sgx explained," International Association for Cryptologic Research, p. 86, 2016.
SCHWARZ, M e MICHAEL, LIPP, M e MORITZ e MOGHIMI, DANIEL, BULCK, V e JO, STECKLINA, J, PRESCHER, T e GRUSS,D, "Zombieload: Cross-privilege-boundary data sampling." In Proceedings Conference on Computer and Communications Security, pp. 1-19, 06 2019.
ZHANG, Y., "Cache side channels: State of the art and research opportunities," in Proceedings of the Conference on Computer and Communications Security. New York, NY, USA: Association for Computing Machinery, 2017, p. 2617-2619.
W. HU, "Lattice scheduling and covert channels," in Proceedings of the Symposium on Security and Privacy. USA: IEEE Computer Society, 1992, p. 52.
BAZM, M. SAUTEREAU, T. LACOSTE, SUDHOLT, MENAUD, "Cache-Based Side-Channel Attacks Detection through Intel Cache Monitoring Technology and Hardware Performance Counters," in In: Proceedings of the International Conference on Fog and Mobile Edge Computing. Barcelona, Spain: IEEE, 2018, pp. 1-6.
ACIICCMEZ, BRUMLEY, GRABHER, "New results on instruction cache attacks," in Proceedings of the International Conference on Cryptographic Hardware and Embedded Systems. Berlin, Heidelberg: Springer-Verlag, 2010, p. 110-124.
LIPP, M. GRUSS, D. SPREITZER, D. MAURICE, S. MANGARD, "Armageddon: Cache attacks on mobile devices," in Proceedings of the USENIX Conference on Security Symposium. USA: Proceedings of the USENIX Conference on Security Symposium, 2016, p. 549-564.
PERCIVAL, C, "Cache missing for fun and profit," In: PROCEEDINGS OF THE BSD Linux conference, Washington. Anais... Washington: ACM, 2005, 2005.
OSVIK, D. SHAMIR, A. TROMER, E., "Cache attacks and countermeasures: The case of aes." in In: Proceedings of the Pointcheval Topics in Cryptology. San Jose, CA: Spring, 01 2006, pp. 1-20.
MUSHTAQ, M. AKRAM, A. BHATTI, M. K. RAIS, R. LAPOTRE, V. GOGNIAT, "Run-time detection of prime + probe side-channel attack on aes encryption algorithm," In: Proceedings of the Global Information Infrastructure and Networking Symposium, pp. 1-5, 2018.
OREN,Y. KEMERLIS, V. SETHUMADHAVAN, S. KEROMYTIS, ANGELOS D., "The spy in the sandbox: Practical cache attacks in java and their implications," in Proceedings of the Conference on Computer and Communications Security. New York, NY, USA: Association for Computing Machinery, 2015, p. 1406-1418.
GULMEZOGLU, INCI, IRAZOKI, EISENBARTH, SUNAR, "Cross-vm cache attacks on aes," Transactions on Multi-Scale Computing Systems, vol. 2, pp. 1-1, 04 2016.
Y. YAROM and K. FALKNER, "Flush+reload: A high resolution, low noise, l3 cache side-channel attack," Cryptology ePrint Archive, vol. 2013, p. 448, 2013.
LIU, F. YAROM, Y. GE, Q. HEISER, G. LEE, R., "Last-level cache side-channel attacks are practical," in Proceedings of the Symposium on Security and Privacy. USA: IEEE Computer Society, 2015, p. 605-622.
YAROM and BENGER, "Recovering openssl ecdsa nonces using the flush+reload cache side-channel attack," International Association for Cryptologic Research, vol. 2014, p. 140, 2014.
ZHOU, P. WANG, T. LI, G. ZHANG, ZHAO, "Analysis on the parameter selection method for flush+reload based cache timing attack on rsa," China Communications, vol. 12, no. 6, pp. 33-45, 2015.
PANDA, "Fooling the sense of cross-core last-level cache eviction based attacker by prefetching common sense," Proceedings of the International Conference on Parallel Architectures and Compilation Techniques, pp. 138-150, 2019.
GRUSS, D. SPREITZER, R.MANGARD, S., "Cache template attacks: Automating attacks on inclusive last-level caches," p. 897-912, 2015.
GOLDER, A. DAS, D. DANIAL, D. GHOSH, S. SEN, S. RAYCHOWDHURY, "Practical approaches toward deep-learning-based cross-device power side-channel attack," In: Proceedings of the Transactions on Very Large Scale Integration Systems, vol. 27, no. 12, pp. 2720-2733, 2019.
DISSELKOEN, C. KOHLBRENNER, D. PORTER, L. TULLSEN, D., "Prime+abort: A timer-free high-precision l3 cache attack using intel tsx," in Proceedings of the USENIX Conference on Security Symposium. USA: USENIX Association, 2017, p. 51-67.
GRUSS, LETTNER, SCHUSTER, OHRIMENKO, HALLER, COSTA, "Strong and efficient cache side-channel protection using hardware transactional memory," in Proceedings of the USENIX Conference on Security Symposium. USA: USENIX Association, 2017, p. 217-233.
BOGDANOV, EISENBARTH, PAAR, WIENECKE, "Differential cachecollision timing attacks on aes with applications to embedded cpus," in Proceedings of the International Conference on Topics in Cryptology. Berlin, Heidelberg: Springer-Verlag, 2010, p. 235-251.
FOG, A, "The microarchitecture of intel, amd and via cpus: An optimization guide for assembly programmers and compiler maker," Copenhagen University College of Engineering, pp. 190-193, 2012.
ESFAHANI, SOLEIMANY, AREF, "Practical implementation of a new flush+ reload side channel attack on aes," 2020.
SMITH, J. PLESZKUN, REW, "Implementing precise interrupts in pipelined processors," In: PROCEEDINGS OF THE IEEE SYMPOSIUM ON SECURITY AND PRIVACY, vol. 37, no. 5, pp. 562-573, 1988.
SILBERT, O. PORRAS, LINDELL, R., "The intel 80/spl times/86 processor architecture: pitfalls for secure systems," In: PROCEEDINGS OF THE IEEE SYMPOSIUM ON SECURITY AND PRIVACY, no. 11, pp. 11-22, 1995.
VAN BULCK, JO AND MINKIN, MARINA AND WEISSE, OFIR AND GENKIN, DANIEL AND KASIKCI, BARIS AND PIESSENS, FRANK AND SILBERSTEIN, MARK AND WENISCH, THOMAS F AND YAROM, YUVAL AND STRACKX, RAOUL, "LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection," in Symposium on Security and Privacy. New York, NY, USA: Association for Computing Machinery, 2020.
KOCHER, K. PAUL, C., "Timing attacks on implementations of diffiehellman, rsa, dss, and other systems," in Proceedings of the Annual International Cryptology Conference on Advances in Cryptology. Berlin, Heidelberg: Springer-Verlag, 1996, p. 104-113.
KIRIANSKY, VLADIMIR AND WALDSPURGER, CARL, "Speculative buffer overflows: Attacks and defenses," European Symposium on Security and Privacy, 2018.
EVTYUSHKIN, DMITRY AND RILEY, RYAN AND ABUGHAZALEH, NAEL CSE AND ECE AND PONOMAREV, DMITRY, "Branchscope: A new side-channel attack on directional branch predictor," ACM SIGPLAN Notices, vol. 53, no. 2, pp. 693-707, 2018.
GRUSS, D. HANSEN, D. GREGG, B, "Kernel isolation: From an academic idea to an efficient patch for every computer," Proceedings of the Conference on Security Symposium, vol. 43, 2018.
A. BILAL, "Real time detection of spectre and meltdown attacks using machine learning." Proceedings of the Conference on Security Symposium, 2020.
Publicado
02/11/2022
Como Citar
MARQUES, Luiz Henrique Custódio Mendes.
The Ultimate Survey: Transient Execution Attacks. In: CONGRESSO LATINO-AMERICANO DE SOFTWARE LIVRE E TECNOLOGIAS ABERTAS (LATINOWARE), 19. , 2022, Evento Híbrido.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2022
.
p. 93-102.
DOI: https://doi.org/10.5753/latinoware.2022.228038.
