{"611658":{"#nid":"611658","#data":{"type":"event","title":"PhD Proposal by Ming-Wei Shih","body":[{"value":"\u003Cp\u003E\u003Cstrong\u003EPh.D. Thesis Proposal Announcement\u003C\/strong\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003ETitle: Securing\u0026nbsp;Intel SGX against Side-channel Attacks via Load-time Synthesis\u003C\/strong\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EMing-Wei Shih\u003C\/p\u003E\r\n\r\n\u003Cp\u003EPh.D. Student\u003C\/p\u003E\r\n\r\n\u003Cp\u003EInformation Security\u003C\/p\u003E\r\n\r\n\u003Cp\u003ESchool of Computer Science\u003C\/p\u003E\r\n\r\n\u003Cp\u003EGeorgia Institute of Technology\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDate: Sept 20 (Thursday)\u003C\/p\u003E\r\n\r\n\u003Cp\u003EStart Time: 2:00pm\u003C\/p\u003E\r\n\r\n\u003Cp\u003ELocation: KACB\u0026nbsp;3126\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003ECommittee\u003C\/strong\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026mdash;\u0026mdash;\u0026mdash;\u0026mdash;\u0026mdash;\u0026mdash;\u0026mdash;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr.\u0026nbsp;Taesoo Kim (Advisor, School of Computer Science, Georgia Institute of Technology)\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr. Wenke Lee(School of Computer Science, Georgia Institute of Technology)\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr. Marcus Pienado\u0026nbsp;(Microsoft Research)\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003EAbstract\u003C\/strong\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026mdash;\u0026mdash;\u0026mdash;\u0026mdash;\u0026mdash;\u0026mdash;\u0026mdash;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EOne real-world technique that has the potential to ensure\u003C\/p\u003E\r\n\r\n\u003Cp\u003Ethe security of remote execution in an untrusted end-point is\u003C\/p\u003E\r\n\r\n\u003Cp\u003EIntel Software Guard Extensions (SGX). SGX allows an application\u003C\/p\u003E\r\n\r\n\u003Cp\u003Eto run in a hardware-assisted isolated execution environment,\u003C\/p\u003E\r\n\r\n\u003Cp\u003Eor an enclave, that excludes even privileged software such as\u003C\/p\u003E\r\n\r\n\u003Cp\u003Ean operating system. Unfortunately, recent studies have shown\u003C\/p\u003E\r\n\r\n\u003Cp\u003Ethat such isolation is vulnerable to various types of side-channel\u003C\/p\u003E\r\n\r\n\u003Cp\u003Eattacks. Given the strong threat model (i.e., an attacker controls\u003C\/p\u003E\r\n\r\n\u003Cp\u003Eprivileged software), the side-channel attacks are uniquely powerful.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EMore specifically, the attacker can learn accurate, high-resolution\u003C\/p\u003E\r\n\r\n\u003Cp\u003Eside-channel information of the protected application, which\u003C\/p\u003E\r\n\r\n\u003Cp\u003Eundermines the security guarantees that SGX intends to provide.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EAlthough researchers have proposed several countermeasures\u003C\/p\u003E\r\n\r\n\u003Cp\u003Eagainst\u0026nbsp;the side-channel attacks on SGX, these countermeasures\u003C\/p\u003E\r\n\r\n\u003Cp\u003Efocus\u0026nbsp;only on a limited number of side-channel types. To achieve a\u003C\/p\u003E\r\n\r\n\u003Cp\u003Ecomplete\u0026nbsp;defense, one idea is to statically compose multiple countermeasures\u003C\/p\u003E\r\n\r\n\u003Cp\u003Eand to enforce them on an application before deploying it to the end-point.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EHowever, some of the countermeasures may not work as expected because\u003C\/p\u003E\r\n\r\n\u003Cp\u003Ethe\u0026nbsp;statically enforced countermeasures cannot be adaptive to the hardware\u003C\/p\u003E\r\n\r\n\u003Cp\u003Especification\u0026nbsp;at the end-point. For example, a TSX-based countermeasure\u003C\/p\u003E\r\n\r\n\u003Cp\u003Emay provide no protection\u0026nbsp;if the end-point does not support Intel TSX.\u003C\/p\u003E\r\n\r\n\u003Cp\u003ETo address the limitation of static\u0026nbsp;composition, we propose an alternative\u003C\/p\u003E\r\n\r\n\u003Cp\u003Eapproach, load-time synthesis, which\u0026nbsp;adaptively composes multiple\u003C\/p\u003E\r\n\r\n\u003Cp\u003Ecountermeasures according to the hardware\u0026nbsp;specification at the end-point.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EMore specifically, an enclave starts by\u0026nbsp;executing a loader program.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EThe loader\u0026nbsp;program then detects the hardware\u0026nbsp;specification, selectively\u003C\/p\u003E\r\n\r\n\u003Cp\u003Eenables the\u0026nbsp;countermeasures, and finally produces\u0026nbsp;an application binary\u003C\/p\u003E\r\n\r\n\u003Cp\u003Ethat runs with the\u0026nbsp;possibly highest level of protection\u0026nbsp;at the end-point.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n","summary":null,"format":"limited_html"}],"field_subtitle":"","field_summary":"","field_summary_sentence":[{"value":"Securing Intel SGX against Side-channel Attacks via Load-time Synthesis"}],"uid":"27707","created_gmt":"2018-09-19 14:34:20","changed_gmt":"2018-09-19 14:34:20","author":"Tatianna Richardson","boilerplate_text":"","field_publication":"","field_article_url":"","field_event_time":{"event_time_start":"2018-09-20T15:00:00-04:00","event_time_end":"2018-09-20T17:00:00-04:00","event_time_end_last":"2018-09-20T17:00:00-04:00","gmt_time_start":"2018-09-20 19:00:00","gmt_time_end":"2018-09-20 21:00:00","gmt_time_end_last":"2018-09-20 21:00:00","rrule":null,"timezone":"America\/New_York"},"extras":[],"groups":[{"id":"221981","name":"Graduate Studies"}],"categories":[],"keywords":[{"id":"102851","name":"Phd proposal"}],"core_research_areas":[],"news_room_topics":[],"event_categories":[{"id":"1788","name":"Other\/Miscellaneous"}],"invited_audience":[{"id":"78761","name":"Faculty\/Staff"},{"id":"78771","name":"Public"},{"id":"174045","name":"Graduate students"},{"id":"78751","name":"Undergraduate students"}],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[],"email":[],"slides":[],"orientation":[],"userdata":""}}}