Olivier Heen

Reverse Engineering Intel Last-Level Cache Complex Addressing Using Performance Counters

Cache attacks, which exploit differences in timing to perform covert or side channels, are now well understood. Recent works leverage the last level cache to perform cache attacks across cores. This cache is split in slices, with one slice per core. While predicting the slices used by an address is simple in older processors, recent processors are using an undocumented technique called complex addressing. This renders some attacks more difficult and makes other attacks impossible, because of the loss of precision in the prediction of cache collisions. In this paper, we build an automatic and generic method for reverse engineering Intels last-level cache complex addressing, consequently rendering the class of cache attacks highly practical. Our method relies on CPU hardware performance counters to determine the cache slice an address is mapped to. We show that our method gives a more precise description of the complex addressing function than previous work. We validated our method by reversing the complex addressing functions on a diverse set of Intel processors. This set encompasses Sandy Bridge, Ivy Bridge and Haswell micro-architectures, with different number of cores, for mobile and server ranges of processors. We show the correctness of our function by building a covert channel. Finally, we discuss how other attacks benefit from knowing the complex addressing of a cache, such as sandboxed rowhammer.

An Empirical Study of Passive 802.11 Device Fingerprinting

802.11 device fingerprinting is the action of characterizing a target device through its wireless traffic. This results in a signature that may be used for identification, network monitoring or intrusion detection. The fingerprinting method can be active by sending traffic to the target device, or passive by just observing the traffic sent by the target device. Many passive fingerprinting methods rely on the observation of one particular network feature, such as the rate switching behavior or the transmission pattern of probe requests. In this work, we evaluate a set of global wireless network parameters with respect to their ability to identify 802.11 devices. We restrict ourselves to parameters that can be observed passively using a standard wireless card. We evaluate these parameters for two different tests: i) the identification test that returns one single result being the closest match for the target device, and ii) the similarity test that returns a set of devices that are close to the target devices. We find that the network parameters transmission time and frame inter-arrival time perform best in comparison to the other network parameters considered. Finally, we focus on inter-arrival times, the most promising parameter for device identification, and show its dependency from several device characteristics such as the wireless card and driver but also running applications.

C5: Cross-Cores Cache Covert Channel

Cloud computing relies on hypervisors to isolate virtual machines running on shared hardware. Since perfect isolation is difficult to achieve, sharing hardware induces threats. Covert channels were demonstrated to violate isolation and, typically, allow data exfiltration. Several covert channels have been proposed that rely on the processors cache. However, these covert channels are either slow or impractical due to the addressing uncertainty. This uncertainty exists in particular in virtualized environments and with recent L3 caches which are using complex addressing. Using shared memory would elude addressing uncertainty, but shared memory is not available in most practical setups. We build C5, a covert channel that tackles addressing uncertainty without requiring any shared memory, making the covert channel fast and practical. We are able to transfer messages on modern hardware across any cores of the same processor. The covert channel targets the last level cache that is shared across all cores. It exploits the inclusive feature of caches, allowing a core to evict lines in the private first level cache of another core. We experimentally evaluate the covert channel in native and virtualized environments. In particular, we successfully establish a covert channel between virtual machines running on different cores. We measure a bitrate of 1291i¾?bps for a native setup, and 751i¾?bps for a virtualized setup. This is one order of magnitude above previous cache-based covert channels in the same setup.

Confidentiality issues on a GPU in a virtualized environment

General-Purpose computing on Graphics Processing Units (GPGPU) combined to cloud computing is already a commercial success. However, there is little literature that investigates its security implications. Our objective is to highlight possible information leakage due to GPUs in virtualized and cloud computing environments. We provide insight into the different GPU virtualization techniques, along with their security implications. We systematically experiment and analyze the behavior of GPU global memory in the case of direct device assignment. We find that the GPU global memory is zeroed only in some configurations. In those configurations, it happens as a side effect of Error Correction Codes (ECC) and not for security reasons. As a consequence, an adversary can recover data of a previously executed GPGPU application in a variety of situations. These situations include setups where the adversary launches a virtual machine after the victim’s virtual machine using the same GPU, thus bypassing the isolation mechanisms of virtualization. Memory cleaning is not implemented by the GPU card itself and we cannot generally exclude the existence of data leakage in cloud computing environments. We finally discuss possible countermeasures for current GPU clouds users and providers.

Improving the Resistance to Side-Channel Attacks on Cloud Storage Services

Providers of cloud storage services usually apply deduplication across multiple user accounts in order to optimize savings of both upload bandwidth and storage space. However, deduplication can be used as a side channel by an adversary for obtaining sensitive information about other users data. We propose a new gateway-based deduplication model that lets the storage service provider apply efficient deduplication while substantially reducing the risk of information leakage. We suppose that the cloud storage service is provided by a Network Service Provider that also ships advanced gateways to its customers. We discuss why it is much harder for an adversary to infer deduplication from the gateway than from a fully controlled host.

A comparative privacy analysis of geosocial networks

Geosocial networks and applications, such as Foursquare, Gowalla and Facebook places, are designed to encourage their users to share their geolocated data. Among all the Personal Identifiable Information (PII), learning the location of an individual is one of the greatest threat against his privacy. For instance, the spatio-temporal data of an individual can be used to infer the location of his home and workplace, to trace his movements and habits, to learn information about his center of interests or even to detect a change from his usual behaviour. In this paper, we provide a comparative privacy analysis of several existing geosocial networks. We first describe the main characteristics of geosocial networks and then we briefly review the systems on which we have focus in this study. Afterwards, we describe the privacy and security criteria that we have identified before evaluating and comparing the different geosocial networks in the light of these criteria. Finally, we finish with a discussion and some recommendations on how to enhance the protection of privacy in geosocial networks.

On the Privacy Impacts of Publicly Leaked Password Databases

Regularly, hackers steal data sets containing user identifiers and passwords. Often these data sets become publicly available. The most prominent and important leaks use bad password protection mechanisms, e.g. rely on unsalted password hashes, despite longtime known recommendations. The accumulation of leaked password data sets allows the research community to study the problems of password strength estimation, password breaking and to conduct usability and usage studies. The impact of these leaks in terms of privacy has not been studied.

Distributed and Private Group Management

Group management is a fundamental building block of todays Internet applications. Mailing lists, chat systems, collaborative document editing, even well established online social networks such as Twitter and Facebook also use group management systems. In many cases, group security is required to restrict access and visibility of data in a group only to members of the group. Some applications also require privacy by keeping group members anonymous and unlinkable. Group management systems routinely rely on a central authority that manages and controls the infrastructure and data of the system. This can negatively impact the privacy and scalability properties of the system. In this paper, we propose a completely distributed approach for group management based on distributed hash tables. Enrollment to the system is not controlled by any central authority. Anyone can create groups and principals, and a various set of applications can share existing groups. In this paper, we describe a novel decentralized system for group management, address various security and privacy issues that arise by removing the central authority, and formally validate the security properties using AVISPA. We demonstrate the feasibility of this protocol by implementing a prototype running on top of Vuzes DHT.

User-based authentication for wireless home networks

Most wireless home networks apply a shared key authentication model to authenticate devices. This results in security weaknesses due to the wireless protocol itself and the home environment conditions. Beyond the security aspects, there are some advantages to provide a user-based authentication for better controlling who accesses the network rather than which device accesses the network. User-based authentication schemes also facilitate user profiling, which is useful to leverage further recommendation services. This paper describes a WPA2-802.1X based solution for mitigating the weaknesses mentioned above while enabling a user-based authentication at home. It also discusses the appropriateness of the solution regarding the home environment.

Conciliating remote home network access and MAC-address control

Users are increasingly nomadic and want to access their home network from anywhere. Such remote access might also be granted for family members or friends and controlled by the home network owner on a per device basis. This paper describes an overall sound solution for a layer 2 VPN, providing one-click access to the home network. Layer 2 VPN transports all home network protocols, including multicast, UPnP, Windows shares, thus providing full home network experience to remote users. Our solution addresses several practical and technical is- sues such as MAC address filtering and IP collisions. Our solution enables in particular per-device security policy enforcement while sharing the same access credentials with several remote users. We implemented and tested the solution by extending OpenVPN and a home gateway.