{"id":4094,"date":"2015-04-23T04:58:35","date_gmt":"2015-04-23T04:58:35","guid":{"rendered":"http:\/\/revoscience.com\/en\/?p=4094"},"modified":"2015-04-23T04:58:35","modified_gmt":"2015-04-23T04:58:35","slug":"cloud-security-reaches-silicon","status":"publish","type":"post","link":"https:\/\/www.revoscience.com\/en\/cloud-security-reaches-silicon\/","title":{"rendered":"Cloud security reaches silicon"},"content":{"rendered":"<p style=\"text-align: justify;\"><span style=\"color: #000000;\"><em><strong style=\"color: #222222;\">System for defending against memory-access attacks implemented in chips.<\/strong><\/em><\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\"><strong><a href=\"http:\/\/revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignright size-full wp-image-4095\" src=\"http:\/\/revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg\" alt=\"download (1)\" width=\"295\" height=\"171\" title=\"\" srcset=\"https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg 295w, https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13-70x40.jpg 70w\" sizes=\"auto, (max-width: 295px) 100vw, 295px\" \/><\/a>CAMBRIDGE, Mass.<\/strong> &#8212;\u00a0In the last 10 years, computer security researchers have shown that malicious hackers don\u2019t need to see your data in order to steal your data. From the pattern in which your computer accesses its memory banks, adversaries can infer a\u00a0<a style=\"color: #1155cc;\" href=\"http:\/\/mit.pr-optout.com\/Tracking.aspx?Data=HHL%3d8.%3a8A6-%3eLCE9%3b4%3b8%3f%26SDG%3c90%3a.&amp;RE=MC&amp;RI=4334046&amp;Preview=False&amp;DistributionActionID=25828&amp;Action=Follow+Link\" target=\"_blank\" rel=\"noopener\"><span style=\"color: #000000;\">shocking amount<\/span><\/a>\u00a0about what\u2019s stored there.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">The risk of such attacks is particularly acute in the cloud, where you have no control over whose applications are sharing server space with yours. An antagonist could load up multiple cloud servers with small programs that do nothing but spy on other people\u2019s data.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">Two years ago, researchers in the group of MIT\u2019s Srini Devadas, the Edwin Sibley Webster Professor in MIT\u2019s Department of Electrical Engineering and Computer Science,\u00a0<a style=\"color: #1155cc;\" href=\"http:\/\/mit.pr-optout.com\/Tracking.aspx?Data=HHL%3d8.%3a8A6-%3eLCE9%3b4%3b8%3f%26SDG%3c90%3a.&amp;RE=MC&amp;RI=4334046&amp;Preview=False&amp;DistributionActionID=25827&amp;Action=Follow+Link\" target=\"_blank\" rel=\"noopener\"><span style=\"color: #000000;\">proposed<\/span><\/a>\u00a0a method for thwarting these types of attacks by disguising memory-access patterns. Now, they\u2019ve begun to implement it in hardware.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">In March, at the Architectural Support for Programming Languages and Operating Systems conference, they presented the layout of a custom-built chip that would use their scheme, which is now moving into fabrication. And at the IEEE International Symposium on Field-Programmable Custom Computing Machines in May, they will describe some additional improvements to the scheme, which they\u2019ve tested on reconfigurable chips.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">The principle behind the scheme is that, whenever a chip needs to fetch data from a particular memory address, it should query a bunch of other addresses, too, so that an adversary can\u2019t determine which one it\u2019s really interested in. Naturally, this requires shipping much more data between the chip and memory than would otherwise be necessary.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">To minimize the amount of extra data needed, the researchers store memory addresses in a data structure known as a \u201ctree.\u201d A family tree is a familiar example of a tree, in which each \u201cnode\u201d (a person\u2019s name) is attached to only one node above it (the node representing the person\u2019s parents) but may connect to several nodes below it (the person\u2019s children).<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">Every address is randomly assigned to a path through the tree \u2014 a sequence of nodes stretching from the top of the tree to the bottom, with no backtracking. When the chip requires the data stored at a particular address, it also requests data from all the other nodes on the same path.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">In earlier work, researchers in Devadas\u2019 group were able to prove that pulling data from a single path was as confounding to an adversary as if the chip had pulled data from every single memory address in use \u2014 every node of the tree.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\"><strong>Breaking the logjam<\/strong><\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">After reading data from a path, however, the chip also has to write data to the whole path; otherwise, an adversary could determine which node was the one of interest. But the chip rarely stores data in the same node that it read it from.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">Most nodes lie on multiple paths: To take the most basic example, the single node at the top, or root, of the tree lies on every path. When the chip writes a block of data to memory, it pushes it as far down the tree as it can, which means finding the last vacancy before the block\u2019s assigned path branches off from path that was just read.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">\u201cThe root of the tree is a lot smaller than the bottom of tree,\u201d says Albert Kwon, an MIT graduate student in electrical engineering and computer science and one of the papers\u2019 co-authors. \u201cSo intuitively, you want to push down as far as you can toward the bottom, so that there\u2019s no congestion at the top.\u201d<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">In writing data, the chip still has to follow the sequence of nodes in the path; otherwise, again, an adversary might be able to infer something about the data being stored. In previous attempts at similar systems, that meant sorting the memory addresses according to their ultimate locations in the tree.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">\u201cSort is not easy to do in hardware,\u201d says Chris Fletcher, another graduate student in Devadas\u2019 group and first author on the new paper. \u201cSo by the time you\u2019ve sorted everything, you\u2019ve taken a real performance hit.\u201d<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">In the chip described in their latest paper, Fletcher, Devadas, Kwon, and their co-authors \u2014 Ling Ren, also an MIT graduate student in electrical engineering and computer science, and colleagues at the University of Connecticut, the University of California at Berkeley, and the Qatar Computing Research Institute \u2014 took a different approach. They gave their chip an extra memory circuit, with storage slots that can be mapped onto the sequence of nodes in any path through the tree. Once a data block\u2019s final location is determined, it\u2019s simply stored at the corresponding slot in the circuit. All of the blocks are then read out in order.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\"><strong>Stockpiled secrets<\/strong><\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">The new chip features another trick to improve efficiency: Rather than writing data out every time it reads data in, it writes only on every fifth read. On the other reads, it simply discards all of the decoy data. When it finally does write data back out, it will have, on average, five extra blocks of data to store on the last path it read. But there are generally enough vacancies in the tree to accommodate the extra blocks. And when there aren\u2019t, the system\u2019s ordinary protocols for pushing data as far down the tree as possible can handle the occasional logjam at the top.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">Today\u2019s chips have small, local memory banks called caches in which they store frequently used data; for applications that use caching efficiently, all that extra reading and writing generally increases computation time by only about 20 percent. For applications that don\u2019t use caching efficiently, computation time can increase fivefold, or even more.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">But according to the researchers, one of the advantages of their scheme is that the circuits that implement it can simply be added to existing chip designs, without much retooling. The extra layer of security can then be switched on and off as needed. Some cloud applications may use it all the time; others may opt against it entirely; still others may activate it only when handling sensitive information, such as credit card numbers.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>System for defending against memory-access attacks implemented in chips. CAMBRIDGE, Mass. &#8212;\u00a0In the last 10 years, computer security researchers have shown that malicious hackers don\u2019t need to see your data in order to steal your data. From the pattern in which your computer accesses its memory banks, adversaries can infer a\u00a0shocking amount\u00a0about what\u2019s stored there. [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":4095,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[43,47],"tags":[],"class_list":["post-4094","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-computer-science","category-it"],"featured_image_urls":{"full":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg",295,171,false],"thumbnail":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13-150x150.jpg",150,150,true],"medium":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg",295,171,false],"medium_large":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg",295,171,false],"large":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg",295,171,false],"1536x1536":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg",295,171,false],"2048x2048":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg",295,171,false],"ultp_layout_landscape_large":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg",295,171,false],"ultp_layout_landscape":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg",295,171,false],"ultp_layout_portrait":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg",295,171,false],"ultp_layout_square":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg",295,171,false],"newspaper-x-single-post":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg",295,171,false],"newspaper-x-recent-post-big":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg",295,171,false],"newspaper-x-recent-post-list-image":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg",95,55,false],"web-stories-poster-portrait":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg",295,171,false],"web-stories-publisher-logo":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg",96,56,false],"web-stories-thumbnail":["https:\/\/www.revoscience.com\/en\/wp-content\/uploads\/2015\/04\/download-13.jpg",150,87,false]},"author_info":{"info":["Amrita Tuladhar"]},"category_info":"<a href=\"https:\/\/www.revoscience.com\/en\/category\/computer-science\/\" rel=\"category tag\">Computer Science<\/a> <a href=\"https:\/\/www.revoscience.com\/en\/category\/news\/it\/\" rel=\"category tag\">IT<\/a>","tag_info":"IT","comment_count":"0","_links":{"self":[{"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/posts\/4094","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/comments?post=4094"}],"version-history":[{"count":0,"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/posts\/4094\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/media\/4095"}],"wp:attachment":[{"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/media?parent=4094"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/categories?post=4094"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.revoscience.com\/en\/wp-json\/wp\/v2\/tags?post=4094"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}