WashU Bear Shell Daily

This post introduces a power side-channel attack on FPGAs and cloud computing. Field Programmable Gate Arrays (FPGAs) have been widely adopted as hardware accelerators, as it allows end users to customize their own integrated circuits for specific tasks. Cloud computing vendors such as Amazon lease FPGAs to customers, since FPGAs can be virtualized and shared among users. This results in the fact that circuits belonging to multiple users may co-resides on one physical FPGA, which makes side-channel attacks possible. However, even if circuits from different users co-resides on the same FPGA board, they are physically partitioned with a “fence” made of unused configurable logic blocks. This prohibits one malicious user to directly steal secrets from victim’s circuit on the same FPGA. A noticeable observation is, a common power supply is shared with all circuits on the same FPGA.   The activities of one single circuit will be reflected in the voltage from the power supply and c...

With the widespread use of computers and embedded systems in our personal and professional lives, a high degree of security is necessitated in the digital world. New cryptographic methods as well as improved security measures are continually being developed and improved in order to ensure data is safe and secure from attacks. However, even with these technologies, new attacks continue to emerge at an alarming rate [1]. While software security continues to evolve, the implementation of software itself in computing systems can prove to be a source for sensitive information leakage. Leakages of this nature can evolve in a number of different ways, but usually involve the workings of the hardware behind a system itself. Attacks exploiting this are known as information side-channel attacks.  The potential attacks emanating from these kinds of leakages are far ranging, and can vary drastically from system to system. One particular attack vector involves the use of the acoustic output...

By Elaine Cole and Jarek Millburg An information side channel can be used to gain information about the system or data that it processes. A side-channel attack identifies a physical or micro-architectural signal that leaks such desired information and monitors and analyzes that signal as the system operates. While there are many different types of information side channels and even more ways to maliciously exploit them, this blog explores a recent publication that leverages information side channels within IoT devices to aid crime scene investigators in real-time. In this blog, we provide an overview of the general attack procedure, and explore two of the many forms of side channel attacks. Side Channel Attack General Procedure While there are many different forms of side channels, at a high level, a side channel attack requires the following: 1. identify a side channel:  The attacker must first identify  a physical or micro-architectural signal that leaks...

Design and implementation of a hardware assisted security architecture for software integrity monitoring  In addition to the current’s actions of protecting system’s security, the author propose to design a new architecture that can perform integrity checks securely on any softwares that run on this architecture. Current Issues: With the fast developing of technology, systems are getting more and more complex. We all know that hardware platforms support the execution of multiple software components and nowadays, most of those hardware platforms have x86 processors and PCI Express bus as interconnections. Hardware platform is configured in the mainboard, BIOS (Basic Input/Output System), and after configuration, BIOS hands it over to either the kernel of the operating system or the virtual machines manager. All those components are pretty complex and hence, they are easy to be exploited and corrupted. Once the system is corrupted, the resul...