Organizer: Alexandra Weber, MAIS; TU Darmstadt
Modern computing systems make extensive use of optimizations, both in hardware and in software. This creates plenty of opportunity to leak sensitive information via side-channels. Of particular interest are side-channels that can be purely exploited by running a piece of software on the targeted machine. Even highly restricted execution environments like the Intel Software Guard Extensions (SGX) are prone to side-channel attacks. We demonstrate the first fine-grained software-based side-channel attacks running within a malicious SGX enclave targeting co-located enclaves. Our attack is the first malware running on real SGX hardware, abusing SGX protection features to conceal itself. We perform a Prime+Probe cache side-channel attack and extract 96% of an RSA private key from a single trace and the full RSA private key from 11 traces. The attack works although in SGX enclaves there are no timers, no large pages, no physical addresses, and no shared memory, which were required in previous attacks.
While cryptographic algorithms could be secured against software-based side-channel attacks using constant-time implementations, these mitigations are often incomplete or missing in practice. In order to identify information leaks in program binaries we develop a fast differential address trace analysis framework. This accounts for all attacks exploiting address-based information leakage such as cache attacks, DRAM attacks, branch prediction attacks, or controlled channel attacks. We demonstrate its effectiveness by analyzing popular OpenSSL algorithms in a fully automated way. Among several expected leaks in symmetric ciphers (AES, Blowfish, Camellia, CAST, 3-DES, ARC4), we also reveal known and previously unknown leaks in asymmetric primitives (RSA, DSA) and identify erroneous bug fixes of supposedly resolved constant-time vulnerabilities.
Key stroke timing can carry sensitive information about entered passwords and PIN codes. We present two novel side-channel attacks that recover keystroke timing from interrupt information. As key strokes (and interrupts) disrupt normal code execution, they violate all constant-time mitigation paradigms. Previously proposed countermeasures fail to prevent keystroke timing attacks as they do not consider the entire software stack. We close this gap with KeyDrown, a new defense mechanism that injects a large number of fake keystrokes in order to hide real keystrokes. Moreover, all keystrokes, including fake keystrokes, are carefully propagated through the entire software stack to impede attacks on all layers.