| 基于原子混淆的通用侧信道漏洞修补方法 |
| |
| 引用本文: | 邹德清,张盼,刘伟,陈维杰,陆弈帆. 基于原子混淆的通用侧信道漏洞修补方法[J]. 网络与信息安全学报, 2022, 8(2): 100-111. DOI: 10.11959/j.issn.2096-109x.2022014 |
| |
| 作者姓名: | 邹德清 张盼 刘伟 陈维杰 陆弈帆 |
| |
| 作者单位: | 1. 大数据技术与系统国家地方联合工程研究中心,湖北 武汉 430074;2. 服务计算技术与系统教育部重点实验室,湖北 武汉 430074;3. 大数据安全湖北省工程研究中心,湖北 武汉 430074;4. 华中科技大学网络空间安全学院,湖北 武汉 430074;5. 北京京航计算通讯研究所,100089 北京 |
| |
| 基金项目: | 国家自然科学基金(62172168) |
| |
| 摘 要: | 包含侧信道漏洞的代码在程序被执行时会表现出与输入有关的非功能性行为,攻击者利用微架构的侧信道攻击可获取这些行为,并通过分析行为与输入之间的关联模式恢复应用数据内容,达到窃取用户机密数据的目的。软件层的侧信道漏洞修补方法带给程序的性能损耗较低,并且因为无须修改硬件或系统,可实现快速修补和大范围部署,成为密码算法实现采用的主流策略。现有修补方案与程序的具体实现深度绑定,需要人工介入,存在实现难度大、不通用的问题。针对以上问题,提出了一种结合动态混淆技术和硬件原子事务特性的通用侧信道漏洞修补方法。所提方法向侧信道漏洞代码中插入动态混淆访存操作,以达到隐藏真实访存地址的目的,并将漏洞代码和混淆访存封装为硬件原子事务,保障被封装的代码在运行时连续执行而不被中断,避免攻击者利用细粒度的侧信道攻击区分真实的访存操作和混淆的访存操作。基于LLVM编译器实现了原型系统SC-Patcher,引入了包括安全跳板和原子事务聚合等在内的多种设计,提高了方法的安全性和实用性。安全与性能测试结果表明,使用所提方法完成侧信道漏洞修补的程序,在几乎未增加额外性能开销的同时,能够有效抵抗侧信道攻击,防范攻击者从漏洞处还原...
|
| 关 键 词: | 侧信道防御 漏洞修补 原子事务 混淆执行 |
Universal patching method for side-channel vulnerabilities based on atomic obfuscation |
| |
| Deqing ZOU,Pan ZHANG,Wei LIU,Weijie CHEN,Yifan LU. Universal patching method for side-channel vulnerabilities based on atomic obfuscation[J]. Chinese Journal of Network and Information Security, 2022, 8(2): 100-111. DOI: 10.11959/j.issn.2096-109x.2022014 |
| |
| Authors: | Deqing ZOU Pan ZHANG Wei LIU Weijie CHEN Yifan LU |
| |
| Affiliation: | 1. National Engineering Research Center for Big Data Technology and System, Wuhan 430074, China;2. Services Computing Technology and System Lab, Wuhan 430074, China;3. Hubei Engineering Research Center on Big Data Security, School of Cyber Science and Engineering, Wuhan 430074, China;4. Huazhong University of Science and Technology, Wuhan 430074, China;5. Beijing Jinghang Research Institute of Computing and Communication, Beijing 100089, China |
| |
| Abstract: | Executing code containing side-channel vulnerabilities exhibits different non-functional behaviors related to inputs.Attackers can obtain these behaviors by leveraging micro architecture side-channel attacks and then analyze the pattern between the behaviors and the inputs to access sensitive data.Vulnerability repairing at the software layer brings low overheads to a program’s execution.Besides, it does not require modifying hardware or system, which enables fast patching and widespread deployment.It becomes the mainstream strategy applied to the current cryptographic implementations.However, existing solutions are deeply bound to the program’s implementation and requires manual intervention.This brings challenge to implement and is not versatile enough.A general patching method was proposed for side-channel vulnerabilities that combined dynamic obfuscated execution with hardware atomic transaction.To hide the real accesses of the side-channel vulnerabilities of a program, the proposed method inserted dynamic confusing accesses into the vulnerabilities.To avoid an attacker using fine-grained side-channel attack to distinguish the real access and the confusing access, both of them were encapsulated as transactions and they were guaranteed to be uninterrupted during the running period.In addition, a prototype system called SC-Patcher was implemented based on the LLVM compiler.Various optimization strategies were supported, including secure springboard and transaction aggregation, to further improve system security and performance.Experimental results show that the proposed method makes it impossible for an attacker to restore accurate sensitive data through side-channel attack, and it also brings almost no additional performance overhead to the program. |
| |
| Keywords: | side-channel defense vulnerability repair atomic transaction obfuscated execution |
|
| 点击此处可从《网络与信息安全学报》浏览原始摘要信息 |
|
点击此处可从《网络与信息安全学报》下载免费的PDF全文 |
|
