what’s necessary to establish malware freedom unconditionally? · 06/22/2020 3 i.background v....
TRANSCRIPT
![Page 1: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/1.jpg)
What’s Necessary to Establish Malware Freedom Unconditionally?
Virgil D. Gligor
ECE and CyLabCarnegie Mellon University
Pittsburgh, PA 15213
FCS Workshop Boston
June 22, 2020
06/22/2020 1
![Page 2: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/2.jpg)
Outline
06/22/2020 2
I. Background
- adversary: persistent malware & its remote controller- malware-free state? unconditionally ?- a sufficient solution for the cWRAM model
II. What’s necessary on real systems?
- external verifiers and challenge functions challenge functions: - optimal space-time bounds (m. t)- unique (m, t) bounds for code- target claw free within (m, t) bounds
III. Q & A
![Page 3: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/3.jpg)
06/22/2020 3
I. Background
V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc. of NDSS, San Diego, CA. 2019.
(full length paper - CyLab TR 2018 -003, Nov. 2018)
V. Gligor, “A Rest Stop on the Unending Road to Provable Security”in Proc. of SPW, Cambridge University, UK, 2019 (article and transcript of discussion)
![Page 4: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/4.jpg)
06/22/2020 4
Memory2
NIC
Memory4
Disk controller
CPU4
CPU3
CPU2
Memory3
Memory0
CPU1
Memory1
CPU0Baseboardcontroller
USB controller
GPU
RAM
CPU RM
Bus System
persistent malware- survives power cycles, trusted boots, and re-flashing- under securitymonitors&anti-malwaretools- no observable (hyper)properties Don’t
Care
remote controller
![Page 5: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/5.jpg)
Adversary:persistent malware & its remote controller
06/22/2020 5
![Page 6: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/6.jpg)
06/22/2020 6
persistent malware can- extract all software secrets stored on its computer- modify all SW/FW; e.g., at system initialization- read/write all I/O channels & communicate with remote controller- adaptively modify programs and data & execute any function on chosen input
but- cannot access the processors & storage (e.g., random bits) of a connected system
remote controller can- exercise all attacks that implant persistent malware on remote system- communicate with & control persistent malware - use unbounded computation power: e.g., break all complexity-based crypto
but- cannot predict Nature’s throw of fair dice . . . or random bits of an QRNG- cannot modify a system’s HW
![Page 7: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/7.jpg)
06/22/2020 7
Malware-free states? Unconditionally?
![Page 8: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/8.jpg)
06/22/2020 8
Unconditional Establishment of RoT State
- no secrets, no trusted HW modules, no bounds on remote adversary’s power
- need only truly random bits & HW specifications
Persistent malware has no externally observable (hyper)properties
Q: How can malware-free states be established (w/o taking the system apart)?
A: RoT state (“all and only chosen content”) => malware-free stateRoT failure => detect malware execution or unaccounted content
` (e.g., malware caused), or both
![Page 9: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/9.jpg)
06/22/2020 9
v
CPU
M
Device
Initialize
ExternalVerifier
m-t optimal code
Cm,t
unique & target claw free
nonce
random bits
Cnonceß
t?
Cnonce(v)?
OK => RoT on malware-free
DeviceSpecs
General Purpose Regs
processor state R
A Sufficient Solution on the cWRAM
![Page 10: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/10.jpg)
06/22/2020 10
- Constants: w-bit word, up to 2 operands/instruction instructions execute in unit time; no cycles, frequency, voltage, current, …
MM
Overview: cWRAM ISA++
- Memory: M words- Processor registers: GPRs, PC, PSW, Special Processor Registers R- Addressing: immediate, relative, direct, indirect- Architecture features: caches, virtual memory, TLBs, pipelining, multi-core processors
- Constants: w-bit word, up to 2 operands/instruction instructions execute in unit time; no cycles, frequency, voltage, current, …
- variable shiftr/l(Ri, Rj),variable rotater/l(Ri, Rj),...- multiplication(1registeroutput)...-mod (aka., division-with-remainder) . . .
- ISA: all (un)signed integer instructions- All Loads, Stores, Register transfers- All Unconditional & Conditional Branches, all branch types
- all predicates with 1 or 2 operands- Halt - All Computation Instructions:
- addition, subtraction, logic, shiftr/l(Ri, α), rotater/l(Ri, α), . . .
- Memory: M words- Processor registers: GPRs, PC, PSW, Special Processor Registers R- Addressing: immediate, relative, direct, indirect- Architecture features: caches, virtual memory, TLBs, pipelining, multi-core processors
![Page 11: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/11.jpg)
06/22/2020 11
si = Σ rj(i+1)j (mod p)j = 0
k-1 0
i = dΣ + (si vi)�xi (mod p),
{ r0…rk-1,x } Zp
random bits
$
nonce
d = |v|-1Hr0…rk-1,x(v) =
randomized polynomial family
unique m-t optimal bounds on cWRAM code: m = k + 22, t = (6k - 4)6d
Hr0…rk-1,x(v) = Hd,k,x(v)
k-independent (almost) universal hash functions
(m’,t’) “<“ (m, t) => Pr [nonce, f,y : f(y) = Hd,k,x(v) | (m’,t’) ] ≤ 3 p
ΕΕ
target claw free within the m-t bounds
What is a nonce?Cm,t on cWRAM?
![Page 12: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/12.jpg)
06/22/2020 12
II. What’s necessary on real systems?
ExternalVerifier
executes CnonceÎ {Cm,t}on input v
challenge functionselection:
nonce
untrusted
measurement: system response
CPU-Memory Systemtrustworthy
N1
N1:existenceofexternalverifier&challengefunctionN2:findaconcretespace-timeoptimalbound:(m,t)N3:(m,t)isuniqueforprogramcodeN4:targetclawfreewithin(m,t)
N2 N3 N4
{Cm,t} satisfies:
![Page 13: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/13.jpg)
06/22/202013
ExternalObserver
proof ofmalwarefreedom ?
(un)trusted?system
nochallengefunction
Protocols for n Detectable Properties
establish => all n systems are trusted
abort => ≤ n -1 systems are untrusted
1.externalverifiers&challengefunctions
untrustedsystem 2
malwarefree?
untrustedsystem 1
system 3untrusted
Detectable Property
![Page 14: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/14.jpg)
ExternalVerifier
trustworthy
malwarefree?
challengefunction
systemresponse
trustworthy?system 1
06/22/202014
malware-free probability ≥ 1 - ε
Unconditionally DetectableByzantineAgreement
forBroadcastwithprobability 1- ε
untrustedsystem 2
system 3untrustedLegend:synchronous private channel
proof ofmalwarefreedom ?
nochallengefunction
Necessity
1.externalverifiers&challengefunctions External
Observer
(un)trusted?system
![Page 15: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/15.jpg)
Unconditionally DetectableByzantineAgreementforRationalConsensuswithprobability 1- ε
ExternalVerifier
trustworthy
malwarefree?
challengefunction
systemresponse
06/22/202015
malware-free probability ≥ 1 - ε
untrustedsystem 2
system 3untrustedLegend:synchronous private channel
proof ofmalwarefreedom ?
nochallengefunction
Necessity
1.externalverifiers&challengefunctions
(un)trusted?system
ExternalObserver
trustworthy?system 1
![Page 16: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/16.jpg)
ExternalVerifier
trustworthy
malwarefree?
challengefunction
systemresponse
06/22/202016
untrustedsystem 2
system 3untrustedLegend:synchronous private channel
proof ofmalwarefreedom ?
nochallengefunction
Necessity
1.externalverifiers&challengefunctions
TraditionalConsensuswith crashes
(un)trusted?system
trustworthy?system 1
ExternalObserver
![Page 17: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/17.jpg)
06/22/2020 17
2.find space-timebounds
ExternalVerifier
trustworthy
malwarefree
challengefunction
baselineCnonce(v)
trustedsystem/simulator
ExternalVerifier
trustworthy
malwarefree?
challengefunction
actualresult
untrustedsystem
Cnonce(v) = result & baseline = actual?
baseline measurement= minimum amount of resources used by Cnonce
to prevent malware running or hiding constconst
power time
Esys(Cnonce) measurement accuracy => a specific system initialization & choice of Cnonce
min Esys(Cnonce) => min. space-time bounds => lower (m,t) bounds = optimal (m,t) bounds
current, voltage, frequency, cc, temperature
min Esys(Cnonce) <≠ optimal (m,t) bounds
Esys(Cnonce)
37°C
![Page 18: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/18.jpg)
06/22/2020 18
2.find space-timebounds
baseline measurementmin Esys for single core CPUs [DeVogeleer, et al. 2017]
Esys,i = (Pcpu,i + Pdrop,i + Pback) · cci · (1/(f – fk) + β).
Esys(Cnonce) = Σi Esys,i = (Pcpu,i + Pback) · cci · (1/f + ε)
const
min Esys(Cnonce) => min cci & min mem size => lower (m,t) bounds = optimal (m,t) bounds
min Esys(Cnonce) <≠ optimal (m,t) bounds of Cnonce
ExternalVerifier
trustworthy
malwarefree
challengefunction
baselineCnonce(v)
trustedsystem/simulator
for specific system initialization & choice of Cnonce
0 0 const ε~mem size const
![Page 19: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/19.jpg)
06/22/2020 19
3.uniquem-tboundsforCm,t programcode
memoryspace
executiontime
Mmemm
T
time
t CM,tcode
Cmem,timecode
Cm,Tcode
memoryspace
executiontime
TCm,Tcode
input u
m +|u|
verifier requestsinitialization
c) Cm,t code identity in (m,t): Cnonce code in v => Cnonce(v) is unique in (m,t), whp.
3 space-time optimal program families CM,t
b) Cm,t = second pre-image free: u’ ≠ u => Cnonce(u’) ≠Cnonce(u), whp.
input u’
cWRAM
M +|u|
t+δtCM,tcode
δt = time to transfer M – m to/from disk
T/t > 1 + δ, 0 < δ <1; T/t >3in practice
malware performsits initialization
a) single choice: Cm,t; e.g., (M,t)
M – mon disk
![Page 20: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/20.jpg)
06/22/202020
4.targetclaw-freein(m,t)
Cnonce Î {Cm,t}
nonce
untrusted system
responser, (m,t)
persistent malware
vr
vfy
Cnonce
remoteadversaryround-trip
timeT
nonce
Cnonce(v) =rExternalVerifier
trustworthy Cnonce Î {Cm,t}inputv
fi,fj Î {F}, not arbitrary
on any system
xir
fj
xj
fi
poly time
=> hardness conjecturesand/or secrets
![Page 21: What’s Necessary to Establish Malware Freedom Unconditionally? · 06/22/2020 3 I.Background V. Gligor and M. Woo, “Establishing Software Root of Trust Unconditionally,” in Proc](https://reader035.vdocuments.us/reader035/viewer/2022063000/5f0d9b687e708231d43b30f0/html5/thumbnails/21.jpg)
06/22/2020 21
III. Q & A
1. How can we tell that the untrusted system is initialized correctly? e.g., how are asynchronous events verifiably disabled?
3. Is the energy model used realistic? Is there any advantage in using energy measurements? If so, how are the sensors protected from manipulation?
2. OK, zero false negatives cannot exist in RoT… But why are they negligible?Sure, the cWRAM model has zero false positives for RoT… How about in real systems?
4. Is this paper formal enough for a productive discussion at FCS? (Are there any formal models of security that do not require secure initial state and implicitly persistent-malware freedom?)