|
Size: 329
Comment:
|
← Revision 8 as of 2017-02-03 09:52:19 ⇥
Size: 2024
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| #acl UserGroup:read,write,revert All:read = Implementations of automated Masking = * Andrew Moss, Elisabeth Oswald, Dan Page, and Michael Tunstall. '''Compiler Assisted M''''''asking'''. In Emmanuel Prouff and Patrick Schaumont, editors, CHES, volume 7428 of LNCS, pages 58–75. Springer, 2012 * G. Agosta, A. Barenghi, M. Maggi and G. Pelosi, "'''Compiler-based side channel ''''''vulnerability analysis and optimized countermeasures application'''" Design Automation Conference (DAC), 2013 50th ACM/EDAC/IEEE, Austin, TX, 2013, p. 1-6. |
|
| Line 3: | Line 10: |
| * LLVM obfuscator * |
* Obfuscator-LLVM: * Bogus Control Flow (https://github.com/obfuscator-llvm/obfuscator/wiki/Bogus-Control-Flow) Average overhead performance ➡ 28 % * Control Flow Flattening (https://github.com/obfuscator-llvm/obfuscator/wiki/Control-Flow-Flattening) Average overhead performance ➡ 860 % * Instruction Substitution (https://github.com/obfuscator-llvm/obfuscator/wiki/Instructions-Substitution) Average overhead performance ➡ 13.5 % * A commercial version of this project with more features is available at https://strong.codes/ |
| Line 8: | Line 18: |
| Line 9: | Line 20: |
| * attack on the branch predictor.<<BR>>(in French, has links) https://interstices.info/jcms/c_25753/une-faille-de-securite-dans-les-processeurs * attack on the Dcache (need ref) |
|
| Line 10: | Line 23: |
| * buffer overflow, canari, ASLR, CFI | * buffer overflow, canari, ASLR, CFI * Canaries with Clang: -fstack-protector, -fstack-protector-strong, -fstack-protector-all * ASLR with Clang: -fpie -pie * Safe stack with Clang: -fsanitize=safe-stack. More information : http://dslab.epfl.ch/proj/cpi/ (research prototype) * CFI with Clang: -fsanitize=cfi. More information : http://clang.llvm.org/docs/ControlFlowIntegrity.html * Global Offset Table (GOT) Protection with Clang: -Wl,-z,now -Wl,-z,relro |
Implementations of automated Masking
Andrew Moss, Elisabeth Oswald, Dan Page, and Michael Tunstall. Compiler Assisted Masking. In Emmanuel Prouff and Patrick Schaumont, editors, CHES, volume 7428 of LNCS, pages 58–75. Springer, 2012
G. Agosta, A. Barenghi, M. Maggi and G. Pelosi, "Compiler-based side channel vulnerability analysis and optimized countermeasures application" Design Automation Conference (DAC), 2013 50th ACM/EDAC/IEEE, Austin, TX, 2013, p. 1-6.
Obfuscation
PhD thesis of Stéphanie Riaud (in French): http://dumas.ccsd.cnrs.fr/dumas-00636793/document
- Obfuscator-LLVM:
Bogus Control Flow (https://github.com/obfuscator-llvm/obfuscator/wiki/Bogus-Control-Flow) Average overhead performance ➡ 28 %
Control Flow Flattening (https://github.com/obfuscator-llvm/obfuscator/wiki/Control-Flow-Flattening) Average overhead performance ➡ 860 %
Instruction Substitution (https://github.com/obfuscator-llvm/obfuscator/wiki/Instructions-Substitution) Average overhead performance ➡ 13.5 %
A commercial version of this project with more features is available at https://strong.codes/
Model of attacker
In the case of cyber attacks
- Attacker can run programs on the same machine
attack on the branch predictor.
(in French, has links) https://interstices.info/jcms/c_25753/une-faille-de-securite-dans-les-processeurs- attack on the Dcache (need ref)
- Attacker interacts with remote machine
- buffer overflow, canari, ASLR, CFI
- Canaries with Clang: -fstack-protector, -fstack-protector-strong, -fstack-protector-all
- ASLR with Clang: -fpie -pie
Safe stack with Clang: -fsanitize=safe-stack. More information : http://dslab.epfl.ch/proj/cpi/ (research prototype)
CFI with Clang: -fsanitize=cfi. More information : http://clang.llvm.org/docs/ControlFlowIntegrity.html
- Global Offset Table (GOT) Protection with Clang: -Wl,-z,now -Wl,-z,relro