Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Implementing an Untrusted Operating System on Trusted Hardware David Lie Chandramohan A. Thekkath Mark Horowitz University of Toronto, Microsoft Research,

Published bySawyer Dorcey Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Implementing an Untrusted Operating System on Trusted Hardware David Lie Chandramohan A. Thekkath Mark Horowitz University of Toronto, Microsoft Research,"— Presentation transcript:

1 1 Implementing an Untrusted Operating System on Trusted Hardware David Lie Chandramohan A. Thekkath Mark Horowitz University of Toronto, Microsoft Research, and Stanford University

2 2 Implementing an Untrusted Operating System on Trusted HardwareDavid Lie SOSP 2003 Protection in Systems: Hardware Approach Many platforms exist where trust is placed in hardware: –Trust Computing Platform Alliance (TCPA) –Microsoft’s Palladium (NGSCB) –Intel LaGrande Architecture Advantages of hardware approach –Better tamper-resistance –Less dependent on OS correctness for security Trust in hardware means less trust (or no) in OS –We need to rethink operating system design

3 3 Implementing an Untrusted Operating System on Trusted HardwareDavid Lie SOSP 2003 Rethinking the Role of the OS A traditional OS performs both resource management and protection for applications –But now applications and OS are mutually suspicious –But applications don’t trust OS to access their code and data –OS must be able to interrupt applications Use XOM (eXecute Only Memory) as an example platform –New operating system is called XOMOS XOMOS is UNIX-like, port of IRIX 6.5 –Should support most standard UNIX applications

4 4 Implementing an Untrusted Operating System on Trusted HardwareDavid Lie SOSP 2003 XOM Hardware Architecture XOM is implemented as a set of ISA extensions XOM Processor implements compartments for protection –Each compartment has a unique XOM ID –Architectural tags to control access to data on-chip –Cryptographic mechanisms protect data off-chip XOM Processor executes encrypted code –Combination of asymmetric/symmetric ciphers –Private key embedded on-chip hardware

5 5 Implementing an Untrusted Operating System on Trusted HardwareDavid Lie SOSP 2003 Entering Secure Execution Applications Enter and Exit secure execution via instructions Encrypted Symmetric Key Encrypted Code (sym) Executable Code Symmetric Decryption Module XOM Processor Main Memory Unencrypted Code Enter XOMExit XOM Private Key XOM Key Table Asymmetric Decryption Module Currently executing XOM ID and Key

6 6 Implementing an Untrusted Operating System on Trusted HardwareDavid Lie SOSP 2003 Implementing Compartments XOM Processor OS ???Data Register 3 Program TagData Register 1 TagData Register 3 Program TagData Register 1 Problem: How does OS save registers during a trap or interrupt? ! TagData Register 3 Program TagData Register 1 !

7 7 Implementing an Untrusted Operating System on Trusted HardwareDavid Lie SOSP 2003 XOMOS Overview Implement XOM CPU in SimOS hardware simulator –MIPS-based architecture with XOM ISA extensions Ported the IRIX 6.5 Operating System to run on XOM processor Main areas that need modification: –Resource management of secure data Saving Registers on Interrupt, Memory Management –Need support for XOM Key Table Loading/Unloading, Management –Compatibility with original system Fork, Signal Handling, Shared Libraries/System Calls

8 8 Implementing an Untrusted Operating System on Trusted HardwareDavid Lie SOSP 2003 Saving Registers OS uses save register instruction DataTag OS XOM ID Look up program key based on Tag XOM Key Table Encrypt Data Data Store encrypted data and hash to memory Hash Enlarge the exception frame to store hash and XOM ID

9 9 Implementing an Untrusted Operating System on Trusted HardwareDavid Lie SOSP 2003 Protecting and Managing Memory Applications use secure store instruction DataTag RegistersCaches Memory DataTag Secure Store: Tag is copied from register to cache XOM Key Table Writeback: Look up Tag, Encrypt and Hash Data Hash Relocate data and hashes together

10 10 Implementing an Untrusted Operating System on Trusted HardwareDavid Lie SOSP 2003 An OS Fork must be differentiated from a Replay Attack –Replay Attack: OS duplicates registers and replays them –Fork: OS must duplicate register set and restore them Revoke and regenerate register keys on every interrupt This hardware defense breaks traditional fork code Replay Attacks and Fork Reg B Reg A OS saves registers Reg A Replay register value Time 1 Time 2 (Same Register) Reg A OS restores registers

11 11 Implementing an Untrusted Operating System on Trusted HardwareDavid Lie SOSP 2003 Naïve Fork Implementation Parent and Child are exactly the same, have the same XOM ID Problem: Both threads use the same register key XOM Processor Process Parent Register Key ! ChildParent Fork

12 12 Implementing an Untrusted Operating System on Trusted HardwareDavid Lie SOSP 2003 Fork Solution OS must allocate a new XOM ID for child process –Child has a separate XOM ID and register key Process XOM ID Process Pre-fork: Allocate a new XOM Key Table Entry XOM ID Child Parent Fork: Child uses one XOM ID, the Parent uses other XOM ID

13 13 Implementing an Untrusted Operating System on Trusted HardwareDavid Lie SOSP 2003 XOM Performance Simulation The SimOS Simulator: –Performance modeling processor, caches, memory and disk Simulation Parameters –Memory latency increases 10% due to encryption Based on AES (Rijndael) cipher implementation –Public key decryption: 400,000 cycles Once per process creation

14 14 Implementing an Untrusted Operating System on Trusted HardwareDavid Lie SOSP 2003 Operating System Overhead OS overhead due to poor cache behavior: –More cache misses due to bigger code/data footprint –Should check to see if OS needs to do extra work Work is only needed if application is in compartment Total CyclesCache Misses IRIXXOMOVIRIXXOMOV System Call5.7K6.3K11%4.25.633% Signal Handling31K40K27%38.448.326% Fork138K126K-9%103510582%

15 15 Implementing an Untrusted Operating System on Trusted HardwareDavid Lie SOSP 2003 End-to-end Application Overhead Applications use Enter/Exit XOM to execute sections securely –How large to make secure sections? –Executing in compartment has memory access overhead –Entering/leaving compartment can cause cache misses Different compartment sizes: granularities –3 levels: Coarse, Fine, Super-Fine –Applications are MPEG Decode and RSA Encryption

16 16 Implementing an Untrusted Operating System on Trusted HardwareDavid Lie SOSP 2003 Application Overhead Turns out that granularity has little impact on performance overhead! Overheads for most applications turn out to be less than 5% –If cache behavior is similar Coarse application has smallest effect on cache behavior

17 17 Implementing an Untrusted Operating System on Trusted HardwareDavid Lie SOSP 2003 Conclusions Possible to construct an Untrusted Operating System –Modest modifications Port required 1900 lines of low level code –Modifications limited to low level interface to the hardware Able to support most traditional OS mechanisms Performance hit is modest (< 5%) –Can run applications completely inside compartment As long as cache behavior is unaffected –This is because of hardware acceleration

Download ppt "1 Implementing an Untrusted Operating System on Trusted Hardware David Lie Chandramohan A. Thekkath Mark Horowitz University of Toronto, Microsoft Research,"

Similar presentations

Operating Systems Components of OS

Operating Systems Components of OS
More on Processes Chapter 3. Process image _the physical representation of a process in the OS _an address space consisting of code, data and stack segments.

More on Processes Chapter 3. Process image _the physical representation of a process in the OS _an address space consisting of code, data and stack segments.
Overcoming an UNTRUSTED COMPUTING BASE: Detecting and Removing Malicious Hardware Automatically Matthew Hicks Murph Finnicum Samuel T. King University.

Overcoming an UNTRUSTED COMPUTING BASE: Detecting and Removing Malicious Hardware Automatically Matthew Hicks Murph Finnicum Samuel T. King University.
CPU Review and Programming Models CT101 – Computing Systems.

CPU Review and Programming Models CT101 – Computing Systems.
Using Instruction Block Signatures to Counter Code Injection Attacks Milena Milenković, Aleksandar Milenković, Emil Jovanov The University of Alabama in.

Using Instruction Block Signatures to Counter Code Injection Attacks Milena Milenković, Aleksandar Milenković, Emil Jovanov The University of Alabama in.
TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.

TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.
Secure In-VM Monitoring Using Hardware Virtualization Monirul Sharif, Wenke Lee, Weidong Cui, and Andrea Lanzi Presented by Tyler Bletsch.

Secure In-VM Monitoring Using Hardware Virtualization Monirul Sharif, Wenke Lee, Weidong Cui, and Andrea Lanzi Presented by Tyler Bletsch.
1 Specifying and Verifying Hardware Support for Copy and Tamper-Resistant Software David Lie, John Mitchell, Chandramohan Thekkath and Mark Horowitz Computer.

1 Specifying and Verifying Hardware Support for Copy and Tamper-Resistant Software David Lie, John Mitchell, Chandramohan Thekkath and Mark Horowitz Computer.
1 Architectural Support for Copy and Tamper- Resistant Software David Lie Computer Systems Laboratory Stanford University.

1 Architectural Support for Copy and Tamper- Resistant Software David Lie Computer Systems Laboratory Stanford University.
Implementing an Untrusted Operating System on Trusted Hardware.

Implementing an Untrusted Operating System on Trusted Hardware.
Architectures for Secure Processing Matt DeVuyst.

Architectures for Secure Processing Matt DeVuyst.
Presented By Srinivas Sundaravaradan. MACH µ-Kernel system based on message passing Over 5000 cycles to transfer a short message Buffering IPC L3 Similar.

Presented By Srinivas Sundaravaradan. MACH µ-Kernel system based on message passing Over 5000 cycles to transfer a short message Buffering IPC L3 Similar.
Architectural Support for Operating Systems. Announcements Most office hours are finalized Assignments up every Wednesday, due next week CS 415 section.

Architectural Support for Operating Systems. Announcements Most office hours are finalized Assignments up every Wednesday, due next week CS 415 section.
Introduction to Kernel

Introduction to Kernel
Advanced OS Chapter 3p2 Sections 3.4 / 3.5. Interrupts These enable software to respond to signals from hardware. The set of instructions to be executed.

Advanced OS Chapter 3p2 Sections 3.4 / 3.5. Interrupts These enable software to respond to signals from hardware. The set of instructions to be executed.
Virtual Memory and Paging J. Nelson Amaral. Large Data Sets Size of address space: – 32-bit machines: 2 32 = 4 GB – 64-bit machines: 2 64 = a huge number.

Virtual Memory and Paging J. Nelson Amaral. Large Data Sets Size of address space: – 32-bit machines: 2 32 = 4 GB – 64-bit machines: 2 64 = a huge number.
Architectural Support for Copy and Tamper Resistant Software David Lie, Chandu Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell and Mark.

Architectural Support for Copy and Tamper Resistant Software David Lie, Chandu Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell and Mark.
Secure Embedded Processing through Hardware-assisted Run-time Monitoring Zubin Kumar.

Secure Embedded Processing through Hardware-assisted Run-time Monitoring Zubin Kumar.
Protection and the Kernel: Mode, Space, and Context.

Protection and the Kernel: Mode, Space, and Context.
Review of Memory Management, Virtual Memory CS448.

Review of Memory Management, Virtual Memory CS448.

Similar presentations

Ads by Google