Qiang Yan, Jin Han, Yingjiu Li, R. Deng, Tieyan Li
{"title":"多核平台上基于软件的信任根原语","authors":"Qiang Yan, Jin Han, Yingjiu Li, R. Deng, Tieyan Li","doi":"10.1145/1966913.1966957","DOIUrl":null,"url":null,"abstract":"Software-based root-of-trust has been proposed to overcome the disadvantage of hardware-based root-of-trust, which is the high cost in deployment and upgrade (when vulnerabilities are discovered). However, prior research on software-based root-of-trust only focuses on uniprocessor platforms. The essential security properties of such software-based root-of-trust, as analyzed and demonstrated in our paper, can be violated on multicore platforms. Since multicore processors are becoming increasingly popular, it is imperative to explore the feasibility of software-based root-of-trust on them.\n In this paper, we analyze the challenges of designing software-based root-of-trust on multicore platforms and present two practical attacks that utilize the parallel computing capability to break the existing schemes. We then propose a timing-based primitive, called MT-SRoT, as the first step towards software-based root-of-trust on multicore platforms. MT-SRoT is able to ensure untam-pered execution of a critical security task, such as remote software attestation, on homogeneous shared-memory multicore platforms without the support of tamper-resistant hardware. We implement MT-SRoT and show its effectiveness on both Intel dual-core and quad-core processors.","PeriodicalId":72308,"journal":{"name":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2011-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":"{\"title\":\"A software-based root-of-trust primitive on multicore platforms\",\"authors\":\"Qiang Yan, Jin Han, Yingjiu Li, R. Deng, Tieyan Li\",\"doi\":\"10.1145/1966913.1966957\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Software-based root-of-trust has been proposed to overcome the disadvantage of hardware-based root-of-trust, which is the high cost in deployment and upgrade (when vulnerabilities are discovered). However, prior research on software-based root-of-trust only focuses on uniprocessor platforms. The essential security properties of such software-based root-of-trust, as analyzed and demonstrated in our paper, can be violated on multicore platforms. Since multicore processors are becoming increasingly popular, it is imperative to explore the feasibility of software-based root-of-trust on them.\\n In this paper, we analyze the challenges of designing software-based root-of-trust on multicore platforms and present two practical attacks that utilize the parallel computing capability to break the existing schemes. We then propose a timing-based primitive, called MT-SRoT, as the first step towards software-based root-of-trust on multicore platforms. MT-SRoT is able to ensure untam-pered execution of a critical security task, such as remote software attestation, on homogeneous shared-memory multicore platforms without the support of tamper-resistant hardware. We implement MT-SRoT and show its effectiveness on both Intel dual-core and quad-core processors.\",\"PeriodicalId\":72308,\"journal\":{\"name\":\"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-03-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"18\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1966913.1966957\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1966913.1966957","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A software-based root-of-trust primitive on multicore platforms
Software-based root-of-trust has been proposed to overcome the disadvantage of hardware-based root-of-trust, which is the high cost in deployment and upgrade (when vulnerabilities are discovered). However, prior research on software-based root-of-trust only focuses on uniprocessor platforms. The essential security properties of such software-based root-of-trust, as analyzed and demonstrated in our paper, can be violated on multicore platforms. Since multicore processors are becoming increasingly popular, it is imperative to explore the feasibility of software-based root-of-trust on them.
In this paper, we analyze the challenges of designing software-based root-of-trust on multicore platforms and present two practical attacks that utilize the parallel computing capability to break the existing schemes. We then propose a timing-based primitive, called MT-SRoT, as the first step towards software-based root-of-trust on multicore platforms. MT-SRoT is able to ensure untam-pered execution of a critical security task, such as remote software attestation, on homogeneous shared-memory multicore platforms without the support of tamper-resistant hardware. We implement MT-SRoT and show its effectiveness on both Intel dual-core and quad-core processors.