[Colloquium] Sotiri Komissopoulos/MS Presentation - May 30, 2017
Borja Sotomayor via Colloquium
colloquium at mailman.cs.uchicago.edu
Tue May 16 19:12:50 CDT 2017
This is an announcement of Sotiri Komissopoulos’s MS Presentation.
===========================
Department of Computer Science
The University of Chicago
Date: Tuesday, May 30, 2017
Time: 4:00pm
Location: Young 302 (5555 S. Ellis Avenue)
Bx/MS Candidate: Sotiri Komissopoulos
MS Advisor: Ari Feldman
MS Paper Title: Autonomous Components Made Easy (ACME)
Abstract:
Many large-scale security breaches, including Heartbleed, are avoidable if sensitive data, such as a private key, is kept secure from misuse due to subversion of privileged software and hardware on the machine. One way to secure sensitive data in this way is to implement a policy that ensures the data is handled in a way prescribed at setup, i.e. by encrypting a private key and only decrypting it when it will be used to sign something. We formalize the notion of an autonomous component (AC), a pair (code, data) that, if allowed to run, implements a policy that cannot be subverted even by the owner of or privileged software on any machine involved in its execution.
Protecting data and computations in this way has been accomplished in the past by using Trusted Execution Environments (TEEs) in Hardware Security Modules (HSMs). Unfortunately, HSMs are not widely deployed and are hard to use, so it is difficult for most people to take advantage of ACs and their security properties. Intel’s Software Guard Extensions (SGX) solves part of this issue by providing a widely deployed method with which to create TEEs, but writing secure code for SGX can be difficult for unacquainted users. To help address this problem, we introduce ACME, a framework consisting of a scripting language and a language parser that helps users create ACs using SGX. ACME is built to be easy to use, expressive, and to have a small TCB (often just an SGX processor and code produced by the verifiable language parser). ACME supports for the creation of ACs for a number of common operations, including encrypting data locally or remotely or signing messages under a given private key, after certain users have been authenticated and/or at some relative or absolute time. These ACs can help ensure private keys are never accessible unencrypted or keep data protected by a weak password from ``smash and grab” attacks. To support the creation of ACs that require a notion of time, we also introduce a novel protocol, sgx_get_absolute_time, that leverages the Ethereum cryptocurrency’s blockchain to provide enclaves with an accurate absolute time. Finally, we present several questions for evaluating ACME as future work once the implementation is complete.
A draft copy of Sotiri’s MS paper will be available soon.
--
Borja Sotomayor
Senior Lecturer, Department of Computer Science
Associate Director for Academics, Masters Program in Computer Science
University of Chicago
http://csmasters.uchicago.edu/
http://people.cs.uchicago.edu/~borja/
More information about the Colloquium
mailing list