Research project with Jeremy Erickson. We designed and built a cryptographic library using Intel Software Guard Extensions (SGX) to provide security gaurantees for services and applications deployed on SGX enabled Intel hardware in untrusted virtual cloud environments. Our cryptographic library is compild as a shared object and can be dynamically linked with any Linux C/C++ application. Jalapeno performs security critical operations, such as key generation, key storage, encryption and decryption, in an SGX enclave. Jalapeno is currently targeted at supporting TLS opperations and includes the following operations: 256-bit elliptic curve key generation, TLS pre-master (using ECDHE to provide perfect forward secrecy)and master secret generation, generation of TLS session keys, and AES128-GCM encryption/decryption functions. We are currently expanding Jalapeno's capabilities and plan to publically release it soon. We demonstrate that using Jalapeno with security critical applications, like Apache or NGINX, in virtualized cloud environments can prevent attack vectors we previsouly explored in our project "Subverting the Linux RNG via the Xen Hypervisor" below.
Cyber-physical systems depend on sensors to make automated decisions. Resonant acoustic injection attacks are already known to cause malfunctions by disabling MEMS-based gyroscopes. However, an open question remains on how to move beyond denial of service attacks to achieve full adversarial control of sensor outputs. Our work investigates how analog acoustic injection attacks can damage the digital integrity of a popular type of sensor: the capacitive MEMS accelerometer. Spoofing such sensors with intentional acoustic interference enables an out-of-spec pathway for attackers to deliver chosen digital values to microprocessors and embedded systems that blindly trust the unvalidated integrity of sensor outputs. Our contributions include (1) modeling the physics of malicious acoustic interference on MEMS
accelerometers, (2) discovering the circuit-level security flaws that cause the vulnerabilities by measuring acoustic injection attacks on MEMS accelerometers as well as systems that employ on these sensors, and (3) two software-only defenses that mitigate many of the risks to the integrity of MEMS accelerometer outputs.
We characterize two classes of acoustic injection attacks with increasing levels of adversarial control: output biasing and output control. We test these attacks against 20 models of capacitive MEMS accelerometers from 5 different manufacturers. Our experiments find that 75% are vulnerable to output biasing, and 65% are vulnerable to output control. To illustrate end-to-end implications, we show how to inject fake steps into a Fitbit with a $5 speaker. In our self-stimulating attack, we play a malicious music file from a smartphone's speaker to control the on-board MEMS accelerometer trusted by a local app to pilot a toy RC car. In addition to offering hardware design suggestions to eliminate the root causes of insecure amplification and filtering, we introduce two low-cost software defenses that mitigate output biasing attacks: randomized sampling and 180o out-of-phase sampling. These software-only approaches mitigate attacks by exploiting the periodic and predictable nature of the malicious acoustic interference signal. Our results call into question the wisdom of allowing microprocessors and embedded systems to blindly trust that hardware abstractions alone will ensure the integrity of sensor outputs.
Course project with Jeremy Erickson and Andrew Quinn. Built attacks to programmatically control the output of /dev/random and /dev/urandom, as well as the generation of private keys for Diffie-Hellman key exchanges in Apache2/OpenSSL from the hypervisor, without modification to the Virtual Machine. Explored artifacts of these attacks and proposed detection methods to combat use in the wild.
Course project with Jeremy Erickson and Ofir Weisse. We designed an alternative to Split TLS, demonstrated on top of the QUIC protocol, that uses the mechanism of leaking the session key in real-time to the network gateway to allow network traffic introspection while maintaining end-to-end encryption between the client and server.
As a new Ph.D. student working with Kevin Fu I had a simple task: spend a month reimplementing a recent published security paper. The idea was to learn how to do computer security research, and to pick up new technical knowledge and skills. I chose to reimplement Rocking Drones, an interesting acoustic side channel attack against MEMS gyroscope sensors that uses intentional acoustic interference to disrupt gyroscopes sensors on board drones, effectively causing them to crash.