Heterogeneous Isolated Execution for Commodity GPUs

Jang, Insu; Tang, Adrian; Kim, Taehoon; Sethumadhavan, Simha; Huh, Jaehyuk

doi:10.1145/3297858.3304021

Cited by 76 publications

(63 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, this extension may not practical for many other use cases [94]. Therefore, we are currently investigating GPU enclave research proposals, e.g., Graviton [94] and HIX [47] which proposed hardware extensions to provide a secure environment on GPUs.…”

Section: Gpus Supportmentioning

confidence: 99%

secureTF

Quoc

Gregor

Arnautov

et al. 2020

Proceedings of the 21st International Middleware Conference

View full text Add to dashboard Cite

Section: Gpus Supportmentioning

confidence: 99%

secureTF

Quoc

Gregor

Arnautov

et al. 2020

Proceedings of the 21st International Middleware Conference

View full text Add to dashboard Cite

“…In [49] the authors suggest to modify the GPU hardware to prevent the device driver from directly accessing GPU critical internal resources. In [29] the authors propose to use a custom interface between GPU and CPU and to extend the Intel SGX technology to execute the GPU device driver in a trusted environment that a privileged attacker cannot access. MemShield mitigates Cold Boot attacks, so it assumes that privileged users are trusted (consider that a privileged user might easily get a full memory dump without a Cold Boot attack).…”

Section: Related Workmentioning

confidence: 99%

MemShield: GPU-Assisted Software Memory Encryption

Santucci¹,

Ingrassia²,

Picierro

et al. 2020

Applied Cryptography and Network Security

View full text Add to dashboard Cite

Cryptographic algorithm implementations are vulnerable to Cold Boot attacks, which consist in exploiting the persistence of RAM cells across reboots or power down cycles to read the memory contents and recover precious sensitive data. The principal defensive weapon against Cold Boot attacks is memory encryption. In this work we propose MemShield, a memory encryption framework for user space applications that exploits a GPU to safely store the master key and perform the encryption/decryption operations. We developed a prototype that is completely transparent to existing applications and does not require changes to the OS kernel. We discuss the design, the related works, the implementation, the security analysis, and the performances of MemShield.

show abstract

“…Graviton [65] provides TEEs on GPUs using cryptographically secured communication, and relying on the GPU command processor to protect memory from other concurrently active contexts. HIX [23] extends an SGX-like design with support for secure MMIO to GPUs to enable enclave access to GPUs. Neither HIX or Graviton make communication patterns with the GPU data oblivious.…”

Section: Background and Related Workmentioning

confidence: 99%

“…It is natural to wonder if the protected enclaves on CPUs can be implemented for GPUs. HIX [23] extends an SGX design with a duplicate copy of all the memory protection hardware to enable the hardware to guarantee that a single enclave has exclusive access to MMIO regions exported by a GPU. This, in principle, defeats a malicious OS that wants to interpose or create its own mappings to them.…”

Section: Isolation On the Gpumentioning

confidence: 99%

Isolation and Beyond

Hunt

Jia

Miller

et al. 2019

Proceedings of the Workshop on Hot Topics in Operating Systems

View full text Add to dashboard Cite

System security has historically relied on hardware-provided isolation primitives. However, Meltdown [36] and Spectre [30] demonstrate that basic user/kernel isolation could be bypassed in every widely deployed ISA for decades; they are a caution to system designers who accept hardware isolation guarantees as an article of faith. Hardware isolation is fallible and should be considered fallible by software systems. We argue that future systems should broaden their view to adopt techniques that compensate for weaknesses in hardware isolation and should secure and optimize the communication among isolated components. Changing algorithms to be data oblivious, so that their externally observable behavior is independent of their (secret) input data is one such technique. Securing communication requires that the timing and size of messages be independent of secret data, but how best to achieve that independence so as to limit performance and energy overheads will vary from application to application. * CCS Concepts• Security and privacy → Systems security; Operating systems security;

show abstract

Heterogeneous Isolated Execution for Commodity GPUs

Cited by 76 publications

References 23 publications

secureTF

secureTF

MemShield: GPU-Assisted Software Memory Encryption

Isolation and Beyond

Contact Info

Product

Resources

About