BIND: A FINE-GRAINED ATTESTATION SERVICE FOR SECURE DISTRIBUTED SYSTEMS Presented by: Maryam Alipour-Aghdam University of Guelph
Feb 23, 2016
BIND: A FINE-GRAINED ATTESTATION SERVICE FOR
SECURE DISTRIBUTED SYSTEMS
Presented by:Maryam Alipour-AghdamUniversity of Guelph
2
OVERVIEW Motivation BIND Overview BIND Interface BIND Properties Application of BIND
3
OVERVIEW Motivation BIND Overview BIND Interface BIND Properties Application of BIND
4
MOTIVATION To securing distributed systems To address issues such as:
difficulty in verification of hash due to variability in software verification and configuration
to address the time of use and the time of
discrepancy the code may be correct at the attestation time and
compromised at the use time.
5
OVERVIEW Motivation BIND Overview BIND Interface BIND Properties Application of BIND
6
BIND OVERVIEW
Security issue Byzantine attack: A remote software platform may
be compromised and run malicious code.
The purpose of using code attestation identify what software is running on a remote
platform
detect a corrupted participant
7
BIND OVERVIEW BIND Proposed Properties
perform fine-grained attestation BIND attests only the piece of code instead of entire
memory content
narrows the gap between time-of-attestation and
time-of-use measures a piece of code immediately before it executed
use a sand boxing mechanism to protect the execution of
attested code
ties the code attestation with the data that the
code produces
8
BIND OVERVIEW Distributed system model:
Process
Data
Intermediary
9
BIND OVERVIEW Distributed system model:
Process a producer or consumer of data represent program logic a piece of software code which needs to be attested *
Data information exchange between the processes Primitive data : external input to distributed systems Derived data :
output of some process generated by applying protocol logic over some input data
10
BIND OVERVIEW Distributed system model:
Intermediary medium over which data is communicated from/to a
process
network that forward the data between hosts
operating system that dispatches the data to the process
hard drive or any part of RAM outside the process
11
BIND OVERVIEW
PCP BP A
LocalConfiguration
LocalConfiguratio
n
LocalConfigurati
on
1.1.1.1 2.2.2.2 3.3.3.3
Ping 3.3.3.3 -t 10Dest= 3.3.3.3,TTL=10
Dest= 3.3.3.3,TTL=9
PongPongPong
Figure 1. Simple Ping: The conceptual model for distributed protocols
12
BIND OVERVIEW
Figure 1. Simple Ping: The conceptual model for distributed protocols
13
BIND OVERVIEW
Figure 1. Simple Ping: The conceptual model for distributed protocols
14
BIND OVERVIEW
Figure 1. Simple Ping: The conceptual model for distributed protocols
15
BIND OVERVIEW
Figure 1. Simple Ping: The conceptual model for distributed protocols
16
BIND OVERVIEW
Figure 1. Simple Ping: The conceptual model for distributed protocols
17
BIND OVERVIEW
Figure 1. Simple Ping: The conceptual model for distributed protocols
18
BIND OVERVIEW Ping-Pong Protocol:
Process PA, PB, and PC which runs on host A, B, and C
Data User command (primitive data) Ping pong messages (derived data) Local IP address of each host (primitive data)
Intermediaries network and operating system
19
BIND OVERVIEW Security problems in distributed systems Byzantine attacker model:
Malicious intermediary and the data misuse attack
Malicious process and the data falsification attack
20
BIND OVERVIEW Security problems in distributed systems Byzantine attacker model:
Malicious intermediary and the data misuse attack Threats:
alter and inject protocol data data misuse attack which use authenticated protocol
data in a malicious way Solution:
employ cryptography constructions Example: message authentication code, digital
signature
21
BIND OVERVIEW Security problems in distributed systems Byzantine attacker model:
Malicious process and the data falsification attack Threats:
Injecting bogus data into the distributed systems (data falsification attack)
Traditional cryptography can not be used As malicious process has the correct cryptography keys
to disguise itself as a legitimate participant Example: a malicious process can modify the TTL field in
a ping message.
22
BIND OVERVIEW Attestation Design Consideration
Coarse-grained attestation Attestation over entire software platforms
Fine-grained attestation attestation over a critical piece of code
create distinction between process and intermediary
to enable the notion of granularity in attestation
to create boundary between what code is being attested to and what is
not
both process and intermediary exist in the form of software code in reality
23
BIND OVERVIEW Attestation Design Consideration
Fine-grained attestation properties
simplifies hash verification
perform software upgrade more easily as expected hash for
each process can be updated independently
allow distributed system architect to focus on the security of
critical module by singling it out form a complicated system
does not address intermediary attacks
24
BIND OVERVIEW Desired Properties of BIND Attestation Service
should be free of all software attacks
process is correct at load-time
needs to be efficient
25
BIND OVERVIEW Process and Data Integrity
Defining Process and Data Integrity
process is a piece of code (process)
when the data is primitive and is genuine (data integrity)
the data is derived by running a genuine process over
genuine data inputs (data integrity)
26
BIND OVERVIEW Techniques to ensure the integrity of primitive data
Semantic Check Example: A distributed scientific computing application checks if an
input matrix is well-formed.
Certificates use a central trusted authority to sign certificate for primitive data
Trusted Path use trusted path mechanisms for input data to make sure the data
came from an authenticated user
27
BIND OVERVIEW Techniques to ensure the integrity of process and derived
data Authenticator
is produced by BIND
Generates a process for every piece of data
Is attached to data through its life-time
Example: when the data is sent over the network, or stored and
fetched from local untrusted storage
28
OVERVIEW Motivation BIND Overview BIND Interface BIND Properties Application of BIND
29
BIND INTERFACE
1. Initiate an attestation phase2. Memory addresses of the process input data3. Size of process code
4. receiving the ATTESTATION-INIT request5. Verifies authenticator on input data
6. Hashes the process code along with input data7. If above step successful, yields control to the processor with a success indicator
30
BIND INTERFACE
1. In response to ATTESTATION-COMPLETE command2. BIND computes an authentication tag over3. an output data
4. a hash of the process code5. Authentication tag binds the output data with the code that has generated it.
6. BINDs undoes the protection it has set up for the protection. 7. BINDs returns the authenticator to the process.
31
OVERVIEW Motivation BIND Overview BIND Interface BIND Properties Application of BIND
32
BIND PROPERTIESFine-grained Attestation:
ATTESTATION-INIT indicate the beginning of process ATTESTATION-COMPLETE indicates the end of process
Binding Process and Data Integrity derived data builds on the integrity of its generating
process integrity of a processes and data are inseparable from
each other in DC
33
BIND PROPERTIESTransitive Integrity Verification
BINDs achieves this property with O(1) overhead.
Efficient TPM’s hardware-based cryptography engine is
utilized to enable fast cryptography computations
needed for attestation.
34
BIND PROPERTIES
Trusted Platform Module (TPM)
35
BIND PROPERTIESTPM in Attestation Overview
The signature on the input data is validated through
public signing key of TPM that signed the input data
Secure Kernel (SK) sends the output data to be signed
by TPM.
SK utilizes the TPM’ s hashing and digital signature
functionalities.
36
BIND PROPERTIES A Symmetric Key Alternative
Asymmetric key cryptography has high computational overhead
A secret MAC key should be established between two TPMs.
TPM’ s SHA-1 function instantiate a MAC between TPMs. The key should be sealed in TPM’s memory and should
be remained invisible to untrusted party Example: application code, peripheral devices
37
BIND PROPERTIES A Symmetric Key Alternative
The key are unsealed to the SK upon time of use which used by SK
to verify the MAC on input data compute the MAC over output data and the hash of process
code secret key remain in SK’s memory for a controlled period of time after usage the secret key should be destroyed SK should be executed in a globally uninterrupted manner to
prevent untrusted OS Kernel form reading off the secret key information
38
BIND PROPERTIES A Symmetric Key Alternative
Diffie-Hellman for key exchange in BIND
K−1 (A) is private signing key for TPMAThe signing pair (K-1 (A), KA) is created inside TPM SHA-1 functionality presents MAC function using the TPM
39
OVERVIEW Motivation BIND Overview BIND Interface BIND Properties Application of BIND
40
APPLICATION OF BIND Securing distributed computation applications with BIND
master / slave structure master splits the job to tasks and send them to slaves
(participants). master process asks BIND to sign a task description before
sending slaves ask local BIND to verify the integrity of task description computation results be will signed by BIND along with an
integrity proof of the participant process master check whether the result is trustworthy after the results
reported to the master.
41
APPLICATION OF BINDo BIND properties in distributed computing application Deterministic Guarantee
BIND guarantees what code has been run in generating the result.
General BIND is applicable to all types of distributed computation
application. regardless of what function we want to compute
Efficient For BIND, the entire code is measured only once regardless of how
many times each instruction executed.
42
APPLICATION OF BIND BGP Overview
Border Gateway Protocol (BGP) a path vector routing protocol establishing a path to each existing prefix Autonomous System (AS) is a collection of routers under
one administrative domain. In BGP, neighbouring Ases exchange prefix information
through BGP Update messages. A BGP update message consists of a prefix along with a
ASPATH.
43
APPLICATION OF BIND Attacks Against BGP
Prefix theft: unauthorized prefix announcement ASPATH falsification in BGP update messages Both attacks attract traffic to a point in the network
that would otherwise not receive the traffic. blackhole attack: allows an attacker to control packets
that it would otherwise have no control over.
44
APPLICATION OF BIND Securing BGP using BIND
two main mechanisms we need to secure BGP verify the correctness of the origin of the prefix prevent a malicious AS from altering the ASPATH prefix is categorized as primitive data prefix integrity: we adopt the known certificate
approach, where a prefix owner obtains a prefix certificate from a trusted authority.
45
APPLICATION OF BIND Securing BGP using BIND
use attestation for ASPATH use BIND interface for attestation create a trusted attestation service in each router ASPATH is cryptographically protected by a message
authentication code
46
CONCLUSION fine-grained attestation technique narrow the time of use and time of attestation establishes a trusted environment for
distributed systems simplify the design of distributed system a hardware design base of BIND is considered
for future work
47
Thank you