research-article

PixelVault: Using GPUs for Securing Cryptographic Operations

Authors:

Giorgos Vasiliadis,

Elias Athanasopoulos,

Michalis Polychronakis,

Sotiris IoannidisAuthors Info & Claims

CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

Pages 1131 - 1142

https://doi.org/10.1145/2660267.2660316

Published: 03 November 2014 Publication History

Abstract

Protecting the confidentiality of cryptographic keys in the event of partial or full system compromise is crucial for containing the impact of attacks. The Heartbleed vulnerability of April 2014, which allowed the remote leakage of secret keys from HTTPS web servers, is an indicative example. In this paper we present PixelVault, a system for keeping cryptographic keys and carrying out cryptographic operations exclusively on the GPU, which allows it to protect secret keys from leakage even in the event of full system compromise. This is possible by exposing secret keys only in GPU registers, keeping PixelVault's critical code in the GPU instruction cache, and preventing any access to both of them from the host. Due to the non-preemptive execution mode of the GPU, an adversary that has full control of the host cannot tamper with PixelVault's GPU code, but only terminate it, in which case all sensitive data is lost. We have implemented a PixelVault-enabled version of the OpenSSL library that allows the protection of existing applications with minimal modifications. Based on the results of our evaluation, PixelVault not only provides secure key storage using commodity hardware, but also significantly speeds up the processing throughput of cryptographic operations for server applications.

References

[1]

Benchmarking TPM-backed SSL. http://blog.habets.pp.se/2012/02/Benchmarking-TPMbacked-SSL.

[2]

CUDA Binary Utilities. http://docs.nvidia.com/cuda/cuda-binary-utilities/index.html.

[3]

Nouveau: Accelerated Open Source driver for nVidia cards. http://nouveau.freedesktop.org/.

[4]

NVIDIA Developer Forums - CUDA kernel timeout. https://devtalk.nvidia.com/default/topic/417276/cuda-kernel-timeout/.

[5]

OpenSSL Project. http://www.openssl.org/.

[6]

pscnv - PathScale NVIDIA graphics driver. https://github.com/pathscale/pscnv.

[7]

shinpei0208 / gdev. https://github.com/shinpei0208/gdev.

[8]

TCG PC Client Specific - TPM Interface Specification (TIS) Version 1.2. http://www.trustedcomputinggroup.org/files/resource_files/87BCE22B-1D09--3519-ADEBA772FBF02CBD/TCG_PCClientTPMSpecification_1--20_1-00_FINAL.pdf.

[9]

The Heartbleed Bug. http://heartbleed.com/.

[10]

Who holds the encryption keys? http://www.computerworld.com/s/article/9225414/Who_Holds_the_Keys_.

[11]

D. J. Bernstein. Cache-timing Attacks on AES, 2004.

[12]

E.-O. Blass and W. Robertson. TRESOR-HUNT: Attacking CPU-bound Encryption. In ACSAC, 2012.

Digital Library

[13]

D. Boneh, G. Durfee, and Y. Frankel. An Attack on RSA Given a Small Fraction of the Private Key Bits. In Lecture Notes in Computer Science, volume 1514 of Lecture Notes in Computer Science, pages 25--34. Springer, 1998.

Digital Library

[14]

D. Brumley and D. Boneh. Remote Timing Attacks are Practical. In USENIX Security, 2003.

Digital Library

[15]

D. Brumley and D. Song. Privtrans: Automatically Partitioning Programs for Privilege Separation. In USENIX Security, 2004.

Digital Library

[16]

X. Chen, T. Garfinkel, E. C. Lewis, P. Subrahmanyam, C. A. Waldspurger, D. Boneh, J. Dwoskin, and D. R. Ports. Overshadow: A Virtualization-based Approach to Retrofitting Protection in Commodity Operating Systems. In ASPLOS XIII, 2008.

Digital Library

[17]

D. Cook, R. Baratto, and A. Keromytis. Remotely Keyed Cryptographics Secure Remote Display Access Using (Mostly) Untrusted Hardware. In ICICS, 2005.

Digital Library

[18]

D. L. Cook, J. Ioannidis, A. D. Keromytis, and J. Luck. CryptoGraphics: Secret Key Cryptography Using Graphics Cards. In CT-RSA, 2005.

Digital Library

[19]

J. Daemen and V. Rijmen. AES Proposal: Rijndael, 1998.

[20]

Eliseo Hernandez. Accelerate Performance Using OpenCL with Intel HD Graphics. http://software.intel.com/en-us/articles/accelerateperformance-using-opencl-with-intel-hdgraphics.

[21]

B. Garmany and T. Müller. PRIME: Private RSA Infrastructure for Memory-less Encryption. In ACSAC, 2013.

Digital Library

[22]

D. Gullasch, E. Bangerter, and S. Krenn. Cache Games -- Bringing Access-Based Cache Attacks on AES to Practice. In IEEE S&P, 2011.

Digital Library

[23]

J. A. Halderman, S. D. Schoen, N. Heninger, W. Clarkson, W. Paul, J. A. Calandrino, A. J. Feldman, J. Appelbaum, and E. W. Felten. Lest We Remember: Cold-boot Attacks on Encryption Keys. Communications of the ACM, 52(5):91--98, 2009.

Digital Library

[24]

O. Harrison and J. Waldron. Practical Symmetric Key Cryptography on Modern Graphics Hardware. In USENIX Security, 2008.

Digital Library

[25]

O. Harrison and J. Waldron. Efficient Acceleration of Asymmetric Cryptography on Graphics Hardware. In AFRICACRYPT, 2009.

Digital Library

[26]

O. S. Hofmann, S. Kim, A. M. Dunn, M. Z. Lee, and E. Witchel. InkTag: Secure Applications on an Untrusted Operating System. In ASPLOS, 2013.

Digital Library

[27]

Intel. Software Guard Extensions Programming Reference. https://software.intel.com/sites/default/files/329298-001.pdf.

[28]

Y. Ishai, E. Kushilevitz, R. Ostrovsky, and A. Sahai. Cryptography with Constant Computational Overhead. In STOC, 2008.

Digital Library

[29]

J. Criswell, N. Dautenhahn, and V. Adve. Virtual Ghost: Protecting Applications from Hostile Operating Systems. In ASPLOS, 2014.

Digital Library

[30]

K. Jang, S. Han, S. Han, K. Park, and S. Moon. SSLShader: Cheap SSL Acceleration with Commodity Processors. In NSDI, 2011.

Digital Library

[31]

Jon Stokes. AMD reveals Fusion CPU+GPU, to challenge Intel in laptops. http://arstechnica.com/business/2010/02/amd-reveals-fusioncpugpu-to-challege-intel-in-laptops/.

[32]

S. Kato. Implementing Open-Source CUDA Runtime. 2013.

[33]

D. Kilpatrick. Privman: A Library for Partitioning Applications. In FREENIX, 2003.

[34]

C. Koc, T. Acar, and J. Kaliski, B.S. Analyzing and Comparing Montgomery Multiplication Algorithms. Micro, IEEE, 16(3):26--33, 1996.

Digital Library

[35]

P. C. Kocher. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In CRYPTO'96, 1996.

Digital Library

[36]

Luitjens, Justin and Rennich, Steven. CUDA Warps and Occupancy. http://on-demand.gputechconf.com/gtc-express/2011/presentations/cuda_webinars_WarpsAndOccupancy.pdf, 2011.

[37]

C. Maurice, C. Neumann, O. Heen, and A. Francillon. Confidentiality Issues on a GPU in a Virtualized Environment. In FC, 2014.

[38]

K. Menychtas, K. Shen, and M. L. Scott. Enabling OS Research by Inferring Interactions in the Black-box GPU Stack. In USENIX ATC, 2013.

Digital Library

[39]

P. Micikevicius. Local Memory and Register Spilling. http://on-demand.gputechconf.com/gtcexpress/2011/presentations/register_spilling.pdf.

[40]

T. Müller, A. Dewald, and F. C. Freiling. AESSE: A Cold-boot Resistant Implementation of AES. In EuroSec, 2010.

Digital Library

[41]

T. Müller, F. C. Freiling, and A. Dewald. TRESOR Runs Encryption Securely Outside RAM. In USENIX Security, 2011.

Digital Library

[42]

NVIDIA. CUDA Programming Guide, version 4.0. http://developer.download.nvidia.com/compute/cuda/4_0/toolkit/docs/CUDA_C_Programming_Guide.pdf.

[43]

NVIDIA. Dynamic Parallelism in CUDA. http://developer.download.nvidia.com/assets/cuda/files/CUDADownloads/TechBrief_Dynamic_Parallelism_in_CUDA.pdf.

[44]

NVIDIA. Next Generation CUDA Compute Architecture: Fermi. http://www.nvidia.com/content/PDF/fermi_white_papers/NVIDIA_Fermi_Compute_Architecture_Whitepaper.pdf.

[45]

NVIDIA. NVIDIA's Next Generation CUDA Compute Architecture: Kepler GK110. http://www.nvidia.com/content/PDF/kepler/NVIDIA-Kepler-GK110-Architecture-Whitepaper.pdf.

[46]

NVIDIA Developer Zone. Flushing Instruction Cache on GPU. https://devtalk.nvidia.com/default/topic/467841/flushing-instruction-cacheon-gpu/.

[47]

NVIDIA Developer Zone. PTX ISA :: CUDA Toolkit Documentation. http://docs.nvidia.com/cuda/ parallel-thread-execution/index.html.

[48]

D. R. Piegdon and L. Pimenidis. Targeting Physically Addressable Memory. In DIMVA, 2007.

Digital Library

[49]

R. D. Pietro, F. Lombardi, and A. Villani. CUDA Leaks: Information Leakage in GPU Architectures. ArXiv, May 2013.

[50]

N. Provos, M. Friedl, and P. Honeyman. Preventing Privilege Escalation. In USENIX Security, 2003.

Digital Library

[51]

R. L. Rivest, A. Shamir, and L. Adleman. A Method for Obtaining Digital Signatures and Public-key Cryptosystems. Communications of ACM, 21, February 1978.

Digital Library

[52]

C. J. Rossbach, J. Currey, M. Silberstein, B. Ray, and E. Witchel. PTask: Operating System Abstractions to Manage GPUs as Compute Devices. In SOSP, 2011.

Digital Library

[53]

A. Shamir and N. v. Someren. Playing "Hide and Seek" with Stored Keys. In FC, 1999.

Digital Library

[54]

U. Shankar and D. Wagner. Preventing Secret Leakage from fork(): Securing Privilege-Separated Applications. In ICC, 2006.

[55]

M. Silberstein, B. Ford, I. Keidar, and E. Witchel. GPUfs: Integrating a File System with GPUs. In ASPLOS, 2013.

Digital Library

[56]

P. Simmons. Security through Amnesia: A Software-based Solution to the Cold-boot Attack on Disk Encryption. Technical report, 2011.

[57]

P. Stewin and I. Bystrov. Understanding DMA Malware. In DIMVA, 2013.

Digital Library

[58]

R. Szerwinski and T. Güneysu. Exploiting the Power of GPUs for Asymmetric Cryptography. In CHES, 2008.

Digital Library

[59]

E. Tromer, D. A. Osvik, and A. Shamir. Efficient Cache Attacks on AES, and Countermeasures. Journal of Cryptology, 23, 2010.

Digital Library

[60]

G. Vasiliadis, L. Koromilas, M. Polychronakis, and S. Ioannidis. GASPP: A GPU-Accelerated Stateful Packet Processing Framework. In USENIX ATC, 2014.

Digital Library

[61]

G. Vasiliadis, M. Polychronakis, and S. Ioannidis. MIDeA: A Multi-Parallel Intrusion Detection Architecture. In CCS, 2011.

Digital Library

[62]

H. Wong, M.-M. Papadopoulou, M. Sadooghi-Alvandi, and A. Moshovos. Demystifying GPU Microarchitecture through Microbenchmarking. In ISPASS, 2010.

Cited By

Sekar GJoseph MBalasubramanian R(2024)Fault-assisted side-channel analysis of HMAC-StreebogCryptologia10.1080/01611194.2024.2328548(1-17)Online publication date: 14-Apr-2024
https://doi.org/10.1080/01611194.2024.2328548
Lee HSong CKang B(2023)Harnessing the x86 Intermediate Rings for Intra-Process IsolationIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2022.319252420:4(3251-3268)Online publication date: 1-Jul-2023
https://doi.org/10.1109/TDSC.2022.3192524
Deshmukh MRawat A(2023)Lightweight symmetric key encryption for text using XOR operation and permutation matrixInternational Journal of Information Technology10.1007/s41870-023-01407-315:7(3555-3562)Online publication date: 14-Aug-2023
https://doi.org/10.1007/s41870-023-01407-3
Show More Cited By

Index Terms

PixelVault: Using GPUs for Securing Cryptographic Operations

Recommendations

Heterogeneous Isolated Execution for Commodity GPUs
ASPLOS '19: Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems

Traditional CPUs and cloud systems based on them have embraced the hardware-based trusted execution environments to securely isolate computation from malicious OS or hardware attacks. However, GPUs and their cloud deployments have yet to include such ...
Protecting Enclaves from Intra-Core Side-Channel Attacks through Physical Isolation
CYSARM'20: Proceedings of the 2nd Workshop on Cyber-Security Arms Race

Systems that protect enclaves from privileged software must consider software-based side-channel attacks. Our system isolates enclaves on separate secure cores to stop attackers from running on the same core as the victim, which mitigates intra-core ...
Intel Software Guard Extensions: Introduction and Open Research Challenges
SPRO '16: Proceedings of the 2016 ACM Workshop on Software PROtection

Hardware-enhanced security is an important pillar of secure systems in general and software protection in particular. This presentation will survey the recently announced Intel Software Guard Extensions (Intel SGX) as well as innovative usages for ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

November 2014

1592 pages

ISBN:9781450329576

DOI:10.1145/2660267

General Chair:
Gail-Joon Ahn
Arizona State University, USA
,
Program Chairs:
Moti Yung
Google -- Columbia University, USA
,
Ninghui Li
Purdue University, USA

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 November 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'14

Sponsor:

SIGSAC

CCS'14: 2014 ACM SIGSAC Conference on Computer and Communications Security

November 3 - 7, 2014

Arizona, Scottsdale, USA

Acceptance Rates

CCS '14 Paper Acceptance Rate 114 of 585 submissions, 19%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

53
Total Citations
View Citations
718
Total Downloads

Downloads (Last 12 months)43
Downloads (Last 6 weeks)7

Reflects downloads up to 03 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Sekar GJoseph MBalasubramanian R(2024)Fault-assisted side-channel analysis of HMAC-StreebogCryptologia10.1080/01611194.2024.2328548(1-17)Online publication date: 14-Apr-2024
https://doi.org/10.1080/01611194.2024.2328548
Lee HSong CKang B(2023)Harnessing the x86 Intermediate Rings for Intra-Process IsolationIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2022.319252420:4(3251-3268)Online publication date: 1-Jul-2023
https://doi.org/10.1109/TDSC.2022.3192524
Deshmukh MRawat A(2023)Lightweight symmetric key encryption for text using XOR operation and permutation matrixInternational Journal of Information Technology10.1007/s41870-023-01407-315:7(3555-3562)Online publication date: 14-Aug-2023
https://doi.org/10.1007/s41870-023-01407-3
Jeong HKim HHur J(2022)Exploiting Metaobjects to Reinforce Data Leakage AttacksProceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3545948.3545965(17-29)Online publication date: 26-Oct-2022
https://dl.acm.org/doi/10.1145/3545948.3545965
Li CGuan LLin JLuo BCai QJing JWang J(2021)Mimosa: Protecting Private Keys Against Memory Disclosure Attacks Using Hardware Transactional MemoryIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2019.289766618:3(1196-1213)Online publication date: 1-May-2021
https://doi.org/10.1109/TDSC.2019.2897666
Yang YWang XPeng S(2021)A Dynamic Protection Mechanism for GPU Memory OverflowNetwork and Parallel Computing10.1007/978-3-030-79478-1_3(30-40)Online publication date: 23-Jun-2021
https://doi.org/10.1007/978-3-030-79478-1_3
Hunt TJia ZMiller VSzekely AHu YRossbach CWitchel EBhagwan RPorter G(2020)TelekineProceedings of the 17th Usenix Conference on Networked Systems Design and Implementation10.5555/3388242.3388301(817-834)Online publication date: 25-Feb-2020
https://dl.acm.org/doi/10.5555/3388242.3388301
Zou PLi ABarker KGe R(2020)Detecting Anomalous Computation with RNNs on GPU-Accelerated HPC MachinesProceedings of the 49th International Conference on Parallel Processing10.1145/3404397.3404435(1-11)Online publication date: 17-Aug-2020
https://dl.acm.org/doi/10.1145/3404397.3404435
Wang ZZheng FLin JFan GDong J(2020)SEGIVE: A Practical Framework of Secure GPU Execution in Virtualization Environment2020 IEEE 39th International Performance Computing and Communications Conference (IPCCC)10.1109/IPCCC50635.2020.9391574(1-10)Online publication date: 6-Nov-2020
https://doi.org/10.1109/IPCCC50635.2020.9391574
Abbasi MShokrollahi AKhosravi MMenon V(2020)High-performance flow classification using hybrid clusters in software defined mobile edge computingComputer Communications10.1016/j.comcom.2020.07.002Online publication date: Jul-2020
https://doi.org/10.1016/j.comcom.2020.07.002
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents