Ruby Lee - US grants

This research investigates core architectural features for secure and private communications and computations over the public Internet and wireless infrastructures. It focuses on what instruction-set architecture (ISA) features general-purpose processors would have, if secure information processing is the default pervasive mode of operation, with non-secure processing the optional mode, rather than vice versa. It proposes ISA features for very fast, flexible, software cryptographic processing, not only for current algorithms but also to enable algorithm designers to create new cryptographic algorithms that are more secure and more efficient. Word-oriented, programmable processors can be radically more effective for cryptographic functions with new instructions for sub-word manipulations, as well as for multi-word arithmetic. Novel bit permutation instructions are proposed for providing superior diffusion capabilities for current and future symmetric key algorithms. Their performance, area and latency tradeoffs, and scalability with superscalar organizations are studied. Very fast table lookup and other ISA features are also studied for algorithms like Rijndael, the recent Advanced Encryption Standard winner, and for public-key algorithms like Elliptic Curve Cryptography. The research also investigates architectural features for secure key management, and other ISA features designed to enhance or enforce system security.

Denial of service attacks flood a web-site with so many requests that it can no longer respond. Computers connected to the Internet are vulnerable to being used unwittingly in mounting a distributed denial of service (DDoS) attack on a victim web-site. Past countermeasures based on software patches or re-compilation are often ignored by users, leaving many systems vulnerable. This research first proposes a classification of the various denial of service attacks and countermeasures, then defines architectural solutions in the core (non-optional) hardware and software of future machines.

The vulnerabilities of computers, which allow DDoS attack networks to be set up, are studied. Low overhead architectural features in the core hardware of computers are investigated which hinder attack networks from being set up in the first place, or detect and prevent the execution of potentially hostile code. Malicious parties often employ buffer overflow attacks to gain entry to a computer by corrupting procedure return addresses. This research investigates features like a secure return address stack (SRAS) in the processor architecture as a new defense against such buffer overflow exploits. The proposed research approach is unique in providing defenses in the client platforms rather than only in the servers or routers, and in building more trusted architecture in the core hardware, rather than only in software layers. Since application code need not be changed nor re-compiled, both legacy and future software can enjoy the security benefits of hardware architectural solutions. Since DDoS attacks pose a serious threat to the availability of critical Internet services, this research can contribute to the overall security of the Internet while increasing the trust that owners may have in their interconnected information appliances.

Embedded systems, for example in information appliances and networked
sensors, face some of the most demanding security concerns - they are resource
constrained while frequently needing to handle sensitive information in
physically insecure environments. Security processing can easily overwhelm the
limited computation and memory resources of embedded processors, especially with
the escalation in the amount of data to be processed and the data rates of
high-speed networks. This "performance gap" is compounded by the "battery gap",
which is the disparity between energy requirements and slow improvements in
battery technology, for secure low-power embedded systems.

This project is an inter-disciplinary study of several core technologies
that will enable the design of secure, low-power embedded systems. It spans the
fields of security, cryptographic algorithms, embedded processor architecture,
computer arithmetic, low power design, and enabling design methodologies and
tools. It addresses the performance, energy and security requirements, and
their tradeoffs, in embedded processors and systems. The research goals include
a comprehensive analysis of the performance requirements and power consumption
for security in embedded systems. The project is developing efficient architectures
for security processing in low-power embedded systems, including configurable
security modules for system-on-chip designs, and architectural guidelines for
tiny cryptographic processors for embedded systems. The performance, power and
security tradeoffs based on customizations at the protocol, cryptographic
algorithm, and hardware and software implementation levels are studied. Design
methodology and tools include processor design tools to facilitate the design of
new security processing architectures based on open frameworks such as the PLX
(hosted at Princeton) and SimpleScalar toolkits. The project explores
domain-specific design methodologies that jointly co-design security protocols
and processing architectures to meet the required security, performance and
power priorities and constraints.

The research enables the design of embedded systems with higher levels of
security, while achieving an order of magnitude or more in performance and
battery life, compared to conventional approaches. Broad security impacts are expected for embedded system design, in addition to impact for future research and education. Results are disseminated to industry through the Princeton Architecture Lab for Multimedia and Security (PALMS) and the NJCST Center for Embedded System-on-a-Chip Design. The research results are being woven into graduate and undergraduate courses.

The SecureCore project will investigate and design a secure integrated core architecture for trustworthy operation of mobile computing devices consisting of: a security-aware general-purpose processor, a small security kernel and a small set of essential secure communications protocols. The research will use a "clean slate" approach to define a minimal set of fundamental architectural features required for such a secure core, for use in resource-constrained, ubiquitous computing platforms exemplified by secure embedded systems (e.g., computer in a heart monitor), pocket devices (e.g., contact-less smart card), and mobile computing devices (e.g., handheld web-enabled computer). This approach shows what is possible when security is designed in at the beginning rather than added as an after-thought. It also changes the design paradigm from an emphasis on performance to one on trustworthy, dependable operation. The goal is to achieve the desired security levels without compromising performance, size, cost, energy consumption, or usability. Threat models will be re-examined in the new context of continuously networked commodity devices and Internet-scale epidemics such as DDoS, worms and viruses. The broader impact is to provide the scientific basis for trustworthy computing, communications and storage in pervasive computing environments. SecureCore impact will be immense if its architecture influences the design of future trustworthy commodity products, as well as the curriculum for computer hardware and software engineering education.

Our society, economy and national security are critically dependent on computers and computing devices. With a few hops, commodity computers and mobile phones can be connected to secret or sensitive information or to critical infrastructures. However, mainstream commodity computers have not been designed with security in mind, for the last three or more decades. Rather, they have been designed to improve performance, energy efficiency, cost or size, with security added on as an after-thought. While some specialized secure computers have been built, up to now, one had to sacrifice performance (or cost and convenience) for security. In this research, the PI plans to explore what is feasible if we allow ourselves a clean-slate design, where security is a first-class goal, on par with performance and other goals. The investigation will rethink computer architecture from first principles to significantly improve both the security and the performance of future computers.

The research has two thrusts: how to design computer architecture to enable more secure software and systems, and how to design computer hardware components that are themselves more trustworthy. The PI will develop a new threat-based design methodology for computer architecture, examining how to build security awareness into the design of each basic aspect of computing. New architectural foundations for secure processing, secure memories, secure caches, secure virtual memory translation, secure storage, and secure control flow will be developed. The research will focus on providing the cornerstones of security: Confidential and Integrity of critical information, and Availability, in the sense of resilient attestation and execution of security-critical tasks even when parts of the system may have been corrupted. The solutions will also consider hardware attacks, in addition to the software and network attacks considered by software security solutions and the current state-of-the-art hardware TPM (Trusted Platform Module) solution.

The intellectual contributions of this research will be new architectural foundations, and a new dimension of "threat-based design" in the research and development of all future computers. The broader impact of this research is to provide core security technology that can be built into commodity computing devices and their servers. These can be used in computer, communications, control, entertainment and embedded systems to build significantly more secure systems that will provide a leap forward in information and cyber security, benefiting our society.

This award supports student participation in tutorials on security issues at the hardware design layer, in order to expand the pool of scientists qualified to pursue research topics in this area.

Cloud computing provides many benefits including convenience, consolidation, compatibility, and cost-reduction. However, security is a major concern, since cloud resources are shared with other users who may be adversarial. The goal of this research is to define a framework for security-on-demand: cloud customers can request the security they need and cloud providers can map these security requests to the appropriate secure servers. Since customers have different security needs, a range of threat models is explored together with servers with different security capabilities. Research contributions include (1) new strategies for measuring cloud server security capabilities, and (2) new hardware-software mechanisms for collecting runtime trust evidence that a server is enforcing a customer's requested security policy. (3) Secure protocols are designed for collecting and reporting server security capabilities to cloud management software, as well as (4) a hardware-software security verification methodology to verify these protocols, using model checking and other tools. (5) Novel actionable models of cloud servers? security properties that can be matched to customers' requests are implemented by new trust monitoring and policy enforcement modules. Also, (6) hardware mechanisms and migration protocols for secure Virtual Machine migration to improve cloud security are designed. The broader impact of this work includes providing greater security in cloud computing for customers, allowing cloud providers to differentiate their offerings with security provisioning using different secure server architectures, enabling the specification and provisioning of customized and verifiable security, and providing a research platform for investigating secure hardware and software architecture in a cloud environment.

Computers form the backbone of any modern society, and often process large amounts of sensitive and private information. To help secure the software, and the sensitive data, a number of secure hardware-software and processor architectures have been proposed. These architectures incorporate novel protection and defense mechanisms directly in the hardware where they cannot be modified or bypassed, unlike software protections. However, due to lack of practical and scalable security verification tools and methodologies, very few of the proposed hardware security architectures have been commercially deployed. This project develops a security verification methodology that is applicable to different hardware-software security architectures.

This project develops security invariants and methodology that hardware architects can deploy to check the security properties of their architectures in a scalable and semi-automated manner. The methodology is applied to verify hardware-enhanced isolation architectures and architectures that minimize the attack surface in cloud computing. Verification of a secure cache's resistance to cache side channel attacks is also investigated. Researchers and designers will have a new method to systematically check their designs, and show to others the conditions under which they work. Hardware manufacturers will gain assurance to actually implement these security architectures in real products. In turn, customers will gain assurance about the secure hardware that protects their computations running on their devices or virtual machines running on remote cloud servers. Security architectures are important to customers and hardware manufacturers, however, security verification is needed to make them a reality.

This project will develop new open-source processor architectures with advanced security features. The security features will be added to existing open-source processors to help protect the confidentiality and integrity of data and to protect against side-channel attacks. Beyond the design, the project will also provide new methodology to verify the proposed security feature, to provide assurance that the processor hardware itself is provably secure.

The first thrust of the project focuses on side-channel protections, especially of processor caches, and other functional units that can be exploited to leak secret information. It further adds security counters and new means to protect trusted software modules. The second thrust focuses on the design of the security verification approaches for hardware, including the use of satisfiability modulo theories (SMT) based solvers and temporal logics.

If successful, this will make open-source processors and their applications more secure against attacks. It will enable the academic community to further develop and extend the capabilities of the ope-source secure processor and further education in hardware security.

All artefacts developed by this project will be available online at http://caslab.csl.yale.edu/code/ or http://palms.ee.princeton.edu. The web sites will be maintained for the duration of the project and as long as the research groups involved in this project are active.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.