kth.sePublications
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Generating Optimized and Secure Binary Code
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Software and Computer systems, SCS.ORCID iD: 0000-0002-8345-2752
2023 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

The increased digitalization of modern societies has resulted in a proliferation of a broad spectrum of embedded devices, ranging from personal smartphones and heart pacemakers to large-scale industrial IoT systems. Since they often handle various sensitive data, these devices increasingly become the targets of cyberattacks that threaten the integrity of personal data, financial security, and sometimes even people’s safety.

A common source of security vulnerabilities in computing systems is software. Nowadays, the vast majority of embedded software is written in high-level programming languages and compiled to low-level assembly code using general-purpose compilers. However, general-purpose compilers typically ignore security aspects and mainly focus on improving performance and reducing the code size. Meanwhile, the security-targeting compilers often produce code that is suboptimal with respect to performance. This security-performance gap is particularly detrimental for embedded devices that are usually battery-operated and hence, have stringent restrictions on memory size and power consumption.

Among the most frequently carried out cyberattacks are code-reuse attacks. They insert data into the victim system via memory-corruption vulnerabilities to redirect the control flow and hijack the system. Automatic software diversification is an efficient mitigation approach against code-reuse attacks, however, it typically does not allow us to explicitly control of the introduced performance overhead.

Another large class of attacks is side-channel attacks. Such attacks often target cryptographic implementations and aim at extracting the information about the processed data by recording side-channel information, such as the execution time or the power consumption of the victim system. Typically, protection against side-channel attacks relies on software-based mitigations, which may lead to high performance overhead. An attacker that attempts to hijack the victim system may use either or both of these attacks and hence, often multiple mitigations have to be combined together to protect a system.

This dissertation proposes Secure-by-Construction Optimization (Sec-Opt), a constraint-based approach that combines performance goals with security mitigations. More specifically, SecOpt achieves performance-aware automatic code diversification against code-reuse attacks, while it generates highly-optimized code that preserves software mitigations against side-channel attacks. A key advantage of SecOpt is composability, namely the ability to combine conflicting mitigations and generate code that preserves these mitigations. In particular, SecOpt generates diverse code variants that are secure against side-channel attacks, therefore protecting against both code-reuse and side-channel attacks.

SecOpt features unique characteristics compared to conventional compiler-based approaches, including performance-awareness and mitigation composability in a formal framework. Since the combined security and performance goals are especially important for resource-constrained systems, SecOpt constitutes a practical approach for optimizing performance- and security-critical code for embedded devices.
Abstract [sv]

Den ökande digitaliseringen av det moderna samhället har orsakat snabb spridning av ett brett utbud av inbyggda system, allt från smarta mobiltelefoner och hjärtstimulatorer, till storskaliga industriella IoT system. Dessa datorenheter blir allt oftare mål för cyberangrepp som hotar den personliga integriteten, den ekonomiska säkerheten och ibland även människors säkerhet.

En vanlig källa till säkerhetssårbarheter i datasystem är mjukvara. Nu för tiden är majoriteten av mjukvaran för inbyggda system skriven i högnivåprogrammeringsspråk som kompileras till maskinkod med hjälp av konventionella kompilatorer. Dessa kompilatorer tar ofta inte hänsyn till säkerhetsaspekter i programmets källkod och fokuserar istället på att förbättra prestanda och reducera kodstorlek. Samtidigt producerar säkerhetsinriktade kompilatorer ofta kod som är suboptimal med avseende på prestanda. Denna diskrepans mellan säkerhet och prestanda är problematisk för inbyggda system med stränga restriktioner vad gäller minnesanvändning och energiförbrukning.

Kodåteranvändningsattacker är en av de vanligaste typer av cyberangrepp. Dessa cyberangrepp injicerar data i det angripna systemet, via en minneskorruptionssårbarhet, som ger möjlighet att dirigera om mjukvarans kontrollflöde och kapa systemet. Automatiserad mjukvarudiversifiering är en effektiv skyddsåtgärd mot kodåteranvändningsattacker men nuvarande metoder tillåter inte explicit styrning av prestandaförsämringen. En annan stor cyberangreppsklass är sidokanalsattacker. Dessa cyberangrepp riktas ofta mot kryptografiska implementeringar och syftar till att utvinna säkerhetsviktig information som berör den behandlade datan. Angriparen läser av sidokanalsinformation under programmets exekvering, såsom exekveringstid eller energiförbrukning. Vanliga skyddsåtgärder mot sidokanalsattacker är mjukvaruåtgärder, som dessvärre kan leda till stor prestandaförsämring. En angripare som försöker kapa ett system kan använda en eller flera metoder för att utföra dessa cyberangrepp. Därför måste ofta olika skyddsåtgärder kombineras för att skydda ett system.

Denna avhandling introducerar Säker-vid-Konstruktion Kodoptimering (SecOpt), en villkorsbaserad kompileringsmetod som kombinerar prestandamål med skyddsåtgärder. Närmare bestämt utför SecOpt prestandamedveten automatisk diversifiering mot kodåteranvändningsattacker och genererar optimerad kod som bibehåller mjukvaruåtgärder mot sidokanalsattacker. SecOpts nykelegenskap är dess möjlighet att kombinera motstridiga skyddsåtgärder på ett sätt som bevarar dessa skyddsåtgärders egenskaper. Mer specifikt skapar SecOpt mångfaldiga kodvarianter som uppfyller säkerhetskrav mot sidokanalsattacker, vilket skyddar både mot kodåteranvändningsattacker och sidokanalsattacker.

SecOpt har unika egenskaper jämfört med konventionella kompileringsmetoder, såsom prestandamedvetenhet och komponering av olika skyddsåtgärder i ett formellt ramverk. Kombinationen av säkerhets- och prestandamål är särskilt viktig för resursbegränsade inbyggda system. Sammanfattningsvis är SecOpt en praktisk metod för att optimera säkerhetskritisk kod
Place, publisher, year, edition, pages
Stockholm: KTH Royal Institute of Technology, 2023. , p. 185
Series
TRITA-EECS-AVL ; 2023:44
Keywords [en]
constraint programming, code optimization, secure compilation, side-channel attacks, code-reuse attacks, software security
Keywords [sv]
villkorsprogrammering, kodoptimering, säker kompilering, sidokanalsattacker, kodåteranvändningsattacker, mjukvarusäkerhet
National Category
Computer Systems
Research subject
Information and Communication Technology; Information and Communication Technology
Identifiers
URN: urn:nbn:se:kth:diva-326717ISBN: 978-91-8040-591-1 (print)OAI: oai:DiVA.org:kth-326717DiVA, id: diva2:1756115
Public defence
2023-06-07, https://kth-se.zoom.us/j/65880566532, Sal F3, Lindstedtsvägen 26/28, Kungliga Tekniska Högskolan, Stockholm, 13:00 (English)
Opponent
Supervisors
Note

QC 20230516

Available from: 2023-05-11 Created: 2023-05-10 Last updated: 2025-01-17Bibliographically approved
List of papers
1. Constraint-Based Software Diversification for Efficient Mitigation of Code-Reuse Attacks
Open this publication in new window or tab >>Constraint-Based Software Diversification for Efficient Mitigation of Code-Reuse Attacks
2020 (English)In: Lect. Notes Comput. Sci., Springer Science and Business Media Deutschland GmbH , 2020, p. 791-808Conference paper, Published paper (Refereed)
Abstract [en]

Modern software deployment process produces software that is uniform, and hence vulnerable to large-scale code-reuse attacks. Compiler-based diversification improves the resilience and security of software systems by automatically generating different assembly code versions of a given program. Existing techniques are efficient but do not have a precise control over the quality of the generated code variants. This paper introduces Diversity by Construction (DivCon), a constraint-based compiler approach to software diversification. Unlike previous approaches, DivCon allows users to control and adjust the conflicting goals of diversity and code quality. A key enabler is the use of Large Neighborhood Search (LNS) to generate highly diverse assembly code efficiently. Experiments using two popular compiler benchmark suites confirm that there is a trade-off between quality of each assembly code version and diversity of the entire pool of versions. Our results show that DivCon allows users to trade between these two properties by generating diverse assembly code for a range of quality bounds. In particular, the experiments show that DivCon is able to mitigate code-reuse attacks effectively while delivering near-optimal code (optimality gap). For constraint programming researchers and practitioners, this paper demonstrates that LNS is a valuable technique for finding diverse solutions. For security researchers and software engineers, DivCon extends the scope of compiler-based diversification to performance-critical and resource-constrained applications.
Place, publisher, year, edition, pages
Springer Science and Business Media Deutschland GmbH, 2020
Keywords
Code-reuse attacks, Compiler-based software diversification, Constraint programming, Embedded systems, Application programs, Benchmarking, Computer programming, Computer software reusability, Constraint theory, Economic and social effects, Number theory, Optimal systems, Optimization, Program compilers, Quality control, Benchmark suites, Constraint-based, Diverse solutions, Large neighborhood search, Precise control, Software deployment, Software systems, Codes (symbols)
National Category
Computer Sciences
Identifiers
urn:nbn:se:kth:diva-285330 (URN)10.1007/978-3-030-58475-7_46 (DOI)2-s2.0-85091315219 (Scopus ID)
Conference
7 September 2020 through 11 September 2020
Funder
Swedish Foundation for Strategic Research, trustfull
Note

QC 20201201

Available from: 2020-12-01 Created: 2020-12-01 Last updated: 2024-01-10Bibliographically approved
2. Constraint-based Diversification of JOP Gadgets
Open this publication in new window or tab >>Constraint-based Diversification of JOP Gadgets
2021 (English)In: The journal of artificial intelligence research, ISSN 1076-9757, E-ISSN 1943-5037, Vol. 72, p. 1471-1505Article in journal (Refereed) Published
Abstract [en]

Modern software deployment process produces software that is uniform, and hence vulnerable to large-scale code-reuse attacks, such as Jump-Oriented Programming (JOP) attacks. Compiler-based diversification improves the resilience and security of software systems by automatically generating different assembly code versions of a given program. Existing techniques are efficient but do not have a precise control over the quality, such as the code size or speed, of the generated code variants. This paper introduces Diversity by Construction (DivCon), a constraint-based compiler approach to software diversification. Unlike previous approaches, DivCon allows users to control and adjust the conflicting goals of diversity and code quality. A key enabler is the use of Large Neighborhood Search (LNS) to generate highly diverse assembly code efficiently. For larger problems, we propose a combination of LNS with a structural decomposition of the problem. To further improve the diversification efficiency of DivCon against JOP attacks, we propose an application-specific distance measure tailored to the characteristics of JOP attacks. We evaluate DivCon with 20 functions from a popular benchmark suite for embedded systems. These experiments show that DivCon's combination of LNS and our application-specific distance measure generates binary programs that are highly resilient against JOP attacks (they share between 0.15% to 8% of JOP gadgets) with an optimality gap of <= 10%. Our results confirm that there is a trade-off between the quality of each assembly code version and the diversity of the entire pool of versions. In particular, the experiments show that DivCon is able to generate binary programs that share a very small number of gadgets, while delivering near-optimal code. For constraint programming researchers and practitioners, this paper demonstrates that LNS is a valuable technique for finding diverse solutions. For security researchers and software engineers, DivCon extends the scope of compiler-based diversification to performance-critical and resource-constrained applications.
Place, publisher, year, edition, pages
AI Access Foundation, 2021
Keywords
Application programs, Codes (symbols), Computer software reusability, Constraint programming, Constraint theory, Economic and social effects, Embedded systems, Optimal systems, Optimization, Quality control, Application specific, Assembly code, Binary programs, Code versions, Constraint-based, Deployment process, Distance measure, Large neighbourhood searches, Large-scales, Software deployment, Program compilers
National Category
Computer Sciences
Identifiers
urn:nbn:se:kth:diva-307147 (URN)10.1613/JAIR.1.12848 (DOI)000739103700001 ()2-s2.0-85123375479 (Scopus ID)
Note

QC 20220118

Available from: 2022-01-18 Created: 2022-01-18 Last updated: 2023-05-10Bibliographically approved
3. Vivienne: Relational Verification of Cryptographic Implementations in WebAssembly
Open this publication in new window or tab >>Vivienne: Relational Verification of Cryptographic Implementations in WebAssembly
2021 (English)In: Proceedings - 2021 IEEE Secure Development Conference, SecDev 2021, Institute of Electrical and Electronics Engineers (IEEE), 2021, p. 94-102Conference paper, Published paper (Refereed)
Abstract [en]

We investigate the use of relational symbolic execution to counter timing side channels in WebAssembly programs.We design and implement VIVIENNE, an open-source tool toautomatically analyze WebAssembly cryptographic libraries forconstant-time violations. Our approach features various optimizations that leverage the structure of WebAssembly andautomated theorem provers, including support for loops viarelational invariants. We evaluate Vivienne on 57 real-worldcryptographic implementations, including a previously unverifiedimplementation of the HACL* library in WebAssembly. Theresults indicate that Vivienne is a practical solution for constanttime analysis of cryptographic libraries in WebAssembly.
Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2021
National Category
Computer Systems
Identifiers
urn:nbn:se:kth:diva-300966 (URN)10.1109/SecDev51306.2021.00029 (DOI)000797871400018 ()2-s2.0-85124348964 (Scopus ID)
Conference
2021 IEEE Secure Development Conference, SecDev 2021, Virtual, Online, 18 October 2021 through 20 October 2021
Projects
TrustFullJointForce
Funder
Wallenberg AI, Autonomous Systems and Software Program (WASP)Swedish Foundation for Strategic ResearchSwedish Research Council
Note

QC 20220610

Part of proceedings: ISBN 978-166543170-5

Available from: 2021-09-03 Created: 2021-09-03 Last updated: 2023-05-10Bibliographically approved
4. Securing Optimized Code Against Power Side Channels
Open this publication in new window or tab >>Securing Optimized Code Against Power Side Channels
2023 (English)Conference paper, Published paper (Refereed)
Abstract [en]

Side-channel attacks impose a serious threat to cryptographic algorithms, including widely employed ones, such as AES and RSA. These attacks take advantage of the algorithm implementation in hardware or software to extract secret information via side channels. Software masking is a mitigation approach against power side-channel attacks aiming at hiding the secret-revealing dependencies from the power footprint of a vulnerable implementation. However, this type of software mitigation often depends on general-purpose compilers, which do not preserve non-functional properties. Moreover, microarchitectural features, such as the memory bus and register reuse, may also leak secret information. These abstractions are not visible at the high-level implementation of the program. Instead, they are decided at compile time. To remedy these problems, security engineers often sacrifice code efficiency by turning off compiler optimization and/or performing local, post-compilation trans-formations. This paper proposes Secure by Construction Code Generation (SecCG), a constraint-based compiler approach that generates optimized yet protected against power side channels code. SecCG controls the quality of the mitigated program by efficiently searching the best possible low-level implementation according to a processor cost model. In our experiments with twelve masked cryptographic functions up to 100 lines of code on Mips32 and ARM Thumb, SecCG speeds up the generated code from 77% to 6.6 times compared to non-optimized secure code with an overhead of up to 13% compared to non-secure optimized code at the expense of a high compilation cost. For security and compiler researchers, this paper proposes a formal model to generate power side channel free low-level code. For software engineers, SecCG provides a practical approach to optimize performance critical and vulnerable cryptographic implementations that preserve security properties against power side channels.
Keywords
compilation, power side-channel attacks, code optimization, software masking, constraint programming
National Category
Computer Systems Embedded Systems
Identifiers
urn:nbn:se:kth:diva-326720 (URN)
Conference
36th IEEE Computer Security Foundations Symposium
Note

QC 20230522

Available from: 2023-05-09 Created: 2023-05-09 Last updated: 2025-01-17Bibliographically approved
5. Thwarting Code-Reuse and Side-Channel Attacks in Embedded Systems
Open this publication in new window or tab >>Thwarting Code-Reuse and Side-Channel Attacks in Embedded Systems
(English)Manuscript (preprint) (Other academic)
Abstract [en]

Embedded devices are increasingly present in our everyday life. They often process critical information and hence, rely on cryptographic protocols to achieve security. However, embedded devices remain particularly vulnerable to attackers seeking to hijack their operation and extract sensitive information by exploiting side channels and code reuse. Code-Reuse Attacks (CRAs) can steer the execution of a program to malicious outcomes, leveraging existing on-board code without direct access to the device memory. Moreover, Side-Channel Attacks (SCAs) may reveal secret information to the attacker based on mere observation of the device. Thwarting CRAs and SCAs against embedded devices is especially challenging because embedded devices are usually resource constrained. Fine-grained code diversification can hinder CRAs by introducing uncertainty to the binary code; while software mechanisms can thwart timing or power SCAs. The resilience to either attack may come at the price of the overall efficiency. Moreover, a unified approach that preserves these mitigations against both CRAs and SCAs is not available. In this paper, we propose a novel Secure Diversity by Construction (SecDivCon) approach that tackles this challenge. SecDivCon is a combinatorial compiler-based approach that combines software diversification against CRAs with software mitigations against SCAs. SecDivCon restricts the performance overhead introduced by the generated code that thwarts the attacks and hence, offers a secure-by-design approach enabling control over the performance-security trade-off. Our experiments, using 16 benchmark programs, show that SCA-aware diversification is effective against CRAs, while preserving SCA mitigation properties at a low, controllable overhead. Given the combinatorial nature of our approach, SecDivCon is suitable for small, performance-critical functions that are sensitive to SCAs. SecDivCon may be used as a building block to whole-program code diversification or in a re-randomization scheme of cryptographic code.
Keywords
compiler-based mitigation, software diversification, software masking, constant-resource programming, secure compilation
National Category
Computer Systems Embedded Systems
Identifiers
urn:nbn:se:kth:diva-326722 (URN)
Note

QC 20230511

Available from: 2023-05-09 Created: 2023-05-09 Last updated: 2025-01-17Bibliographically approved

Open Access in DiVA

Kappa(756 kB)327 downloads
File information
File name FULLTEXT05.pdfFile size 756 kBChecksum SHA-512
cd2af0b4fea637d321d573bdfaef4a76077c3c0c69aaca947ffefae180d5565a568e4c1c77d0cef587c8e8217205659e61bb8f39eb8b8b455649f168a82674e3
Type fulltextMimetype application/pdf

Authority records

Tsoupidi, Rodothea Myrsini

Search in DiVA

By author/editor
Tsoupidi, Rodothea Myrsini
By organisation
Software and Computer systems, SCS
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 327 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 919 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.46.0
|
WCAG
|
KTH Library
|
DiVA support
|
Register in DiVA
|
Posting your thesis
|
SwePub