CS 598CLF: Secure Processor Design, Fall 2017

Instructor	Chris Fletcher cwfletch@illinois.edu
Location	Siebel ~~1103~~ 1105
Lecture Times	Tuesday and Thursday, 12:30pm - 1:45pm
Office	Siebel 4106
Office Hours	Wednesdays 3pm-4pm or by appointment

With the emergence of systems such as ARM Trustzone and Intel Software Guard Extensions, secure processors have become one of the next frontiers in secure systems design. Secure processors allow emerging applications (e.g., computation outsourcing) to be realized with a significantly smaller trusted computing base and/or significantly reduced performance overheads, relative to a "pure software" solution.

This course will bring students to the cutting-edge in secure processor architecture by examining the interplay between hardware, software and applied cryptography in these systems. The first several classes will feature lectures from the instructor: to give background on secure hardware systems from the standpoints of Computer Architecture and Applied Cryptography. The body of the course will be readings and discussion of top papers in the field. Course assignments will give students hands-on experience with the Intel Software Guard Extensions (SGX) SDK, building secure applications and evaluating their security. The end of semester will culminate in an original research project.

This class is primarily intended for students who would like to conduct secure systems research where hardware plays a first-class role. It will also appeal to students with a casual interest in this hot topic, or who want to do research in computer security generally.

Syllabus [pdf]

The information in the syllabus and on this course website is subject to change. Major changes will be recorded in the announcements below (please check frequently).

Announcements

10/7/17: Two updates to course documents: (1) Added guidelines for final project proposal to Oct 17th. (2) Updated to the lab document to consolidate all lab changes made in the last two weeks to Sept 19th. Also added SGX enclave hello world code to Sept 19th. For convenience, lab document changes are marked in red.
9/20/17: We are very fortunate to have Frank McKeen (inventor and lead architect of Intel SGX) come and give a talk on October 19th (during normal class time). Mark your calendar! Class will be held in Siebel 2405 so that more people can attend.
9/19/17: The hardware covert channel/SGX lab is now live! Please see the links on 9/19 in the below schedule.
9/8/17: Room change! We will meet in Siebel 1105 starting 9/12.
9/6/17: All papers have been assigned to all students who emailed me their preferences. Please email me if you do not see your name on this page. Note that several new papers have been assigned (see ***X will present Y***). Please read the stated papers by the stated day and send the usual summary/discussion questions for those new papers.
9/1/17: Unable to register for the course? Several students have reported to me that registration is closed (if you are trying to register, cannot, and haven't emailed me yet, please do so). Reg is closed because we are out of space in room 1103. I am trying to get a larger room and will post an update when I get a thumbs up/down.
8/29/17: Action items for day 1: Doodle your preferred final presentation times, email Chris your research area and the top 5 papers you would like to present. Reminder: [598CLF] in subject line please!
8/27/17: Website is up!

Calendar

Discussion papers count towards participation grade and will be the main topic each day. Other papers ("Additional reads") are recommended reading to get a more comprehensive picture for the day's topic.

	Intel SGX and Enclave Programming
Week 1
	Introduction/background			Discussion lead
	Aug 29	Lecture: Course introduction, syllabus, introduction to Secure Processors [Slides]	Additional reads: - On the Impossibility of Cryptography Alone for Privacy-Preserving Cloud Computing. Name says it all; also discussion of limitations in hardware.	Chris
	Aug 31	Lecture: Refresher: Computer Architecture [Slides]	Additional reads: - Intel SGX explained. Pages: 2-31, 42-50	Chris
Week 2
	Sept 5	Lecture: Refresher: Applied Crypto for Secure Processors [Slides]	Additional reads: - Intel SGX explained. Pages: 31-42	Chris
	Sept 7	Lecture: SGX Deep Dive [Slides]	*See also, Kamran's video recording of this lecture.* Additional reads: - Intel SGX explained. Pages: 50-118 - Innovative instructions and software model for isolated execution. First paper describing SGX. - Using innovative instructions to create trustworthy software solutions. First paper discussing SGX usage. - Intel Software Guard Extensions (Intel SGX) Support for Dynamic Memory Management Inside an Enclave. First paper on SGX 2.0.	Chris
Week 3
	Sept 12	Enclave programming [Slides]	Discussion paper: - Ryoan: A Distributed Sandbox for Untrusted Computation on Secret Data. Additional reads: - Shielding Applications from an Untrusted Cloud with Haven. LibOS (heavyweight) granularity enclaves. - SCONE: Secure Linux Containers with Intel SGX. Container (featherweight) granularity enclaves. - PANOPLY: Low-TCB Linux Applications with SGX Enclaves. POSIX-API (leightweight) granularity enclaves. - Glamdring: Automatic Application Partitioning for Intel SGX. Automatic application partitioning to enclaves.	John Alsop
	Sept 14	Enclave foundations [Slides]	Discussion paper: - A Formal Foundation for Secure Remote Execution of Enclaves. Additional reads: - Foundations of Hardware-Based Attested Computation and Application to SGX. Name says it all; focus is not on machine checkable proofs.	Riccardo Paccagnella
Week 4
	Sept 19	Virtual memory attacks [Slides]	*Hardware covert channel/SGX lab out. Lab document, starter code, hello world SGX enclave.* Discussion paper: - Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX. Additional reads: - Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. Nascent memory side-channels on SGX.	Vincent Bindschaedler
	Shared Resource Attacks and Defenses
	Sept 21	Shared resource attacks [Slides1, Slides2]	*Paul and Elizabeth will present DRAMA and Cache storage channels back to back, then we will discuss both. Please read/summarize both for the class..* Discussion paper: - Cache Storage Channels: Alias-Driven Attacks and Verified Countermeasures. - DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks. Like a cache timing attack, but on DRAM. Additional reads: - FLUSH+RELOAD: a High Resolution, Low Noise, L3 Cache Side-Channel Attack. A more gentle introduction to cache timing attacks.	Paul Murley, Elizabeth Reed
Week 5
	Sept 26	Application-level attacks from shared resource attacks [Slides]	Discussion paper: - Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches. Additional reads: - The Spy in the Sandbox: Practical Cache Attacks in JavaScript and their Implications. Launch a cache timing attack on any machine, from the browser.	Azin Heidarshenas
	Sept 28	Co-location in a cloud environment [Slides1, Slides2]	*Serif Yesil will present Cross-Tenant... in the second half of lecture.* Discussion paper: - Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds. - Cross-Tenant Side-Channel Attacks in PaaS Clouds. Two for one: more information on co-location; a new model for launching application-level attacks (not histogram based).	Bingzhe Liu, Serif Yesil
Week 6
	Oct 3	Hardware mitigations to shared resource attacks [Slides]	Discussion paper: - Secure Hierarchy-Aware Cache Replacement Policy (SHARP): Defending Against Cache-Based Side Channel Atacks. Additional reads: - New cache designs for thwarting software cache-based side channel attacks. The first HW-based proposals for defeating cache-based timing attacks.	Mengjia Yan
	Oct 5	Software mitigations to shared resource attacks [Slides]	Discussion paper: - Raccoon: Closing Digital Side-Channels through Obfuscated Execution. Scaling instruction-level obliviousness to handle program memory (also on commodity machines).	Jake Bailey
Week 7
	Oct 10	Language support to prevent shared resource attacks [Slides]	Discussion paper: - Caisson: A Hardware Description Language for Secure Information Flow. Additional reads: - A Hardware Design Language for Timing-Sensitive Information-Flow Security. SecVerilog: language enhancements for timing attack-awareness in Verilog HDL.	Giordano Salvador
	Oct 12	Software mitigations to shared resource attacks (redux) [Slides]	Discussion paper: - Oblivious Multi-Party Machine Learning on Trusted Processors.	Abdulrahman Mahmoud
Week 8
	Oct 17	Class cancelled - Chris out at MICRO	*Final project proposals due. Proposal guidelines.*
	Oct 19	Guest Lecture: Frank McKeen, Intel (inventor and lead architect of Intel SGX)
Week 9
	Bootstrapping trust
	Oct 24	Authentication [Slides]	*Lab due.* Discussion paper: - Silicon physical random functions. Additional reads: - Enhanced privacy id from bilinear pairing. Design of Intel SGX's EPID authentication scheme.	Jose Rodrigo Sanchez
	Oct 26	Sources of randomness [Slides]	Discussion paper: - Power-up SRAM State as an Identifying Fingerprint and Source of True Random Numbers. Additional reads: - FPGA-based True Random Number Generation using Circuit Metastability with Adaptive Feedback Control. Name says it all; how to extract randomness from low-level circuit behaviors.	Sze Chuen Tan
Week 10
	Isolation Potpourri
	Oct 31	Application-level isolation ala TXT [Slides]	Discussion paper: - Flicker: An Execution Infrastructure for TCB Minimization.	Tianyuan Liu
	Nov 2	Pre/post-cursors to SGX [Slides1, Slides2]	*Adel will present Sanctum in the second half of lecture.* Discussion paper: - Scalable architectural support for trusted software. - Sanctum: Minimal Hardware Extensions for Strong Software Isolation. Additional reads: - SurfNoC: A Low Latency and Provably Non-Interfering Approach to Secure Networks-On-Chip. Simple and effective throughout optimizations for NoC non-interference (in some sense finer-grain than Sanctum).	Dimitrios Skarlatos, Adel Ejjeh
Week 11
	Memory Attacks and Defenses (of the code injection variety)
	Nov 7	Memory corruption overview [Slides]	Discussion paper: - SoK: Eternal War in memory. Additional reads: - If you liked the SoK, see its many related papers on CFI, DFI, etc.	Wajih Hassan
	Nov 9	Lightweight hardware protections [Slides]	Discussion paper: - HDFI: Hardware-Assisted Data-Flow Isolation.	Ben Schreiber
Week 12
	Nov 14	Heavierweight hardware protections [Slides]	Discussion paper: - Watchdog: Hardware for Safe and Secure Manual Memory Management and Full Memory Safety. Additional reads: - Architectural Support for Software-Defined Metadata Processing. More flexible (but heavier weight) take on in-HW instruction-level checking than Watchdog. - Beyond the PDP-11: Architectural support for a memory-safe C abstract machine. CHERI project's (clean slate design) take on supporting memory safety in C.	Hadi Asghari-Moghaddam
	Nov 16	Project checkpoint - in class presentations
Week 13
	Nov 21	No class - thanksgiving
	Nov 23	No class - thanksgiving
Week 14
	Physical Attacks and Defenses
	Nov 28	Differential X analysis [Slides1, Slides2]	*Omri Mor will present Beyond the PDP-11... in the second half of lecture.* Discussion paper: - Differential Power Analysis. Additional reads: - Differential Fault Analysis of Secret Key Cryptosystems. Companion classic paper; based on fault injection.	Omri Mor, Hyun Bin
	Nov 30	Hardware trojans [Slides]	Discussion paper: - A2: Analog Malicious Hardware. Additional reads: - Hardware Trojan Attacks: Threat Analysis and Countermeasures. Survey for hardware trojans. - Verifiable ASICs. Assume HW is untrustworthy, ala verified outsourced computation.	Adam Auten
Week 15
	Dec 5	Attacks on DRAM [Slides1, Slides2]	*Thomas Yurek will present Lest we forget... in the second half of lecture.* Discussion paper: - Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript. - Lest We Remember: Cold Boot Attacks on Encryption Keys. A modern look at cold boot attacks.	Apostolos Kokolis, Thomas Yurek
	Dec 7	External memory protection [Slides]	Discussion paper: - Design and Implementation of the Ascend Secure Processor. - Ascend Whitepaper. Additional reads: - A Memory Encryption Engine Suitable for General Purpose Processors. Design of Intel SGX's memory encryption engine (MEE). - CaSE: Cache-Assisted Secure Execution on ARM Processors. How to build an MEE in software on ARM processors.	Kartik Hegde
Week 16
	Dec 12	On-chip memory protection [Slides]	Discussion paper: - Inspection Resistant Memory: Architectural Support for Security from Physical Examination.	Jiyong Yu
	Dec 14	(READING DAY, NO CLASS)	*Final project due (11:59p).*
December 13, 7-9p: Final project presentations. Location TBA.

Texts, books, resources

Grading

Grading (4 credits):

35%: Class participation and paper reading
- 10%: present and lead the paper discussion for 1-2 papers
- 20%: 2 papers per week, submit discussion question + 500 word summary for each
- 5%: in-class participation
15%: Assignments
- 15%: SGX programming assignment
50%: Final project
- 10%: project proposal
- 10%: first checkpoint (5-minute presentation before Thanksgiving)
- 25%: Final project writeup + artifact (if applicable)
- 5%: Final presentation

Academic Integrity

https://www.ece.illinois.edu/academics/grad/overview/general-info.asp "The faculty of the Department of Electrical and Computer Engineering expects all students to maintain academic integrity at all times in the classroom and the research laboratory and to conduct their academic work in accordance with the highest ethical standards of the engineering profession. Students are expected to maintain academic integrity by refraining from academic dishonesty, and by refraining from conduct which aids others in academic dishonesty or which leads to suspicion of academic dishonesty. Violations of academic integrity will result in disciplinary actions ranging from failing grades on assignments and courses to probation, suspension or dismissal from the University."

Ethics statement

This is a course in computer security, and as such we will discuss several "attack" techniques that, if applied in the real world, could be used to compromise the security of others. This course also involves hands-on interaction with peer-to-peer computer networks and virtual currency systems, to which numerous laws and regulations are applicable. It is your responsibility not to run afoul of laws, regulations, or ethical standards. If in doubt please contact me (the instructor).

The above information is subject to change.