Ahmad et al., 2019 - Google Patents
OBFUSCURO: A commodity obfuscation engine on Intel SGXAhmad et al., 2019
View PDF- Document ID
- 9807572898849882412
- Author
- Ahmad A
- Joe B
- Xiao Y
- Zhang Y
- Shin I
- Lee B
- Publication year
- Publication venue
- Network and Distributed System Security Symposium
External Links
Snippet
Program obfuscation is a popular cryptographic construct with a wide range of uses such as IP theft prevention. Although cryptographic solutions for program obfuscation impose impractically high overheads, a recent breakthrough leveraging trusted hardware has shown …
- 230000002633 protecting 0 abstract description 18
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/77—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/455—Emulation; Software simulation, i.e. virtualisation or emulation of application or operating system execution engines
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2123—Dummy operation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2207/00—Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F2207/72—Indexing scheme relating to groups G06F7/72 - G06F7/729
- G06F2207/7219—Countermeasures against side channel or fault attacks
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Ahmad et al. | OBFUSCURO: A commodity obfuscation engine on Intel SGX | |
| Moghimi et al. | Memjam: A false dependency attack against constant-time crypto implementations | |
| Brasser et al. | DR. SGX: Automated and adjustable side-channel protection for SGX using data location randomization | |
| US20210218547A1 (en) | Encoded stack pointers | |
| Yu et al. | Data oblivious ISA extensions for side channel-resistant and high performance computing | |
| Guanciale et al. | Cache storage channels: Alias-driven attacks and verified countermeasures | |
| Ahmad et al. | OBLIVIATE: A Data Oblivious Filesystem for Intel SGX. | |
| Liu et al. | Thwarting memory disclosure with efficient hypervisor-enforced intra-domain isolation | |
| Lapid et al. | Cache-attacks on the ARM TrustZone implementations of AES-256 and AES-256-GCM via GPU-based analysis | |
| Hu et al. | Data-oriented programming: On the expressiveness of non-control data attacks | |
| Henson et al. | Memory encryption: A survey of existing techniques | |
| Mohammad et al. | Dyfora: Dynamic firmware obfuscation and remote attestation using hardware signatures | |
| US10237059B2 (en) | Diversified instruction set processing to enhance security | |
| CN111865909A (en) | SGX side channel attack defense method, system, medium, program and application | |
| Brasser et al. | DR. SGX: hardening SGX enclaves against cache attacks with data location randomization | |
| Ahmad et al. | CHANCEL: Efficient Multi-client Isolation Under Adversarial Programs. | |
| Oh et al. | Trustore: Side-channel resistant storage for sgx using intel hybrid cpu-fpga | |
| Brenna et al. | TFHE-rs: A library for safe and secure remote computing using fully homomorphic encryption and trusted execution environments | |
| Zankl et al. | Side-channel attacks in the internet of things: threats and challenges | |
| Guan et al. | Copker: a cryptographic engine against cold-boot attacks | |
| Mishra et al. | Modern hardware security: A review of attacks and countermeasures | |
| Banerjee et al. | SESAME: Software defined enclaves to secure inference accelerators with multi-tenant execution | |
| Bazm et al. | Side channels in the cloud: Isolation challenges, attacks, and countermeasures | |
| Papadopoulos et al. | No sugar but all the taste! memory encryption without architectural support | |
| Biernacki et al. | Sequestered encryption: A hardware technique for comprehensive data privacy |