Scott Carr, "DataShield: Configurable Data Confidentiality and Integrity"
CERIAS Weekly Security Seminar - Purdue University
English - March 29, 2017 20:30 - 140 MB Video - ★★★★ - 6 ratingsTechnology Education Courses infosec security video seminar cerias purdue information sfs research education Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Applications written in C/C++ are prone to memory corruption, which
allows attackers to extract secrets or gain control of the system.
With the rise of strong control-flow hijacking defenses,
non-control data attacks have become the dominant threat. As
vulnerabilities like HeartBleed have shown, such attacks are
equally devastating.
Data Confidentiality and Integrity (DCI) is a low-overhead
non-control-data protection mechanism for systems software. DCI
augments the C/C++ programming languages with annotations, allowing
the programmer to protect selected data types. The DCI compiler and
runtime system prevent illegal reads (confidentiality) and writes
(integrity) to instances of these types. The programmer selects
types that contain security critical information such as passwords,
cryptographic keys, or identification tokens. Protecting only this
critical data greatly reduces performance overhead relative to
complete memory safety.
Our prototype implementation of DCI, DataShield, shows the
applicability and efficiency of our approach. For SPEC CPU2006, the
performance overhead is at most 16.34%. For our case studies, we
instrumented mbedTLS, astar, and libquantum to show that our
annotation approach is prac- tical. The overhead of our SSL/TLS
server is 35.7% with critical data structures protected at all
times. Our security evaluation shows DataShield mitigates a
recently discovered vulnerability in mbedTLS.