Sangho
Lee,
Postdoctoral
fellow
School
of
Computer
Science,
Georgia
Institute
of
Technology
Recently, hardware starts to adopt security mechanisms that satisfy both robustness and efficiency. One notable example is a hardware-based trusted execution environment (TEE), such as Intel Software Guard Extensions (SGX), that allows a user application to have a secure and isolated execution environment for confidential computations without relying on underlying systems software (e.g., operating system and hypervisor) and its administrators. However, recent studies have shown that existing hardware-based TEEs are vulnerable to side-channel attacks, making their overall security guarantees questionable.
In this talk, I will first show how side-channel attacks against hardware-based TEEs can accurately reveal secrets, such as private keys, from confidential computations by exploiting memory page faults and branch prediction behaviors. Then, I will explain our countermeasures against the attacks, which are based on program transformations and hardware primitives to identify suspicious page faults and obfuscate branch execution histories. Last, I will discuss my research plan to securely and effectively use hardware-assisted security mechanisms.
Bio: Sangho Lee is a postdoctoral fellow in Computer Science at Georgia Institute of Technology, working with Prof. Taesoo Kim and Prof. Wenke Lee. His research interests include all aspects of computer security, especially in systems and web security. His research discovered and solved many security problems in hardware, operating system, web browser, and online platform. His work was published in top-tier security, systems, and web conferences (IEEE S&P, USENIX Security, ACM CCS, ISOC NDSS, USENIX ATC, and WWW). He obtained his Ph.D. degree from POSTECH, Korea, in 2013, and worked as a postdoctoral research associate at POSTECH.