-
Laminator: Verifiable ML Property Cards using Hardware-assisted Attestations
Authors:
Vasisht Duddu,
Oskari Järvinen,
Lachlan J Gunn,
N Asokan
Abstract:
Regulations increasingly call for various assurances from machine learning (ML) model providers about their training data, training process, and model behavior. For better transparency, industry (e.g., Huggingface and Google) has adopted model cards and datasheets to describe various properties of training datasets and models. In the same vein, we introduce the notion of inference cards to describ…
▽ More
Regulations increasingly call for various assurances from machine learning (ML) model providers about their training data, training process, and model behavior. For better transparency, industry (e.g., Huggingface and Google) has adopted model cards and datasheets to describe various properties of training datasets and models. In the same vein, we introduce the notion of inference cards to describe the properties of a given inference (e.g., binding of the output to the model and its corresponding input). We coin the term ML property cards to collectively refer to these various types of cards.
To prevent a malicious model provider from including false information in ML property cards, they need to be verifiable. We show how to construct verifiable ML property cards using property attestation, technical mechanisms by which a prover (e.g., a model provider) can attest to various ML properties to a verifier (e.g., an auditor). Since prior attestation mechanisms based purely on cryptography are often narrowly focused (lacking versatility) and inefficient, we need an efficient mechanism to attest different types of properties across the entire ML model pipeline.
Emerging widespread support for confidential computing has made it possible to run and even train models inside hardware-assisted trusted execution environments (TEEs), which provide highly efficient attestation mechanisms. We propose Laminator, which uses TEEs to provide the first framework for verifiable ML property cards via hardware-assisted ML property attestations. Laminator is efficient in terms of overhead, scalable to large numbers of verifiers, and versatile with respect to the properties it can prove during training or inference.
△ Less
Submitted 5 March, 2025; v1 submitted 25 June, 2024;
originally announced June 2024.
-
Data-Oblivious ML Accelerators using Hardware Security Extensions
Authors:
Hossam ElAtali,
John Z. Jekel,
Lachlan J. Gunn,
N. Asokan
Abstract:
Outsourced computation can put client data confidentiality at risk. Existing solutions are either inefficient or insufficiently secure: cryptographic techniques like fully-homomorphic encryption incur significant overheads, even with hardware assistance, while the complexity of hardware-assisted trusted execution environments has been exploited to leak secret data.
Recent proposals such as BliMe…
▽ More
Outsourced computation can put client data confidentiality at risk. Existing solutions are either inefficient or insufficiently secure: cryptographic techniques like fully-homomorphic encryption incur significant overheads, even with hardware assistance, while the complexity of hardware-assisted trusted execution environments has been exploited to leak secret data.
Recent proposals such as BliMe and OISA show how dynamic information flow tracking (DIFT) enforced in hardware can protect client data efficiently. They are designed to protect CPU-only workloads. However, many outsourced computing applications, like machine learning, make extensive use of accelerators.
We address this gap with Dolma, which applies DIFT to the Gemmini matrix multiplication accelerator, efficiently guaranteeing client data confidentiality, even in the presence of malicious/vulnerable software and side channel attacks on the server. We show that accelerators can allow DIFT logic optimizations that significantly reduce area overhead compared with general-purpose processor architectures. Dolma is integrated with the BliMe framework to achieve end-to-end security guarantees. We evaluate Dolma on an FPGA using a ResNet-50 DNN model and show that it incurs low overheads for large configurations ($4.4\%$, $16.7\%$, $16.5\%$ for performance, resource usage and power, respectively, with a 32x32 configuration).
△ Less
Submitted 29 January, 2024;
originally announced January 2024.
-
Towards cryptographically-authenticated in-memory data structures
Authors:
Setareh Ghorshi,
Lachlan J. Gunn,
Hans Liljestrand,
N. Asokan
Abstract:
Modern processors include high-performance cryptographic functionalities such as Intel's AES-NI and ARM's Pointer Authentication that allow programs to efficiently authenticate data held by the program. Pointer Authentication is already used to protect return addresses in recent Apple devices, but as yet these structures have seen little use for the protection of general program data.
In this pa…
▽ More
Modern processors include high-performance cryptographic functionalities such as Intel's AES-NI and ARM's Pointer Authentication that allow programs to efficiently authenticate data held by the program. Pointer Authentication is already used to protect return addresses in recent Apple devices, but as yet these structures have seen little use for the protection of general program data.
In this paper, we show how cryptographically-authenticated data structures can be used to protect against attacks based on memory corruption, and show how they can be efficiently realized using widely available hardware-assisted cryptographic mechanisms. We present realizations of secure stacks and queues with minimal overall performance overhead (3.4%-6.4% slowdown of the OpenCV core performance tests), and provide proofs of correctness.
△ Less
Submitted 20 October, 2022;
originally announced October 2022.
-
BliMe: Verifiably Secure Outsourced Computation with Hardware-Enforced Taint Tracking
Authors:
Hossam ElAtali,
Lachlan J. Gunn,
Hans Liljestrand,
N. Asokan
Abstract:
Outsourced computing is widely used today. However, current approaches for protecting client data in outsourced computing fall short: use of cryptographic techniques like fully-homomorphic encryption incurs substantial costs, whereas use of hardware-assisted trusted execution environments has been shown to be vulnerable to run-time and side-channel attacks.
We present Blinded Memory (BliMe), an…
▽ More
Outsourced computing is widely used today. However, current approaches for protecting client data in outsourced computing fall short: use of cryptographic techniques like fully-homomorphic encryption incurs substantial costs, whereas use of hardware-assisted trusted execution environments has been shown to be vulnerable to run-time and side-channel attacks.
We present Blinded Memory (BliMe), an architecture to realize efficient and secure outsourced computation. BliMe consists of a novel and minimal set of instruction set architecture (ISA) extensions implementing a taint-tracking policy to ensure the confidentiality of client data even in the presence of server vulnerabilities. To secure outsourced computation, the BliMe extensions can be used together with an attestable, fixed-function hardware security module (HSM) and an encryption engine that provides atomic decrypt-and-taint and encrypt-and-untaint operations. Clients rely on remote attestation and key agreement with the HSM to ensure that their data can be transferred securely to and from the encryption engine and will always be protected by BliMe's taint-tracking policy while at the server.
We provide an RTL implementation BliMe-BOOM based on the BOOM RISC-V core. BliMe-BOOM requires no reduction in clock frequency relative to unmodified BOOM, and has minimal power ($<\!1.5\%$) and FPGA resource ($\leq\!9.0\%$) overheads. Various implementations of BliMe incur only moderate performance overhead ($8--25\%$). We also provide a machine-checked security proof of a simplified model ISA with BliMe extensions.
△ Less
Submitted 29 November, 2023; v1 submitted 20 April, 2022;
originally announced April 2022.
-
GrandDetAuto: Detecting Malicious Nodes in Large-Scale Autonomous Networks
Authors:
Tigist Abera,
Ferdinand Brasser,
Lachlan J. Gunn,
Patrick Jauernig,
David Koisser,
Ahmad-Reza Sadeghi
Abstract:
Autonomous collaborative networks of devices are rapidly emerging in numerous domains, such as self-driving cars, smart factories, critical infrastructure, and Internet of Things in general. Although autonomy and self-organization are highly desired properties, they increase vulnerability to attacks. Hence, autonomous networks need dependable mechanisms to detect malicious devices in order to prev…
▽ More
Autonomous collaborative networks of devices are rapidly emerging in numerous domains, such as self-driving cars, smart factories, critical infrastructure, and Internet of Things in general. Although autonomy and self-organization are highly desired properties, they increase vulnerability to attacks. Hence, autonomous networks need dependable mechanisms to detect malicious devices in order to prevent compromise of the entire network. However, current mechanisms to detect malicious devices either require a trusted central entity or scale poorly.
In this paper, we present GrandDetAuto, the first scheme to identify malicious devices efficiently within large autonomous networks of collaborating entities. GrandDetAuto functions without relying on a central trusted entity, works reliably for very large networks of devices, and is adaptable to a wide range of application scenarios thanks to interchangeable components. Our scheme uses random elections to embed integrity validation schemes in distributed consensus, providing a solution supporting tens of thousands of devices. We implemented and evaluated a concrete instance of GrandDetAuto on a network of embedded devices and conducted large-scale network simulations with up to 100000 nodes. Our results show the effectiveness and efficiency of our scheme, revealing logarithmic growth in run-time and message complexity with increasing network size. Moreover, we provide an extensive evaluation of key parameters showing that GrandDetAuto is applicable to many scenarios with diverse requirements.
△ Less
Submitted 1 August, 2023; v1 submitted 11 October, 2019;
originally announced October 2019.
-
Making Speculative BFT Resilient with Trusted Monotonic Counters
Authors:
Lachlan J. Gunn,
Jian Liu,
Bruno Vavala,
N. Asokan
Abstract:
Consensus mechanisms used by popular distributed ledgers are highly scalable but notoriously inefficient. Byzantine fault tolerance (BFT) protocols are efficient but far less scalable. Speculative BFT protocols such as Zyzzyva and Zyzzyva5 are efficient and scalable but require a trade-off: Zyzzyva requires only $3f + 1$ replicas to tolerate $f$ faults, but even a single slow replica will make Zyz…
▽ More
Consensus mechanisms used by popular distributed ledgers are highly scalable but notoriously inefficient. Byzantine fault tolerance (BFT) protocols are efficient but far less scalable. Speculative BFT protocols such as Zyzzyva and Zyzzyva5 are efficient and scalable but require a trade-off: Zyzzyva requires only $3f + 1$ replicas to tolerate $f$ faults, but even a single slow replica will make Zyzzyva fall back to more expensive non-speculative operation. Zyzzyva5 does not require a non-speculative fallback, but requires $5f + 1$ replicas in order to tolerate $f$ faults. BFT variants using hardware-assisted trusted components can tolerate a greater proportion of faults, but require that every replica have this hardware.
We present SACZyzzyva, addressing these concerns: resilience to slow replicas and requiring only $3f + 1$ replicas, with only one replica needing an active monotonic counter at any given time.
We experimentally evaluate our protocols, demonstrating low latency and high scalability. We prove that SACZyzzyva is optimally robust and that trusted components cannot increase fault tolerance unless they are present in greater than two-thirds of replicas.
△ Less
Submitted 13 October, 2019; v1 submitted 24 May, 2019;
originally announced May 2019.
-
PACStack: an Authenticated Call Stack
Authors:
Hans Liljestrand,
Thomas Nyman,
Lachlan J. Gunn,
Jan-Erik Ekberg,
N. Asokan
Abstract:
A popular run-time attack technique is to compromise the control-flow integrity of a program by modifying function return addresses on the stack. So far, shadow stacks have proven to be essential for comprehensively preventing return address manipulation. Shadow stacks record return addresses in integrity-protected memory secured with hardware-assistance or software access control. Software shadow…
▽ More
A popular run-time attack technique is to compromise the control-flow integrity of a program by modifying function return addresses on the stack. So far, shadow stacks have proven to be essential for comprehensively preventing return address manipulation. Shadow stacks record return addresses in integrity-protected memory secured with hardware-assistance or software access control. Software shadow stacks incur high overheads or trade off security for efficiency. Hardware-assisted shadow stacks are efficient and secure, but require the deployment of special-purpose hardware.
We present authenticated call stack (ACS), an approach that uses chained message authentication codes (MACs). Our prototype, PACStack, uses the ARM general purpose hardware mechanism for pointer authentication (PA) to implement ACS. Via a rigorous security analysis, we show that PACStack achieves security comparable to hardware-assisted shadow stacks without requiring dedicated hardware. We demonstrate that PACStack's performance overhead is small (~3%).
△ Less
Submitted 15 October, 2020; v1 submitted 24 May, 2019;
originally announced May 2019.
-
Game theoretical modelling of network/cybersecurity
Authors:
Azhar Iqbal,
Lachlan J. Gunn,
Mingyu Guo,
M. Ali Babar,
Derek Abbott
Abstract:
Game theory is an established branch of mathematics that offers a rich set of mathematical tools for multi-person strategic decision making that can be used to model the interactions of decision makers in security problems who compete for limited and shared resources. This article presents a review of the literature in the area of game theoretical modelling of network/cybersecurity.
Game theory is an established branch of mathematics that offers a rich set of mathematical tools for multi-person strategic decision making that can be used to model the interactions of decision makers in security problems who compete for limited and shared resources. This article presents a review of the literature in the area of game theoretical modelling of network/cybersecurity.
△ Less
Submitted 19 October, 2019; v1 submitted 24 January, 2019;
originally announced January 2019.
-
Safety in Numbers: Anonymization Makes Centralized Systems Trustworthy
Authors:
Lachlan J. Gunn,
Andrew Allison,
Derek Abbott
Abstract:
Decentralized systems can be more resistant to operator mischief than centralized ones, but they are substantially harder to develop, deploy, and maintain. This cost is dramatically reduced if the decentralized part of the system can be made highly generic, and thus incorporated into many different applications. We show how existing anonymization systems can serve this purpose, securing a public d…
▽ More
Decentralized systems can be more resistant to operator mischief than centralized ones, but they are substantially harder to develop, deploy, and maintain. This cost is dramatically reduced if the decentralized part of the system can be made highly generic, and thus incorporated into many different applications. We show how existing anonymization systems can serve this purpose, securing a public database against equivocation by its operator without the need for cooperation by the database owner. We derive bounds on the probability of successful equivocation, and in doing so, we demonstrate that anonymization systems are not only important for user privacy, but that by providing privacy to machines they have a wider value within the internet infrastructure
△ Less
Submitted 8 May, 2017; v1 submitted 10 February, 2016;
originally announced February 2016.
-
A directional coupler attack against the Kish key distribution system
Authors:
Lachlan J. Gunn,
Andrew Allison,
Derek Abbott
Abstract:
The Kish key distribution system has been proposed as a class ical alternative to quantum key distribution. The idealized Kish scheme elegantly promise s secure key distribution by exploiting thermal noise in a transmission line. However, we demonstrate that it is vulnerable to nonidealities in its components, such as the finite resistance of the transmission line connecting its endpoints. We intr…
▽ More
The Kish key distribution system has been proposed as a class ical alternative to quantum key distribution. The idealized Kish scheme elegantly promise s secure key distribution by exploiting thermal noise in a transmission line. However, we demonstrate that it is vulnerable to nonidealities in its components, such as the finite resistance of the transmission line connecting its endpoints. We introduce a novel attack against this nonideality using directional wave measurements, and experimentally demonstrate its efficacy. Our attack is based on causality: in a spatially distributed system, propagation is needed for thermodynamic equilibration, and that leaks information.
△ Less
Submitted 19 May, 2014; v1 submitted 11 February, 2014;
originally announced February 2014.
-
Physical-layer encryption on the public internet: a stochastic approach to the Kish-Sethuraman cipher
Authors:
Lachlan J. Gunn,
James M. Chappell,
Andrew Allison,
Derek Abbott
Abstract:
While information-theoretic security is often associated with the one-time pad and quantum key distribution, noisy transport media leave room for classical techniques and even covert operation. Transit times across the public internet exhibit a degree of randomness, and cannot be determined noiselessly by an eavesdropper. We demonstrate the use of these measurements for information-theoretically s…
▽ More
While information-theoretic security is often associated with the one-time pad and quantum key distribution, noisy transport media leave room for classical techniques and even covert operation. Transit times across the public internet exhibit a degree of randomness, and cannot be determined noiselessly by an eavesdropper. We demonstrate the use of these measurements for information-theoretically secure communication over the public internet.
△ Less
Submitted 18 June, 2013;
originally announced June 2013.
