Skip to main content
SpringerLink
Log in

Idea: State-Continuous Transfer of State in Protected-Module Architectures

  • Conference paper
Engineering Secure Software and Systems (ESSoS 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8978))

Included in the following conference series:

Abstract

The ability to copy data effortlessly poses significant security issues in many applications; It is difficult to safely lend out music or e-books, virtual credits cannot be transferred between peers without contacting a central server or co-operation with other network nodes, …

Protecting digital copies is hard because of the huge software and hardware trusted computing base applications have to rely on. Protected-module architectures (PMAs) provide an interesting alternative by relying only on a minimal set of security primitives. Recently it has been proven that such platforms can provide strong security guarantees. However, transferring state of protected modules has, to the best of our knowledge, not yet been studied.

In this paper, we present a protocol to transfer protected modules from one machine to another state-continuously; From a high level point of view, only a single instance of the module exists that executes without interruption when it is transferred from one machine to another. In practice however an attacker may (i) crash the system at any point in time (i.e., a crash attack), (ii) present the system with a stale state (i.e., a rollback attack), or (iii) trick both machines to continue execution of the module (i.e., a forking attack). We also discuss use cases of such a system that go well beyond digital rights management.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Agten, P., Jacobs, B., Piessens, F.: Sound modular verification of c code executing in an unverified context. Accepted for publication in Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 2015) (January 2015)

    Google Scholar 

  2. Agten, P., Strackx, R., Jacobs, B., Piessens, F.: Secure compilation to modern processors. In: 2012 IEEE 25th Computer Security Foundations Symposium (CSF 2012), pp. 171–185. IEEE Computer Society, Los Alamitos (2012)

    Chapter  Google Scholar 

  3. Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for CPU based attestation and sealing. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy (2013)

    Google Scholar 

  4. Chan, E.M., Carlyle, J.C., David, F.M., Farivar, R., Campbell, R.H.: BootJacker: Compromising computers using forced restarts. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, CCS 2008, pp. 555–564. ACM, New York (2008)

    Chapter  Google Scholar 

  5. Halderman, J., Schoen, S., Heninger, N., Clarkson, W., Paul, W., Calandrino, J., Feldman, A., Appelbaum, J., Felten, E.: Lest we remember: Cold boot attacks on encryption keys. In: USENIX Security Symposium, pp. 45–60 (2008)

    Google Scholar 

  6. Intel Corporation. Software Guard Extensions Programming Reference (2013)

    Google Scholar 

  7. King-Lacroix, J., Martin, A.: Bottlecap: A credential manager for capability systems. In: Proceedings of the Seventh ACM Workshop on Scalable Trusted Computing, STC 2012, pp. 45–54. ACM, New York (2012)

    Chapter  Google Scholar 

  8. Koeberl, P., Schulz, S., Sadeghi, A.-R., Varadharajan, V.: Trustlite: a security architecture for tiny embedded devices. In: Proceedings of the Ninth European Conference on Computer Systems (EuroSys 2014), p. 10. ACM (2014)

    Google Scholar 

  9. Kotla, R., Rodeheffer, T., Roy, I., Stuedi, P., Wester, B.: Pasture: secure offline data access using commodity trusted hardware. In: Proceedings of the 10th USENIX Conference on Operating Systems Design and Implementation (OSDI 2012) (2012)

    Google Scholar 

  10. McCune, J.M., Li, Y., Qu, N., Zhou, Z., Datta, A., Gligor, V., Perrig, A.: TrustVisor: Efficient TCB reduction and attestation. In: Proceedings of the IEEE Symposium on Security and Privacy (S&P 2010) (May 2010)

    Google Scholar 

  11. McCune, J.M., Parno, B., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: An execution infrastructure for TCB minimization. In: Proceedings of the ACM European Conference in Computer Systems (EuroSys), pp. 315–328. ACM (April 2008)

    Google Scholar 

  12. Noorman, J., Agten, P., Daniels, W., Strackx, R., Herrewege, A.V., Huygens, C., Preneel, B., Verbauwhede, I., Piessens, F.: Sancus: Low-cost trustworthy extensible networked devices with a zero-software trusted computing base. In: 22nd USENIX Security Symposium (Usenix 2013). USENIX Association (August 2013)

    Google Scholar 

  13. One, A.: Smashing the stack for fun and profit. Phrack Magazine 7(49) (1996)

    Google Scholar 

  14. Owusu, E., Guajardo, J., McCune, J., Newsome, J., Perrig, A., Vasudevan, A.: OASIS: on achieving a sanctuary for integrity and secrecy on untrusted platforms. In: Conference on Computer & Communications Security (CCS 2013) (2013)

    Google Scholar 

  15. Parno, B., Lorch, J.R., Douceur, J.R., Mickens, J., McCune, J.M.: Memoir: Practical state continuity for protected modules. In: Proceedings of the IEEE Symposium on Security and Privacy (S&P 2011) (May 2011)

    Google Scholar 

  16. Patrignani, M., Agten, P., Strackx, R., Jacobs, B., Clarke, D., Piessens, F.: Secure compilation to protected module architectures. Accepted for publication in Transactions on Programming Languages and Systems, TOPLAS (2014)

    Google Scholar 

  17. Patrignani, M., Clarke, D., Piessens, F.: Secure Compilation of Object-Oriented Components to Protected Module Architectures. In: Shan, C.-c. (ed.) APLAS 2013. LNCS, vol. 8301, pp. 176–191. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  18. Strackx, R., Jacobs, B., Piessens, F.: ICE: A passive, high-speed, state-continuity scheme. In: Annual Computer Security Applications Conference (ACSAC 2014) (2014)

    Google Scholar 

  19. Strackx, R., Jacobs, B., Piessens, F.: ICE: A passive, high-speed, state-continuity scheme (extended version). CW Reports CW672, KU Leuven (August 2014)

    Google Scholar 

  20. Strackx, R., Piessens, F.: Fides: Selectively hardening software application components against kernel-level or process-level malware. In: Computer and Communications Security (CCS 2012) (October 2012)

    Google Scholar 

  21. Strackx, R., Piessens, F., Preneel, B.: Efficient Isolation of Trusted Subsystems in Embedded Systems. In: Jajodia, S., Zhou, J. (eds.) SecureComm 2010. LNICST, vol. 50, pp. 344–361. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  22. Strackx, R., Younan, Y., Philippaerts, P., Piessens, F., Lachmund, S., Walter, T.: Breaking the memory secrecy assumption. In: Proceedings of the Second European Workshop on System Security, pp. 1–8. ACM (2009)

    Google Scholar 

  23. van Dijk, M., Rhodes, J., Sarmenta, L.F.G., Devadas, S.: Offline untrusted storage with immediate detection of forking and replay attacks. In: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing, STC 2007 (2007)

    Google Scholar 

  24. Vasudevan, A., Chaki, S., Jia, L., McCune, J., Newsome, J., Datta, A.: Design, implementation and verification of an extensible and modular hypervisor framework. In: Proceedings of the 2013 IEEE Symposium on Security and Privacy, SP 2013, pp. 430–444. IEEE Computer Society, Washington, DC (2013)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. iMinds-DistriNet, University of Leuven, Leuven, Belgium

    Raoul Strackx & Niels Lambrigts

Authors
  1. Raoul Strackx
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Niels Lambrigts
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. iMinds-DistriNet, KU Leuven, Belgium

    Frank Piessens

  2. IMDEA Software Institute, Campus de Montegancedo S/N, 28223, Pozuelo de Alarcón, Spain

    Juan Caballero

  3. Inria Sophia Antipolis – Mediterranee, 2004 route des Lucioles, B.P. 93, 06902, Sophia Antipolis Cedex, France

    Nataliia Bielova

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Strackx, R., Lambrigts, N. (2015). Idea: State-Continuous Transfer of State in Protected-Module Architectures. In: Piessens, F., Caballero, J., Bielova, N. (eds) Engineering Secure Software and Systems. ESSoS 2015. Lecture Notes in Computer Science, vol 8978. Springer, Cham. https://doi.org/10.1007/978-3-319-15618-7_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-15618-7_4

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-15617-0

  • Online ISBN: 978-3-319-15618-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation