PHANTOM: Practical Oblivious Computation in a Secure Processor

Abstract

Confidentiality of data is a major problem as sensitive computations migrate to the cloud. Employees in a data center have physical access to machines and can carry out attacks that have traditionally only affected client-side crypto-devices such as smartcards. For example an employee can snoop confidential data as it moves in and out of the processor to learn secret keys or other program information that can be used for targeted attacks. Secure processors have been proposed as a counter-measure to these attacks -- such processors are physically shielded and enforce confidentiality by encrypting all data outside the chip, e.g. in DRAM or non-volatile storage. While first proposals were academic in nature this model is now starting to appear commercially, such as in the Intel SGX extensions. Although secure processors encrypt all data as it leaves the CPU, the memory addresses that are being accessed in DRAM are still transmitted in plaintext on the address bus. This represents an important source of information leakage that enables serious attacks that can in the worst case, leak bits of cryptographic keys. To counter such attacks, we introduce Phantom, a new secure processor that obfuscates its memory access trace. To an adversary who can observe the processor's output pins, all memory access traces are computationally indistinguishable (a property known as obliviousness). We achieve obliviousness through a cryptographic construct known as Oblivious RAM (ORAM). Existing ORAM algorithms introduce a large (100-200x) overhead in the amount of data moved from memory, which makes ORAM inefficient on real-world workloads. To tackle this problem, we develop a highly parallel ORAM memory controller to reduce ORAM memory access latency and demonstrate the design as part of the Phantom secure processor implemented on a Convey HC-2ex. The HC-2ex is a system that comprises an off-the-shelf x86 CPU paired with 4 high-end FPGAs with a highly parallel memory system.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
May 16, 2014
Accession Number
ADA605341

Entities

People

  • Martin C. Maas

Organizations

  • University of California, Berkeley

Tags

Communities of Interest

  • Advanced Electronics
  • Biomedical
  • Cyber
  • Weapons Technologies

DTIC Thesaurus Topics

  • Algorithms
  • Computational Science
  • Computations
  • Computer Programming
  • Computer Science
  • Computers
  • Content Addressable Memory
  • Data Centers
  • Hidden Markov Models
  • Instruction Set Architecture
  • Intellectual Property
  • Intrusion Detectors
  • Machine Learning
  • Probability
  • Supervised Machine Learning
  • Trees (Data Structures)
  • Workload

Fields of Study

  • Computer science
  • Mathematics

Readers

  • Cybersecurity.
  • Parallel and Distributed Computing.