《信息安全学报》将在4月2日（本周六）上午9点举办线上学术沙龙“芯片安全技术”学术报告会，诚邀感兴趣的老师和同学参加。

沙龙详细信息请扫描下方二维码或点击下方链接

《信息安全学报》线上学术沙龙（第九期）——“芯片安全技术”学术报告会 (qq.com)

参会信息：

腾讯会议号：285-562-193

腾讯会议链接：https://meeting.tencent.com/dm/TZmi6zlB3YV0

B站链接：http://live.bilibili.com/22652803

一、 活动简介

芯片作为计算系统的基石，其安全性和可信度至关重要。2018年曝出的 Spectre 和 Meltdown 等处理器安全漏洞揭示出底层芯片不安全将导致现有软件安全机制失效。芯片安全漏洞带来的威胁和应对技术已经成为网络空间领域热门研究方向之一。

为了更好的推动芯片安全技术的发展，《信息安全学报》将举办一次芯片安全技术线上学术报告会，邀请该领域的专家学者展开全方位研讨和交流。

二、 活动基本情况

1. 主办方：信息安全国家重点实验室、中国科学院信息工程研究所《信息安全学报》

2. 时间：2022年4月2日上午9点

3. 报告在线平台：腾讯会议

4. 腾讯会议号：285-562-193

5. 会议链接：https://meeting.tencent.com/dm/TZmi6zlB3YV0

B站链接：http://live.bilibili.com/22652803

三、活动日程

四、学术报告

报告专家1：Zhang Yinqian

报告题目：Ciphertext Side Channels on AMD SEV-SNP

专家简介：

Prof. Yinqian Zhang is a Professor at Southern University of Science and Technology (SUSTech). His research aims to secure computer systems. Many of his works lie in the field of computer system security, software security, or architecture security. Among many other peer-reviewed publications, about 40 of his works were published at top-tier security and system conferences, such as IEEE S&P, ACM CCS, USENIX Security, NDSS, ATC and ISCA. Prior to joining SUSTech, Prof. Zhang was an Associate Professor at The Ohio State University (OSU), where he won an NSF CAREER Award, an OSU Lumley Research Award and Outstanding Teaching Award. He was a recipient of the Rising Star Award from the Association of Chinese Scholars in Computing in 2019 and one of the World’s Top 2% Scientists in 2020.

报告摘要：

AMD's Secure Encrypted Virtualization (SEV) is a hardware extension available in AMD's EPYC server processors to support confidential cloud computing. In this talk, we summarize a history of SEV’s design flaws, including its unencrypted VM states, unauthenticated memory encryption, unprotected nested page tables and I/O operations, as well as the ASID and TLB misuse. We will also present our discovery of a new breed of side channels on SEV (including recently released SEV-SNP), which we call ciphertext side channels. Unlike traditional micro-architecture side channels, ciphertext side channels do not rely on secret-dependent memory access patterns in the victim code. Therefore, many constant-time cryptographic code, including RSA and ECDSA in the latest OpenSSL library, can be broken by ciphertext side-channel attacks. Without a proper hardware mitigation, ciphertext side channels will become the Achilles heel of SEV-backed confidential computing platforms.

报告专家2：Amro Awad

报告题目：Filesystem Encryption or Direct-Access for NVM Filesystems? Let’s Have Both!

专家简介：

Prof. Amro Awad is currently an assistant professor and leads the Secure and Advanced Computer Architecture (SACA) research group at NC State.

报告摘要：

Emerging Non-Volatile Memories (NVMs) are promising candidates to build ultra-low idle power memory and storage devices in future computing systems. Unlike DRAM, NVMs do not require frequent refresh operations, and they can retain data after crashes and power loss. With such features, NVM memory modules can be used partly as conventional memory to host memory pages and partly as file storage to host filesystems and persistent data. Most importantly, and unlike current storage technologies, NVMs can be directly attached to the memory bus and accessed through conventional load/store operations.  

As NVMs feature ultra-low access latency, it is necessary to minimize software overheads for accessing files to enable the full potential. In legacy storage devices, e.g., Flash and Hard-disk drives, access latency dominates the software overheads. However, emerging NVMs' performance can be burdened by the software overheads since memory access latency is minimal. Modern Operating Systems (OSes) allow direct-access (DAX) for NVM-hosted files through direct load/store operations by eliminating intermediate software layers. Unfortunately, we observe that such a direction ignores filesystem encryption and renders most of the current filesystem encryption implementations inapplicable to future NVM systems. In this paper, we propose a novel hardware/software co-design architecture that enables transparent filesystem encryption without sacrificing the direct-access feature of files in emerging NVMs with minimal change in OS and memory controller. Our proposed model incurs a negligible overall slowdown of 3.8% for workloads representative of real-world applications, while software-based encryption can incur as high as 5x slowdown for some applications.

报告专家3：Yan Mengjia

报告题目：Security Analysis of Misunderstood Micro-architectural Side-Channel Attacks and Mitigations

专家简介：

Mengjia Yan is an Assistant Professor in the Electrical Engineering and Computer Science department at Massachusetts Institute of Technology. She received her Ph.D. degree from the University of Illinois at Urbana-Champaign (UIUC). 

Her research interest lies in the areas of computer architecture and hardware security, with a focus on side channel attacks and defenses. Mengjia received the NSF Faculty Early Career Development Program (CAREER) Award, ACM SIGARCH/IEEE CS TCCA Outstanding Dissertation Award Honorable Mention, the David J. Kuck Outstanding PhD Thesis Award in Computer Science at UIUC, multiple MICRO TopPicks in Computer Architecture and a MICRO best paper award.

报告摘要：

The class of attacks that exploit micro-architectural vulnerabilities to breach processor security, generally referred to as side-channel attacks, have become a serious security threat. The research community has been actively investigating new micro-architectural attack strategies and mitigation mechanisms.

On one hand, recent advancements in machine learning have made it possible to deploy powerful side-channel attacks. However, due to the black-box nature of machine learning models, these advancements suffer from a complete absence of interpretability and can often mislead the community about the root causes of the attacks. On the other hand, architects have looked at different forms of randomization to thwart the attacker’s ability to communicate using micro-architectural structures. However, the security properties of these mitigation mechanisms are generally evaluated in an incomplete way and often found to be broken later on.

In this talk, I will cover two recent works in my group that perform security analysis of the state-of-the-art micro-architectural side channel attacks and mitigations to 1) demystify the root causes of the attacks and 2) quantify the security properties of the mitigation mechanisms.

报告专家4：Zhao Lutan

报告题目：Secure Branch Predictor

专家简介：

Lutan Zhao is an associate professor at the State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences. He received his PhD degree in Institute of Information Engineering, Chinese Academy of Sciences in 2021. His research interest lies in the areas of computer architecture and processor chip security.

报告摘要：

In modern processors, branch prediction is a fundamental technique for high-performance execution. However, recently exposed vulnerabilities reveal the necessity to improve the security of branch predictors in mainstream commercial processors. The root cause of these vulnerabilities is that modern processors generally adopt the design principle of resource sharing, and branch predictor is a typical example. From a security perspective, resource sharing leads to a possible attack surface. Branch predictors record history about the execution of different programs, and such information is stored in the shared structure and thus accessible to all processes. This leaves the attackers the opportunities for malicious training and/or perception. In this talk, we summarize a history of branch predictor vulnerabilities, including contention-based attacks and reused-based attacks. We will also present our defense works to reconsider the design of secure branch predictor in term of index, content, and update.