NDSS

On Building the Data-Oblivious Virtual Environment

Tushar Jois (Johns Hopkins University), Hyun Bin Lee, Christopher Fletcher, Carl A. Gunter (University of Illinois at Urbana-Champaign)

In this talk, we present the experimental approaches used in the design and validation of DOVE, the Data-Oblivious Virtual Environment. DOVE instruments a complex programming environment (such as R) to produce a Data-Oblivious Transcript (DOT) that is explicitly designed to support computation free of any microarchitectural side channels. This transcript is then evaluated on a Trusted Execution Environment (TEE) containing sensitive data using a small, trusted computing base.

We first discuss subtle side-channel vulnerabilities that can arise in high-level languages, and how these difficult-to-find vulnerabilities lead to a break in the trust model of TEEs like Intel SGX. We then share our experimental techniques to identify these vulnerabilities in the R language. We use the lessons learned from these experiments in the design of DOVE, creating the first side-channel-resistant R programming stack. We then use the same experimental analyses to validate the security of the two-phase architecture provided by DOT generation and evaluation in the face of the same vulnerabilities.

Speaker's biographies

Tushar Jois is a third-year PhD candidate at Johns Hopkins University, studying computer security under his advisor Dr. Avi Rubin. He received his BS and MSE degrees in computer science from Johns Hopkins. His primary research interests are in systems, software, and network security, with emphasis on security and privacy for personal devices: protecting users and their everyday data from prying eyes.

Hyun Bin Lee is a fourth-year PhD student at the University of Illinois at Urbana-Champaign, studying computer security under Dr. Carl A. Gunter. He also received both MS and BS degrees in computer science from the University of Illinois. His research interests include systems security, genomic security & privacy, and IoT security.

Chris Fletcher is an Assistant Professor in Computer Science at the University of Illinois at Urbana-Champaign. He has broad interests ranging from Computer Architecture to Security to High-Performance Computing (ranging from theory to practice). These and related works have been awarded with election to the DARPA ISAT study group, the Intel CRC Outstanding Researcher Award, the NSF CAREER award, a Google Faculty Award, the George M. Sprowls Award for Outstanding Ph.D. Thesis in Computer Science at MIT, 14 paper awards, and were listed as one of ten "World Changing Ideas" designations by Scientific American.

Carl A. Gunter is George and Ann Fisher Distinguished Professor in Engineering at the University of Illinois at Urbana-Champaign. He has made research contributions to the semantics of programming languages, formal methods, security, and privacy. His recent work has concerned security and privacy issues for power grids, healthcare systems, and IoT. He serves as the director of Illinois Security Lab, the founding chair of the security and privacy area in the Computer Science Department, and lead for the Genomic Security and Privacy Theme at the Institute for Genomic Biology.