Tushar Jois (Johns Hopkins University), Hyun Bin Lee, Christopher Fletcher, Carl A. Gunter (University of Illinois at Urbana-Champaign)

In this talk, we present the experimental approaches used in the design and validation of DOVE, the Data-Oblivious Virtual Environment. DOVE instruments a complex programming environment (such as R) to produce a Data-Oblivious Transcript (DOT) that is explicitly designed to support computation free of any microarchitectural side channels. This transcript is then evaluated on a Trusted Execution Environment (TEE) containing sensitive data using a small, trusted computing base.

We first discuss subtle side-channel vulnerabilities that can arise in high-level languages, and how these difficult-to-find vulnerabilities lead to a break in the trust model of TEEs like Intel SGX. We then share our experimental techniques to identify these vulnerabilities in the R language. We use the lessons learned from these experiments in the design of DOVE, creating the first side-channel-resistant R programming stack. We then use the same experimental analyses to validate the security of the two-phase architecture provided by DOT generation and evaluation in the face of the same vulnerabilities.

Speaker's biographies

Tushar Jois is a third-year PhD candidate at Johns Hopkins University, studying computer security under his advisor Dr. Avi Rubin. He received his BS and MSE degrees in computer science from Johns Hopkins. His primary research interests are in systems, software, and network security, with emphasis on security and privacy for personal devices: protecting users and their everyday data from prying eyes.

Hyun Bin Lee is a fourth-year PhD student at the University of Illinois at Urbana-Champaign, studying computer security under Dr. Carl A. Gunter. He also received both MS and BS degrees in computer science from the University of Illinois. His research interests include systems security, genomic security & privacy, and IoT security.

Chris Fletcher is an Assistant Professor in Computer Science at the University of Illinois at Urbana-Champaign. He has broad interests ranging from Computer Architecture to Security to High-Performance Computing (ranging from theory to practice). These and related works have been awarded with election to the DARPA ISAT study group, the Intel CRC Outstanding Researcher Award, the NSF CAREER award, a Google Faculty Award, the George M. Sprowls Award for Outstanding Ph.D. Thesis in Computer Science at MIT, 14 paper awards, and were listed as one of ten "World Changing Ideas" designations by Scientific American.

Carl A. Gunter is George and Ann Fisher Distinguished Professor in Engineering at the University of Illinois at Urbana-Champaign. He has made research contributions to the semantics of programming languages, formal methods, security, and privacy. His recent work has concerned security and privacy issues for power grids, healthcare systems, and IoT. He serves as the director of Illinois Security Lab, the founding chair of the security and privacy area in the Computer Science Department, and lead for the Genomic Security and Privacy Theme at the Institute for Genomic Biology.

View More Papers

XDA: Accurate, Robust Disassembly with Transfer Learning

Kexin Pei (Columbia University), Jonas Guan (University of Toronto), David Williams-King (Columbia University), Junfeng Yang (Columbia University), Suman Jana (Columbia...

Read More

Measuring Messengers: Analyzing Infrastructures and Message Timings to Extract...

Theodor Schnitzler (Research Center Trustworthy Data Science and Security, TU Dortmund, and Ruhr-Universität Bochum)

Read More

Panel – Experiment Artifact Sharing: Challenges and Solutions

Moderator: Laura Tinnel (SRI International) Panelists: Clémentine Maurice (CNRS, IRIS); Martin Rosso (Eindhoven University of Technology); Eric Eide (U. Utah)

Read More

SquirRL: Automating Attack Analysis on Blockchain Incentive Mechanisms with...

Charlie Hou (CMU, IC3), Mingxun Zhou (Peking University), Yan Ji (Cornell Tech, IC3), Phil Daian (Cornell Tech, IC3), Florian Tramèr...

Read More