CASA Distinguished Lecture @ Ruhr University Bochum
In Hardware We Trust? The Struggle, Challenges and Future of Trusted Computing
2021/11/03
In his lecture “In Hardware We Trust? The Struggle, Challenges and Future of Trusted Computing”, Prof. Sadeghi presents a brief overview of the Trusted Computing landscape, its promises, pitfalls and opportunities. He then discusses the recent trends in building open security architectures (e.g., RISC-V-based), including his team's work that aims to address the shortcomings of the existing solutions. He also briefly discusses the insights we gained on cross-layer attacks in the course of the world’s largest hardware security competition that he has been co-organizing with industry and academic partners since 2018. He concludes with future directions for trusted computing and the corresponding challenges.
Abstract
The large attack surface of applications and commodity operating systems has motivated academia and industry to develop and deploy trusted computing technologies that promise to provide trust anchors and trusted execution environments on computing platforms to protect sensitive data and applications from various software-based attacks. However, the currently deployed trusted computing architectures seem to struggle in keeping those promises, particularly in the face of the next generation security threats such as cross-layer attacks that allow unprivileged software to exploit hardware design and implementation flaws, as recently shown by, e.g., Meltdown, Spectre, and alike. However, cross-layer attacks reach far beyond exploiting micro-architectural flaws and affect a wide range of computing platforms. Cross-layer attacks also constitute a fundamental paradigm shift, disrupting traditional threat models that have mainly focused on software-only vulnerabilities and often (unjustifiably) assumed that the underlying hardware is correct and trustworthy.
