Low-cost mechanisms for isolated cryptographic operations on commodity accelerators범용 가속기에서의 안전한 암호 연산을 위한 저비용 메커니즘 연구
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.advisor | Yoon, Hyunsoo | - |
| dc.contributor.advisor | 윤현수 | - |
| dc.contributor.author | Kim, Yonggon | - |
| dc.contributor.author | 김용곤 | - |
| dc.date.accessioned | 2017-03-29T02:49:47Z | - |
| dc.date.available | 2017-03-29T02:49:47Z | - |
| dc.date.issued | 2016 | - |
| dc.identifier.uri | http://library.kaist.ac.kr/search/detail/view.do?bibCtrlNo=663200&flag=dissertation | en_US |
| dc.identifier.uri | http://hdl.handle.net/10203/222414 | - |
| dc.description | 학위논문(박사) - 한국과학기술원 : 전산학부, 2016.8 ,[iv, 59 p. :] | - |
| dc.description.abstract | General-Purpose computing on a Graphics Processing Unit (GPGPU) involves leveraging commodity GPUs as massively parallel processing units. GPGPU is an emerging computing paradigm for high-performance and data-intensive computations such as cryptographic operations. Although GPGPU is an attractive solution for accelerating modern cryptographic operations, the security challenges that stem from utilizing commodity GPUs remain an unresolved problem. In this dissertation, we investigate the protection of a cryptographic key during the acceleration of cryptographic operations on commodity GPUs under a broad range of GPU vulnerabilities and threats to the underlying host system. We show that the GPU cache can be used as a securely isolated place to store security-sensitive code and secret keys, where access is denied even to attackers with kernel privileges. Moreover, by carefully manipulating the GPU memory hierarchy, part of the GPU cache can be used exclusively for the secret key. Second, we present an On-demand Bootstrapping Mechanism for Isolated cryptographic operations (OBMI). By leveraging System Management Mode (SMM), a privileged execution mode provided by x86 architectures, OBMI implements a program and a secret key into the GPU such that they are securely isolated during the acceleration of cryptographic operations, even in the presence of compromised kernels. Our approach does not require an additional hardware-abstraction layer, and it does not entail modifying the GPU driver. An evaluation of the proposed OBMI demonstrated that even adversaries with kernel privileges cannot gain access to the secret key, and it also showed that the proposed mechanism incurs negligible performance degradation for both the CPU and GPU. Finally, we suggest the utilization of SMM which enables the isolated cryptographic operations on commodity x86 processor. We show how SMM can achieve the efficient cryptographic operations, moreover, how it can make synergy with suggested GPGPU-based isolated cryptographic operations. | - |
| dc.language | eng | - |
| dc.publisher | 한국과학기술원 | - |
| dc.subject | Secure systems | - |
| dc.subject | GPU security | - |
| dc.subject | Cryptographic key protection | - |
| dc.subject | Trusted computing | - |
| dc.subject | GPGPU | - |
| dc.subject | 보안 시스템 | - |
| dc.subject | 가속기 보안 | - |
| dc.subject | 암호 키 보호 | - |
| dc.subject | 트러스티드 컴퓨팅 기술 | - |
| dc.subject | 범용가속기 | - |
| dc.title | Low-cost mechanisms for isolated cryptographic operations on commodity accelerators | - |
| dc.title.alternative | 범용 가속기에서의 안전한 암호 연산을 위한 저비용 메커니즘 연구 | - |
| dc.type | Thesis(Ph.D) | - |
| dc.identifier.CNRN | 325007 | - |
| dc.description.department | 한국과학기술원 :전산학부, | - |
- Appears in Collection
- CS-Theses_Ph.D.(박사논문)
- Files in This Item
- There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.