Invited Paper: Chang Liu

Invited Paper: Chang Liu, PhD Student, University of Maryland

Winner 2013 NSA Competition for Best Scientific Cybersecurity Paper: Memory Trace Oblivious Program Execution for Cloud Computing
April 21, 5:00 p.m.

Abstract: Cloud computing allows users to delegate data and computation to cloud service providers, at the cost of giving up physical control of their computing infrastructure. An attacker (e.g., insider) with physical access to the computing platform can perform various physical attacks, including probing memory buses and cold-boot style attacks. Previous work on secure (co-)processors provides hardware support for memory encryption and prevents direct leakage of sensitive data over the memory bus. However, an adversary snooping on the bus can still infer sensitive information from the memory access traces. Existing work on Oblivious RAM (ORAM) provides a solution for users to put all data in an ORAM; and accesses to an ORAM are obfuscated such that no information leaks through memory access traces. This method, however, incurs significant memory access overhead.

In this work, we are among the first to leverage programming language techniques to offer efficient memory-trace oblivious program execution, while providing formal security guarantees. Our contributions are twofold. On the one hand, we formally define the notion of memory-trace obliviousness (MTO). On the other hand, we co-design a new compiler and architecture called GhostRider to provide a better performance than prior work. The idea is to design a new secure processor architecture to support a hybrid memory model, consisting of not only multiple ORAM banks, but also normal DRAM, non-oblivious encrypted RAM (ERAM), and a scratchpad. GhostRider’s compiler has a security type system to formally enforce that a well-typed program enjoys MTO, and an optimizer to intelligently allocate data in the hybrid memory model to reduce access time. Our FPGA-based hardware prototype and simulation results show that GhostRider significantly outperforms the baseline strategy which stores all data in one giant ORAM.

Bio: Chang Liu is currently a third year PhD student in the Department of Computer Science at University of Maryland, College Park. His research interest lies at the intersection between programming languages and security, and particularly, in the trace oblivious properties of programs in different security application scenarios. His work has won the 2013 NSA best scientific cybersecurity paper award, and the best paper award at ASPLOS 2015.