M.Sc. Tommaso Frassetto

Research Assistant

Mornewegstraße 30
D-64293 Darmstadt
GERMANY

Building:S4|14
Room:4.1.21
Phone:+49 (0)6151 16 - 25340
Email:tommaso.frassetto(a-t)trust.tu-darmstadt.de (PGP key)
Website:https://www.trust.informatik.tu-darmstadt.de/tf

 

Vita

Since 2016

Research Assistant

at CYSEC and Technische Universität Darmstadt, Germany 

2013-2016

M.Sc. Computer Science

at University of Padua, Italy

2010-2013

B.Sc. Computer Science

at University of Padua, Italy

Awards

  • Best Poster Award, ICDCS 2017

    Markus Miettinen, Samuel Marchal, Ibbad Hafeez, Tommaso Frassetto, N. Asokan, Ahmad-Reza Sadeghi and Sasu Tarkoma, "IoT Sentinel Demo: Automated Device-Type Identification for Security Enforcement in IoT" In: Proc. 37th IEEE International Conference on Distributed Computing Systems (ICDCS 2017), June 5-8, 2017, Atlanta, Georgia, USA.

Publications

DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization

Author Ferdinand Brasser, Srdjan Capkun, Alexandra Dmitrienko, Tommaso Frassetto, Kari Kostiainen, Urs Müller, Ahmad-Reza Sadeghi
Date September 2017
Kind Techreport
KeyTUD-CS-2017-0255
Research Areas System Security Lab
Abstract Recent research has demonstrated that Intel's SGX is vulnerable to various software-based side-channel attacks. In particular, attacks that monitor CPU caches shared between the victim enclave and untrusted software enable accurate leakage of secret enclave data. Known defenses assume developer assistance, require hardware changes, impose high overhead, or prevent only some of the known attacks. In this paper we propose data location randomization as a novel defensive approach to address the threat of side-channel attacks. Our main goal is to break the link between the cache observations by the privileged adversary and the actual data accesses by the victim. We design and implement a compiler-based tool called DR.SGX that instruments enclave code such that data locations are permuted at the granularity of cache lines. We realize the permutation with the CPU's cryptographic hardware-acceleration units providing secure randomization. To prevent correlation of repeated memory accesses we continuously re-randomize all enclave data during execution. Our solution effectively protects many (but not all) enclaves from cache attacks and provides a complementary enclave hardening technique that is especially useful against unpredictable information leakage.
Website https://arxiv.org/abs/1709.09917
[Export this entry to BibTeX]
[Back to List-View]

Important Copyright Notice:

The documents contained in these directories are included by the contributing authors as a means to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.
A A A | Drucken Drucken | Impressum Impressum | Sitemap Sitemap | Kontakt Kontakt | Webseitenanalyse: Mehr Informationen
zum Seitenanfangzum Seitenanfang