Graduate Thesis Or Dissertation
 

Exploitation and Mitigation of CPU Vulnerabilities

Public Deposited

Downloadable Content

Download PDF
Request Accessible Version
https://ir.library.oregonstate.edu/concern/graduate_thesis_or_dissertations/dj52wc89g

Descriptions

Attribute NameValues
Creator
Abstract
  • AMD SEV allows for the creation of fully encrypted virtual machines. This allows cloud computing tenants’ data to be secret to the cloud computing provider. However, it has been shown that the encryption scheme used by AMD can easily be broken. The attacker can create a copy of the virtual machine, and perform some malicious operations to gain a secret value used in the encryption scheme. They can then use this value to write and read encrypted data to and from the target virtual machine. To prevent this, we propose wrapping the insecure encryption scheme with a stronger encryption scheme. We developed a proof of concept kernel module that implements secure encryption between the user and kernel space. In addition, we discuss other CPU vulnerabilities and their potential impacts. We look at copy-on-write based side channel attacks, and introduce a method for optimizing them through making use of new CPU instructions. Also, we survey other CPU side channel attacks, and present some examples of these attacks.
License
Resource Type
Date Issued
Degree Level
Degree Name
Degree Field
Degree Grantor
Commencement Year
Advisor
Committee Member
Academic Affiliation
Rights Statement
Publisher
Peer Reviewed
Language
Accessibility Feature

Relationships

Parents:

This work has no parents.

In Collection:

Items

Thumbnail Title Date Uploaded Visibility Actions
file details MestasPhillip2021.pdf 2021-06-11 Public Download