Research

Publications

Challenges For Scaling Applications Across Enclaves    abstractdownload

Beekman, J.G.; Porter, D.E.
2nd Workshop on System Software for Trusted Execution, October 2017.

Abstract: At Fortanix, we are developing cloud-scale security infrastructure using SGX. For example, our Self-Defending Key Management Service (SDKMS) can span multiple machines and enclaves, rendering a more scalable and cost-effective alternative to a traditional Hardware Security Module (HSM). This paper describes several subtle, practical, and underexplored problems in the space of building scalable, trusted applications, based on our experience building distributed SGX systems. In particular, we discuss shortcomings in remote attestation for microservice-style applications, software updates, and opportunities to reflect trustworthy development practices in attestation features.

Opaque: An Oblivious and Encrypted Distributed Analytics Platform    abstractdownload

Zheng, W.; Dave, A.; Beekman, J.G.; Popa, R.A.; Gonzalez, J.E.; Stoica, I.
14th USENIX Symposium on Networked Systems Design and Implementation, March 2017.

Abstract: Many systems run rich analytics on sensitive data in the cloud, but are prone to data breaches. Hardware enclaves promise data confidentiality and secure execution of arbitrary computation, yet still suffer from access pattern leakage. We propose Opaque, a distributed data analytics platform supporting a wide range of queries while providing strong security guarantees. Opaque introduces new distributed oblivious relational operators that hide access patterns, and new query planning techniques to optimize these new operators. Opaque is implemented on Spark SQL with few changes to the underlying system. Opaque provides data encryption, authentication and computation verification with a performance ranging from 52% faster to 3.3x slower as compared to vanilla Spark SQL; obliviousness comes with a 1.6–46x overhead. Opaque provides an improvement of three orders of magnitude over state-of-the-art oblivious protocols, and our query optimization techniques improve performance by 2–5x.

Improving Cloud Security using Secure Enclaves    abstractdownload

Beekman, J.G.
Ph.D. Thesis, University of California, Berkeley, December 2016.

Abstract: Internet services can provide a wealth of functionality, yet their usage raises privacy, security and integrity concerns for users. This is caused by a lack of guarantees about what is happening on the server side. As a worst case scenario, the service might be subjected to an insider attack. This dissertation describes the unalterable secure service concept for trustworthy cloud computing. Secure services are a powerful abstraction that enables viewing the cloud as a true extension of local computing resources. Secure services combine the security benefits one gets locally with the manageability and availability of the distributed cloud. Secure services are implemented using secure enclaves. Remote attestation of the server is used to obtain guarantees about the programming of the service. This dissertation addresses concerns related to using secure enclaves such as providing data freshness and distributing identity information. Certificate Transparency is augmented to distribute information about which services exist and what they do. All combined, this creates a platform that allows legacy clients to obtain security guarantees about Internet services.

Attestation Transparency: Building secure Internet services for legacy clients    abstractdownload

Beekman, J.G.; Manferdelli, J.L.; Wagner, D.
11th ACM Asia Conference on Computer and Communications Security, June 2016.

Abstract: Internet services can provide a wealth of functionality, yet their usage raises privacy, security and integrity concerns for users. This is caused by a lack of guarantees about what is happening on the server side. As a worst case scenario, the service might be subjected to an insider attack. We use remote attestation of the server to obtain guarantees about the programming of the service. On top of that, we augment Certificate Transparency to distribute information about which services exist and what they do. Combined, this creates a platform that allows legacy clients to obtain security guarantees about Internet services.

A Denial of Service Attack against Fair Computations using Bitcoin Deposits    abstractdownload

Beekman, J.G.
Information Processing Letters, vol.116, no.2, pp.144-146, February 2016.

Abstract: Bitcoin supports complex transactions where the recipient of a transaction can be programmatically determined. Using these transactions, multi-party computation protocols that aim to ensure fairness among participants have been designed. We present a Denial of Service attack against these protocols that results in a net loss for some or all of the honest parties involved, violating those fairness goals.

Reverse Engineering UEFI by Execution    abstractdownload

Beekman, J.G.
32nd Chaos Communication Congress (32C3), December 2015.

Abstract: This talk will be an overview of how to reverse-engineer Unified Extensible Firmware Interface (UEFI) firmware, the replacement for BIOS. Various useful tools will be discussed, including those written by the presenter and those written by others. One of the highlights will be a tool that enables running parts of the firmware in userspace on a standard Operating System.

The Matter of Heartbleed    abstractdownload

Durumeric, Z.; Li, F.; Kasten, J.; Amann, J.; Beekman, J.G.; Payer, M.; Weaver, N.; Adrian, D.; Paxson, V.; Bailey, M.; Halderman, J.A.
14th Internet Measurement Conference, November 2014.

Best paper award.

Abstract: The Heartbleed vulnerability took the Internet by surprise in April 2014. The vulnerability, one of the most consequential since the advent of the commercial Internet, allowed attackers to remotely read protected memory from an estimated 24–55% of popular HTTPS sites. In this work, we perform a comprehensive, measurement-based analysis of the vulnerability’s impact, including (1) tracking the vulnerable population, (2) monitoring patching behavior over time, (3) assessing the impact on the HTTPS certificate ecosystem, and (4) exposing real attacks that attempted to exploit the bug. Furthermore, we conduct a large-scale vulnerability notification experiment involving 150,000 hosts and observe a nearly 50% increase in patching by notified hosts. Drawing upon these analyses, we discuss what went well and what went poorly, in an effort to understand how the technical community can respond more effectively to such events in the future.

Topics in Cell Phone Security    abstractdownload

Beekman, J.G.
M.S. Thesis, University of California, Berkeley, August 2014.

Abstract: The global cell phone network is a large and multi-faceted technology that is continuously being improved with new protocols and features. In this work we analyze the security of a few designs and implementations comprising a part of this network. First, we analyze the security of an IP Multimedia Subsystem (IMS) implementation for Android by a major US cell phone carrier, finding a man-in-the-middle attack. Secondly, we look at the 3GPP Authentication and Key Agreement (AKA) protocol, describing three new attacks on AKA in the context of Internet calling and Android. We have worked with the relevant parties to address these four attacks. And finally, we discuss the security aspects of modems in phone platforms from a systems design standpoint, highlighting threats and security objectives that can be used both in evaluating existing implementations as well as in creating new implementations.

Breaking Cell Phone Authentication: Vulnerabilities in AKA, IMS, and Android    abstractdownload

Beekman, J.G.; Thompson, C.
7th USENIX Workshop on Offensive Technologies, August 2013.

Abstract: Next generation IP telephony such as the IP Multimedia Subsystem (IMS) framework has been used to create Internet calling services which let cellular users make and receive calls even when without cellular reception. In this paper, we look at the security aspects of Internet calling services and other systems that use the 3GPP Authentication and Key Agreement (AKA) protocol for authentication, particularly focusing on the context of cellular authentication in Android. We describe a new man-in-the-middle attack on T-Mobile’s Wi-Fi Calling service, which is installed on millions of T-Mobile Android smartphones. We also describe three new attacks on AKA in the context of Internet calling and Android. We have worked with T-Mobile to fix the man-in-the-middle vulnerability, and we present clear and actionable solutions to fix the remaining vulnerabilities.

Man-in-the-Middle Attack on T-Mobile Wi-Fi Calling    abstractdownload

Beekman, J.G.; Thompson, C.
U.C. Berkeley EECS Technical Memorandum Series, UCB/EECS-2013-18, March 2013.

Abstract: T-Mobile has a service called “Wi-Fi Calling”, which lets users make and receive calls even when without cellular service. This service is pre-installed on millions of T-Mobile Android smartphones. We analyze the security aspects of this service from a network perspective, and demonstrate a man-in-the-middle attack caused by a lack of TLS certificate validation, allowing an attacker to eavesdrop and even modify calls and text messages placed using the Wi-Fi Calling feature. We have worked with T-Mobile to fix this issue, and, as of 18 March 2013, they report that all affected customers have received an update fixing this vulnerability.

The Micronium - A Musical MEMS Instrument    abstractdownload

Engelen, J. B C; De Boer, H.; Beekman, J.G.; Fortgens, L.C.; De Graaf, D.B.; Vocke, S.; Abelmann, L.
J. Microelectromechanical Systems, vol.21, no.2, pp.262-269, April 2012.

Abstract: The Micronium is a musical instrument fabricated from silicon using MEMS technology. It is—to the best of our knowledge—the first musical micro-instrument fabricated using MEMS technology, where the actual sound is generated by mechanical microstructures. The Micronium consists of mass-spring systems that are designed to resonate at audible frequencies. Their displacement is measured by comb drives and is used as the audio signal to drive a loudspeaker. The instrument’s sounds are pure sine waves. An extensive set of measurements of individual resonators is presented and discussed. Quality factor measurements at various ambient pressures show that an ambient pressure of 1 mbar results in a note duration of 1 s. The realized frequency deviates considerably from the designed resonator frequency. Measurement results of many resonators are shown to obtain understanding of this deviation. Initial experiments with electrostatic tuning using variable-gap comb-drives show a tuning ratio of 5% maximum, depending on the resonator frequency. An audio recording of the instrument is included as a supplementary MP3 file.