## CryptoDB

### Srdjan Capkun

#### Publications

Year
Venue
Title
2022
TCHES
The ever-rising computation demand is forcing the move from the CPU to heterogeneous specialized hardware, which is readily available across modern datacenters through disaggregated infrastructure. On the other hand, trusted execution environments (TEEs), one of the most promising recent developments in hardware security, can only protect code confined in the CPU, limiting TEEs' potential and applicability to a handful of applications. We observe that the TEEs' hardware trusted computing base (TCB) is fixed at design time, which in practice leads to using untrusted software to employ peripherals in TEEs. Based on this observation, we propose \emph{composite enclaves} with a configurable hardware and software TCB, allowing enclaves access to multiple computing and IO resources. Finally, we present two case studies of composite enclaves: i) an FPGA platform based on RISC-V Keystone connected to emulated peripherals and sensors, and ii) a large-scale accelerator. These case studies showcase a flexible but small TCB (2.5 KLoC for IO peripherals and drivers), with a low-performance overhead (only around 220 additional cycles for a context switch), thus demonstrating the feasibility of our approach and showing that it can work with a wide range of specialized hardware.
2017
CHES
We describe novel, adaptive user interface attacks, where the adversary attaches a small device to the interface that connects user input peripherals to the target system. The device executes the attack when the authorized user is performing safety-, or security-critical operations, by modifying or blocking user input, or injecting new events. Although the adversary fully controls the user input channel, to succeed he needs to overcome a number of challenges, including the inability to directly observe the state of the user interface and avoiding being detected by the legitimate user. We present new techniques that allow the adversary to do user interface state estimation and fingerprinting, and thus attack a new range of scenarios that previous UI attacks do not apply to. We evaluate our attacks on two different types of platforms: e-banking on general-purpose PCs, and dedicated medical terminals. Our evaluation shows that such attacks can be implemented efficiently, are hard for the users to detect, and would lead to serious violations of input integrity.
2017
CHES
Multicarrier phase-based ranging is fast emerging as a cost-optimized solution for a wide variety of proximity-based applications due to its low power requirement, low hardware complexity and compatibility with existing standards such as ZigBee and 6LoWPAN. Given potentially critical nature of the applications in which phase-based ranging can be deployed (e.g., access control, asset tracking), it is important to evaluate its security guarantees. Therefore, in this work, we investigate the security of multicarrier phase-based ranging systems and specifically focus on distance decreasing relay attacks that have proven detrimental to the security of proximity-based access control systems (e.g., vehicular passive keyless entry and start systems). We show that phase-based ranging, as well as its implementations, are vulnerable to a variety of distance reduction attacks. We describe different attack realizations and verify their feasibility by simulations and experiments on a commercial ranging system. Specifically, we successfully reduced the estimated range to less than $3\, \mathrm {m}$ even though the devices were more than 50 m apart. We discuss possible countermeasures against such attacks and illustrate their limitations, therefore demonstrating that phase-based ranging cannot be fully secured against distance decreasing attacks.
2015
EPRINT
2015
EPRINT
2015
EPRINT
2015
EPRINT
2014
EPRINT
2014
EPRINT
2014
EPRINT
2010
EPRINT
We demonstrate a relay attack on Passive Keyless Entry and Start (PKES) systems used in modern cars. The attack allows the attacker to enter and start a car by relaying messages between the car and the smart key. We build two attack realizations, wired and wireless physical layer relays, demonstrating that this attack is both practical and inexpensive. We further show that, for the attack to work, it is sufficient that the attacker's devices are placed within a meter from both the key and the car. Moreover, on the cars we tested, relaying the signal in one direction only (from the car to the key) is sufficient as the responses of the key are transmitted in UHF, which has a longer range. As the signals are relayed at the physical layer, the attack is completely independent of the modulation scheme, protocols, or the presence of strong authentication and encryption. We demonstrate the attack on recent car models from different manufacturers. Our attack works for a set of PKES systems that we evaluated and whose operation is described in this paper. However, given the generality of the relay attack, it is likely that PKES systems based on similar designs are also vulnerable to the same attack. In this work, we further propose simple countermeasures that minimize the risk of relay attacks and that can be immediately deployed by the car owners; however, these countermeasures also disable the operation of the PKES systems. Finally, we discuss countermeasures against relay attacks that were suggested in the open literature and we sketch a new PKES system that prevents relay attacks. This system preserves convenience of use, for which PKES systems were initially introduced.