lunch seminar:

CRCS Lunch Seminar
Date:  Monday,  October 5, 2009
Time:  11:45am – 1:15pm
Place:  Maxwell Dworkin 2nd Floor Lounge Area

Speaker:  Eran Tromer, MIT

Title:  Side Channels and Vulnerabilities in Cloud Computing

Abstract:  Today’s computers typically run numerous processes of varying sensitivity and trustworthiness. The platform purports to protect these from each other, but side channels arise from lower architectural layers (such as contention for shared hardware resources), and create inadvertent cross-talk between processes. These leakages can be exploited for stealing cryptographic keys and other sensitive information.

Such cross-talk is especially grievous in the context of third-party cloud computing, a prominent technological trend. Services, such as Microsoft’s Azure and Amazon’s EC2, allow users to acquire computational capacity on demand in the form of virtual machines (VMs). Virtualization allows the service provider to maximize resource utilization by multiplexing many customer VMs across a shared physical infrastructure. However, the presence of multiple mutually-untrusting virtual machines on the same hardware makes them potentially vulnerable to the aforementioned side channels.

Using a commercial cloud service as a case study, we show that it is possible to map the internal cloud infrastructure, identify where a particular target VM is likely to reside and instantiate new VMs that are co-resident with the target on the same physical machine. We then show that co-residence allows attackers to exfiltrate information across VM boundaries by use of side channels and covert channels such as cache contention and timing variability.

We discuss potential solutions, including work-in-progress on mitigating side channels using just-in-time program transformation.

Joint works with Saman Amarasinghe, Austin Chu, Dag Arne Osvik, Thomas Ristenpart, Ron Rivest, Stephan Savage, Hovav Shacham and Adi Shamir.

Bio:  Eran Tromer is a postdoctoral associate at the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL). His research focus is cryptography, information security, and the challenges raised by imperfect real-world computer systems. His research on side-channel attacks demonstrated vulnerabilities in cloud computing, cache-based attacks on AES encryption, and acoustic attacks on RSA encryption. His Ph.D. dissertation, advised by Prof. Adi Shamir, reduced the projected cost of breaking RSA keys by 6 orders of magnitude using the TWIRL hardware device, leading to revision of government standards. He presently pursues means of improving security at the levels of networks, protocols, operating systems and circuits.

lunch seminar:

CRCS Privacy and Security Lunch Seminar
Date:  Monday, September 14, 2009
Time:  11:45am – 1:15pm
Place:  Maxwell Dworkin 2nd Floor Lounge Area

Speaker:  Ariel Procaccia

Title:   f(x) marks the spot

Abstract:   Given a vector x of ideal locations reported by multiple selfish agents, we would like to select a location f(x) for a public facility; this abstract setting has many interpretations, such as locating a library in a city or a router on a communications network. We wish to design mechanisms for this problem that, at the same time, (i) satisfy game-theoretic desiderata, and (ii) approximately optimize a target function, e.g., the facility’s sum of distances to the agents’ ideal locations. I will survey recent results with respect to this problem, elaborate on their interfaces with computational social choice and algorithmic mechanism design, and position them in the context of the fresh agenda of approximate mechanism design without money. No background is required, and the presentation will endeavor to replace equations with animations.

Based on joint papers with Noga Alon, Michal Feldman, Felix Fischer, and Moshe Tennenholtz.

Bio:   Ariel Procaccia is a CRCS fellow at Harvard’s SEAS. His research interests include Computational Social Choice, Algorithmic Game Theory, and the interplay between these fields and Artificial Intelligence. He received his Ph.D. summa cum laude from the Hebrew University of Jerusalem, under the supervision of Prof. Jeffrey Rosenschein. His dissertation, entitled “Computational Voting Theory: Of the Agents, By the Agents, For the Agents”, has won the 2008 IFAAMAS Victor Lesser Distinguished Dissertation Award and Hebrew University’s Schlomiuk Prize. His work in Harvard SEAS is also supported by a Rothschild Postdoctoral Fellowship.

Watch Video