Tommaso Frassetto’s research while affiliated with Technical University of Darmstadt and other places

What is this page?


This page lists works of an author who doesn't have a ResearchGate profile or hasn't added the works to their profile yet. It is automatically generated from public (personal) data to further our legitimate goal of comprehensive and accurate scientific recordkeeping. If you are this author and want this page removed, please let us know.

Publications (20)


POSE: Practical Off-chain Smart Contract Execution
  • Conference Paper

January 2023

·

20 Reads

·

14 Citations

Tommaso Frassetto

·

Patrick Jauernig

·

David Koisser

·

[...]

·


POSE: Practical Off-chain Smart Contract Execution

October 2022

·

55 Reads

Smart contracts enable users to execute payments depending on complex program logic. Ethereum is the most notable example of a blockchain that supports smart contracts leveraged for countless applications including games, auctions and financial products. Unfortunately, the traditional method of running contract code on-chain is very expensive, for instance, on the Ethereum platform, fees have dramatically increased, rendering the system unsuitable for complex applications. A prominent solution to address this problem is to execute code off-chain and only use the blockchain as a trust anchor. While there has been significant progress in developing off-chain systems over the last years, current off-chain solutions suffer from various drawbacks including costly blockchain interactions, lack of data privacy, huge capital costs from locked collateral, or supporting only a restricted set of applications. In this paper, we present POSE -- a practical off-chain protocol for smart contracts that addresses the aforementioned shortcomings of existing solutions. POSE leverages a pool of Trusted Execution Environments (TEEs) to execute the computation efficiently and to swiftly recover from accidental or malicious failures. We show that POSE provides strong security guarantees even if a large subset of parties is corrupted. We evaluate our proof-of-concept implementation with respect to its efficiency and effectiveness.





Offline Model Guard: Secure and Private ML on Mobile Devices

July 2020

·

66 Reads

Performing machine learning tasks in mobile applications yields a challenging conflict of interest: highly sensitive client information (e.g., speech data) should remain private while also the intellectual property of service providers (e.g., model parameters) must be protected. Cryptographic techniques offer secure solutions for this, but have an unacceptable overhead and moreover require frequent network interaction. In this work, we design a practically efficient hardware-based solution. Specifically, we build Offline Model Guard (OMG) to enable privacy-preserving machine learning on the predominant mobile computing platform ARM - even in offline scenarios. By leveraging a trusted execution environment for strict hardware-enforced isolation from other system components, OMG guarantees privacy of client data, secrecy of provided models, and integrity of processing algorithms. Our prototype implementation on an ARM HiKey 960 development board performs privacy-preserving keyword recognition using TensorFlow Lite for Microcontrollers in real time.


With Great Complexity Comes Great Vulnerability: From Stand-Alone Fixes to Reconfigurable Security

June 2020

·

41 Reads

·

6 Citations

IEEE Security and Privacy Magazine

The increasing complexity of modern computing devices has rendered security architectures vulnerable to recent side-channel and transient-execution attacks. We discuss the most relevant defenses as well as their drawbacks and how to overcome them for next-generation secure processor design.



V0LTpwn: Attacking x86 Processor Integrity from Software

December 2019

·

149 Reads

Fault-injection attacks have been proven in the past to be a reliable way of bypassing hardware-based security measures, such as cryptographic hashes, privilege and access permission enforcement, and trusted execution environments. However, traditional fault-injection attacks require physical presence, and hence, were often considered out of scope in many real-world adversary settings. In this paper we show this assumption may no longer be justified. We present V0LTpwn, a novel hardware-oriented but software-controlled attack that affects the integrity of computation in virtually any execution mode on modern x86 processors. To the best of our knowledge, this represents the first attack on x86 integrity from software. The key idea behind our attack is to undervolt a physical core to force non-recoverable hardware faults. Under a V0LTpwn attack, CPU instructions will continue to execute with erroneous results and without crashes, allowing for exploitation. In contrast to recently presented side-channel attacks that leverage vulnerable speculative execution, V0LTpwn is not limited to information disclosure, but allows adversaries to affect execution, and hence, effectively breaks the integrity goals of modern x86 platforms. In our detailed evaluation we successfully launch software-based attacks against Intel SGX enclaves from a privileged process to demonstrate that a V0LTpwn attack can successfully change the results of computations within enclave execution across multiple CPU revisions.


Figure 3: Code instrumentation with DR.SGX. Before each memory access the randomized memory address is calculated. The calculation is done by a function provided by the DR.SGX library (Rand. lib), which can be written in C / C++ and is included in the instrumented binary. The snippets show the instrumentation of a sample store instruction.
Figure 4: Overhead of each benchmark, using various subsets of DR.SGX.
Figure 5: Overhead of each benchmark, with heap size h = 4 MB, without re-randomization and with various rerandomization windows w.
Figure 6: Geometric mean of the overheads, for various heap sizes h and various window sizes w. The black line represents the overhead without re-randomization.
DR.SGX: automated and adjustable side-channel protection for SGX using data location randomization
  • Conference Paper
  • Full-text available

December 2019

·

163 Reads

·

56 Citations

Recent research has demonstrated that Intel's SGX is vulnerable to software-based side-channel attacks. In a common attack, the adversary monitors CPU caches to infer secret-dependent data accesses patterns. Known defenses have major limitations, as they require either error-prone developer assistance, incur extremely high runtime overhead, or prevent only specific attacks. In this paper, we propose data location randomization as a novel defense against side-channel attacks that target data access patterns. Our goal is to break the link between the memory observations by the adversary and the actual data accesses by the victim. We design and implement a compiler-based tool called DR.SGX that instruments the enclave code, permuting data locations at fine granularity. To prevent correlation of repeated memory accesses we periodically re-randomize all enclave data. Our solution requires no developer assistance and strikes the balance between side-channel protection and performance based on an adjustable security parameter.

Download

Citations (16)


... Despite the price feed provided by Chainlink is efficient and reliable, it works in a fully off-chain manner, which is inconvenient to be called by smart contracts and may pose potential trust issues. There are also some researches focus on outsourcing complex on-chain contract computation to trusted off-chain compute nodes, such as: SMART [18], POSE [15], and Arbitrum [20]. However, these methods would require introducing additional security assumptions to the system (e.g. ...

Reference:

Ormer: A Manipulation-resistant and Gas-efficient Blockchain Pricing Oracle for DeFi
POSE: Practical Off-chain Smart Contract Execution
  • Citing Conference Paper
  • January 2023

... Functionality. Recent evaluations of various CFI defenses have highlighted compatibility issues that can compromise the intended functionality of the target application [64], [140]. Notably, the implementation approach in Lockdown [93] and OS-CFI [107] fails to correctly compile certain applications, e.g., nginx. ...

CFInsight: A Comprehensive Metric for CFI Policies
  • Citing Conference Paper
  • January 2022

... Due to the post-fabrication nature of the programming, an FPGA can provide economically feasible runtime processing, which has led to its increased utilization in various sectors, including automotive electronics, medical devices, the military, and consumer electronics [1,2]. Recently, FPGAs have found a place in large-scale cloud data centers [3,4] and flexible system-on-chips (SoCs) [5,6]. FPGAs, considered semi-custom circuits within the application-specific integrated circuit (ASIC) domain, offer distinct advantages over other programmable chips. ...

Trusted Configuration in Cloud FPGAs
  • Citing Conference Paper
  • May 2021

... In principle, existing grammar-aware strategies can be applied to AFLNET to improve the effectiveness of message mutation. Given a user-provided data model describing the message grammar, structure-aware blackbox protocol fuzzers [1], [20] generate valid messages from scratch, while structure-aware greybox fuzzers [3], [35] take a mutationbased approach. In contrast, CHATAFL [24] obtains the message structure information from the LLMs and then preserves valid message grammar during mutation. ...

NAUTILUS: Fishing for Deep Bugs with Grammars
  • Citing Conference Paper
  • January 2019

... Dentre os artigos selecionado, houveram 9 abordagens voltadas para o uso de cifras simétricas [17,16,15,11,2,10,3, 1] e 2 abordagems para cifras assimétricas [1,18]. Para o restante dos estudos não foi possível identificar. ...

SAFE: A Secure and Efficient Long-Term Distributed Storage System
  • Citing Conference Paper
  • October 2020

... For example, if accelerating the encode or decode of a particular audio or video codec, the implementation may change or be updated over time. Another major benefit is the ability to fix or patch security vulnerabilities which are discovered over time [8]. ...

With Great Complexity Comes Great Vulnerability: From Stand-Alone Fixes to Reconfigurable Security
  • Citing Article
  • June 2020

IEEE Security and Privacy Magazine

... SANCTUARY is a generic Trusted Execution Environment (TEE) solution that paves the road for protecting on-device ML models. Based on SANCTUARY, OMG [27] provides a prototype implementation of user-space enclaves to protect both client data and model privacy for TensorFlow Lite models. OMG can protect the whole model while lacking support for GPU acceleration and easy adaptation. ...

Offline Model Guard: Secure and Private ML on Mobile Devices
  • Citing Conference Paper
  • March 2020

... Interruptible enclave execution security has improved through techniques such as full abstraction, preventing side-channel vulnerabilities during processor feature additions [306]. Data location randomization breaks correlations between adversarial observations and actual memory access, providing a strong automated defense without developer intervention [307]. Lastly, integrating machine learning-based defenses anticipates and counters evolving machine learning-enhanced side-channel attacks [301]. ...

DR.SGX: automated and adjustable side-channel protection for SGX using data location randomization

... Duas abordagens são aplicáveis para promover a segurança e confiabilidade de medidores inteligentes: abordagem baseadas em software (BOCCARDO et al., 2014;PETERS et al., 2015;De Castro et al., 2017;; e abordagem baseada em hardware (NAGRA; COLLBERG, 2009;BRASSER et al., 2018). ...

Special Session: Advances and Throwbacks in Hardware-Assisted Security
  • Citing Conference Paper
  • September 2018

... With respect to related works [57][58][59][60][61][62][63], our classification method does not require any disassembly or execution of the actual malware code. Moreover, the image textures used for classification provide more resilient features in terms of obfuscation techniques, and in particular for encryption. ...

Advances and Throwbacks in Hardware-Assisted Security: Special Session
  • Citing Conference Paper
  • October 2018