|
1 | 1 | # Pythia |
2 | 2 | Pythia: Remote Oracles for the Masses |
| 3 | + |
| 4 | +Pythia is a set of RDMA-based remote side-channel attacks that allow an attacker on one client machine to learn how victims on other client machines access data a server exports as an in-memory data service. |
| 5 | + |
| 6 | +We reverse engineer the memory architecture of the most widely used RDMA NIC and use this knowledge to improve the efficiency of Pythia. |
| 7 | + |
| 8 | +We evaluated Pythia both in a laboratory and in a public cloud setting. Pythia is fast (57 us), accurate (97% accuracy), and can hide all its traces from the victim or the server. |
| 9 | + |
| 10 | +For more information please check [Pythia Paper](https://www.usenix.org/system/files/sec19-tsai.pdf) appeared in *USENIX SEC '19*. |
| 11 | + |
| 12 | +This version of Pythia has been tested for the following configuration: |
| 13 | + |
| 14 | +1. Software |
| 15 | + * OS: CentOS 7.2 |
| 16 | + * RDMA drivers: MLNX_OFED_LINUX-4.3-1.0.1.0 |
| 17 | +2. Hardware |
| 18 | + * RNICs: |
| 19 | + * ConnectX-4 (InfiniBand) |
| 20 | +3. Package (on CentOS7) |
| 21 | + * required packages: `memcached memcached-devel libmemcached libmemcached-devel numactl numactl-devel mbedtls mbedtls-devel glib2 glib2-devel ` |
| 22 | + * add the following two lines to the end of /etc/security/limits.conf |
| 23 | + * `* soft memlock unlimited` |
| 24 | + * `* hard memlock unlimited` |
| 25 | + |
| 26 | +## How To Run Pythia |
| 27 | + |
| 28 | +### Prerequisites |
| 29 | +1. Three machines connected via RDMA capable devices (server, victim, and attacker) |
| 30 | + |
| 31 | +### S1: Setup MEMCACHED |
| 32 | +Modify MEMCACHED_IP in rsec_base.h to server's IP |
| 33 | + |
| 34 | +### S2: Setup setup.json |
| 35 | +Modify setup.json to have correct device index and debug mode |
| 36 | + |
| 37 | +### S3: Compile Pythia |
| 38 | +make clean all |
| 39 | + |
| 40 | +### S4: Run server |
| 41 | +execute run_server.sh on server machine |
| 42 | + |
| 43 | +### S5: Run client |
| 44 | +execute run_client.sh on client machine |
| 45 | + |
| 46 | +### S6: Run attacher |
| 47 | +execute run_attacker.sh on attacker machine |
| 48 | + |
| 49 | +It will show you the Pythia line in figure 7 in the paper. |
| 50 | + |
| 51 | +### S7: CloudLab (optional) |
| 52 | +in CloudLab, please change ibsetup.h to enable RoCE since CloudLab is using RoCE |
| 53 | + |
| 54 | +CAUTION: cloudlab is using vlan for RoCE. Therefore, SGID is configured as 4. Please check https://community.mellanox.com/s/article/howto-configure-roce-on-connectx-4 for more details |
| 55 | + |
| 56 | +## History: |
| 57 | +`Pythia v0.1`: first opensource Pythia |
| 58 | + |
| 59 | +## To cite Pythia, please use: |
| 60 | + |
| 61 | +>\@inproceedings{USENIXSEC19-PYTHIA, |
| 62 | +> author = {Shin-Yeh Tsai and Mathias Payer and Yiying Zhang}, |
| 63 | +> title = {Pythia: Remote Oracles for the Masses}, |
| 64 | +> booktitle = {28th {USENIX} Security Symposium (Usenix SEC '19)}, |
| 65 | +> year = {2019}, |
| 66 | +> address = {Santa Clara, CA, USA}, |
| 67 | +> month = {August} |
| 68 | +>} |
| 69 | + |
0 commit comments