2,084 research outputs found
SGX-Bundler: speeding up enclave transitions for IO-intensive applications
Process-based confidential computing enclaves such as Intel SGX can be used to protect the confidentiality and integrity of workloads, without the overhead of virtualisation. However, they introduce a notable performance overhead, especially when it comes to transitions in and out of the enclave context. Such overhead makes the use of enclaves impractical for running IO-intensive applications, such as network packet processing or biological sequence analysis. We build on earlier approaches to improve the IO performance of work-loads in Intel SGX enclaves and propose the SGX-Bundler library, which helps reduce the cost of both individual single enclave transitions well as of the total number of enclave transitions in trusted applications running in Intel SGX enclaves. We describe the implementation of the SGX-Bundler library, evaluate its performance and demonstrate its practicality using the case study of Open vSwitch, a widely used software switch implementation
Strongly Secure and Efficient Data Shuffle On Hardware Enclaves
Mitigating memory-access attacks on the Intel SGX architecture is an
important and open research problem. A natural notion of the mitigation is
cache-miss obliviousness which requires the cache-misses emitted during an
enclave execution are oblivious to sensitive data. This work realizes the
cache-miss obliviousness for the computation of data shuffling. The proposed
approach is to software-engineer the oblivious algorithm of Melbourne shuffle
on the Intel SGX/TSX architecture, where the Transaction Synchronization
eXtension (TSX) is (ab)used to detect the occurrence of cache misses. In the
system building, we propose software techniques to prefetch memory data prior
to the TSX transaction to defend the physical bus-tapping attacks. Our
evaluation based on real implementation shows that our system achieves superior
performance and lower transaction abort rate than the related work in the
existing literature.Comment: Systex'1
Faster enclave transitions for IO-intensive network applications
Process-based confidential computing enclaves such as Intel SGX have been proposed for protecting the confidentiality and integrity of network applications, without the overhead of virtualization. However, these solutions introduce other types of overhead, particularly the cost transitioning in and out of an enclave context. This makes the use of enclaves impractical for running IO-intensive applications, such as network packet processing. We build on ear- lier approaches to improve the IO performance of workloads in Intel SGX enclaves and propose the HotCall-Bundler library that helps reduce the cost of individual single enclave transitions and the total number of enclave transitions in trusted applications running in Intel SGX enclaves. We describe the implementation of the HotCall-Bundler library, evaluate its performance and demonstrate its practicality using the case study of Open vSwitch, a widely used software switch implementation
Secure Cloud Storage with Client-Side Encryption Using a Trusted Execution Environment
With the evolution of computer systems, the amount of sensitive data to be
stored as well as the number of threats on these data grow up, making the data
confidentiality increasingly important to computer users. Currently, with
devices always connected to the Internet, the use of cloud data storage
services has become practical and common, allowing quick access to such data
wherever the user is. Such practicality brings with it a concern, precisely the
confidentiality of the data which is delivered to third parties for storage. In
the home environment, disk encryption tools have gained special attention from
users, being used on personal computers and also having native options in some
smartphone operating systems. The present work uses the data sealing, feature
provided by the Intel Software Guard Extensions (Intel SGX) technology, for
file encryption. A virtual file system is created in which applications can
store their data, keeping the security guarantees provided by the Intel SGX
technology, before send the data to a storage provider. This way, even if the
storage provider is compromised, the data are safe. To validate the proposal,
the Cryptomator software, which is a free client-side encryption tool for cloud
files, was integrated with an Intel SGX application (enclave) for data sealing.
The results demonstrate that the solution is feasible, in terms of performance
and security, and can be expanded and refined for practical use and integration
with cloud synchronization services
Mitigating Branch-Shadowing Attacks on Intel SGX using Control Flow Randomization
Intel Software Guard Extensions (SGX) is a promising hardware-based
technology for protecting sensitive computations from potentially compromised
system software. However, recent research has shown that SGX is vulnerable to
branch-shadowing -- a side channel attack that leaks the fine-grained (branch
granularity) control flow of an enclave (SGX protected code), potentially
revealing sensitive data to the attacker. The previously-proposed defense
mechanism, called Zigzagger, attempted to hide the control flow, but has been
shown to be ineffective if the attacker can single-step through the enclave
using the recent SGX-Step framework.
Taking into account these stronger attacker capabilities, we propose a new
defense against branch-shadowing, based on control flow randomization. Our
scheme is inspired by Zigzagger, but provides quantifiable security guarantees
with respect to a tunable security parameter. Specifically, we eliminate
conditional branches and hide the targets of unconditional branches using a
combination of compile-time modifications and run-time code randomization.
We evaluated the performance of our approach by measuring the run-time
overhead of ten benchmark programs of SGX-Nbench in SGX environment
Stress-SGX: Load and Stress your Enclaves for Fun and Profit
The latest generation of Intel processors supports Software Guard Extensions
(SGX), a set of instructions that implements a Trusted Execution Environment
(TEE) right inside the CPU, by means of so-called enclaves. This paper presents
Stress-SGX, an easy-to-use stress-test tool to evaluate the performance of
SGX-enabled nodes. We build on top of the popular Stress-NG tool, while only
keeping the workload injectors (stressors) that are meaningful in the SGX
context. We report on several insights and lessons learned about porting legacy
code to run inside an SGX enclave, as well as the limitations introduced by
this process. Finally, we use Stress-SGX to conduct a study comparing the
performance of different SGX-enabled machines.Comment: European Commission Project: LEGaTO - Low Energy Toolset for
Heterogeneous Computing (EC-H2020-780681
SGX Switchless Calls Made Configless
Intel's software guard extensions (SGX) provide hardware enclaves to
guarantee confidentiality and integrity for sensitive code and data. However,
systems leveraging such security mechanisms must often pay high performance
overheads. A major source of this overhead is SGX enclave transitions which
induce expensive cross-enclave context switches. The Intel SGX SDK mitigates
this with a switchless call mechanism for transitionless cross-enclave calls
using worker threads. Intel's SGX switchless call implementation improves
performance but provides limited flexibility: developers need to statically fix
the system configuration at build time, which is error-prone and
misconfigurations lead to performance degradations and waste of CPU resources.
ZC-SWITCHLESS is a configless and efficient technique to drive the execution of
SGX switchless calls. Its dynamic approach optimises the total switchless
worker threads at runtime to minimise CPU waste. The experimental evaluation
shows that ZC-SWITCHLESS obviates the performance penalty of misconfigured
switchless systems while minimising CPU waste.Comment: 10 pages, 53rd Annual IEEE/IFIP International Conference on
Dependable Systems and Networks (DSN
Systems Support for Trusted Execution Environments
Cloud computing has become a default choice for data processing by both large corporations and individuals due to its economy of scale and ease of system management. However, the question of trust and trustoworthy computing inside the Cloud environments has been long neglected in practice and further exacerbated by the proliferation of AI and its use for processing of sensitive user data. Attempts to implement the mechanisms for trustworthy computing in the cloud have previously remained theoretical due to lack of hardware primitives in the commodity CPUs, while a combination of Secure Boot, TPMs, and virtualization has seen only limited adoption. The situation has changed in 2016, when Intel introduced the Software Guard Extensions (SGX) and its enclaves to the x86 ISA CPUs: for the first time, it became possible to build trustworthy applications relying on a commonly available technology. However, Intel SGX posed challenges to the practitioners who discovered the limitations of this technology, from the limited support of legacy applications and integration of SGX enclaves into the existing system, to the performance bottlenecks on communication, startup, and memory utilization. In this thesis, our goal is enable trustworthy computing in the cloud by relying on the imperfect SGX promitives. To this end, we develop and evaluate solutions to issues stemming from limited systems support of Intel SGX: we investigate the mechanisms for runtime support of POSIX applications with SCONE, an efficient SGX runtime library developed with performance limitations of SGX in mind. We further develop this topic with FFQ, which is a concurrent queue for SCONE's asynchronous system call interface. ShieldBox is our study of interplay of kernel bypass and trusted execution technologies for NFV, which also tackles the problem of low-latency clocks inside enclave. The two last systems, Clemmys and T-Lease are built on a more recent SGXv2 ISA extension. In Clemmys, SGXv2 allows us to significantly reduce the startup time of SGX-enabled functions inside a Function-as-a-Service platform. Finally, in T-Lease we solve the problem of trusted time by introducing a trusted lease primitive for distributed systems. We perform evaluation of all of these systems and prove that they can be practically utilized in existing systems with minimal overhead, and can be combined with both legacy systems and other SGX-based solutions. In the course of the thesis, we enable trusted computing for individual applications, high-performance network functions, and distributed computing framework, making a <vision of trusted cloud computing a reality
SGXTuner: Performance Enhancement of Intel SGX Applications via Stochastic Optimization
Intel SGX has started to be widely adopted. Cloud providers (Microsoft Azure, IBM Cloud, Alibaba Cloud) are offering new solutions, implementing data-in-use protection via SGX. A major challenge faced by both academia and industry is providing transparent SGX support to legacy applications. The approach with the highest consensus is linking the target software with SGX-extended libc libraries. Unfortunately, the increased security entails a dramatic performance penalty, which is mainly due to the intrinsic overhead of context switches, and the limited size of protected memory. Performance optimization is non-trivial since it depends on key parameters whose manual tuning is a very long process. We present the architecture of an automated tool, called SGXTuner, which is able to find the best setting of SGX-extended libc library parameters, by iteratively adjusting such parameters based on continuous monitoring of performance data. The tool is to a large extent algorithm agnostic. We decided to base the current implementation on a particular type of stochastic optimization algorithm, specifically Simulated Annealing. A massive experimental campaign was conducted on a relevant case study. Three client-server applications Memcached, Redis, and Apache were compiled with SCONE's sgx-musl and tuned for best performance. Results demonstrate the effectiveness of SGXTuner
- …