experiences in intel sgx research
play

Experiences in Intel SGX research Dongsu Han and Seongmin Kim KAIST - PowerPoint PPT Presentation

Experiences in Intel SGX research Dongsu Han and Seongmin Kim KAIST Joint work with: Changho Choi, Soham Desai*, Juhyeng Han, Jaehyung Ha, Prerit Jain*, JaeHyuk Lee, Youjung Shin, Brent Byounghoon Kang and Taesoo Kim* * APNet 2017 1 Trend 1:


  1. Experiences in Intel SGX research Dongsu Han and Seongmin Kim KAIST Joint work with: Changho Choi, Soham Desai*, Juhyeng Han, Jaehyung Ha, Prerit Jain*, JaeHyuk Lee, Youjung Shin, Brent Byounghoon Kang and Taesoo Kim* * APNet 2017 1

  2. Trend 1: Security and Privacy CriBcal Factors in Technology AdopBon • Demands for “security” and “privacy” are increasing – Widespread use of Transport Layer Security (TLS) – Popularity of anonymity networks (e.g., Tor) – Use of strong authenTcaTon/encrypTon in WiFi • ExpectaTon on security and privacy impacts design decisions: – OperaTng system (iOS, Android) – Apps/services (e.g., messenger, adblocker) – Network infrastructure (inter-domain SDN) APNet 2017 2

  3. Trend 1: Security and Privacy CriBcal Factors in Technology AdopBon • Demands for “security” and “privacy” are increasing – Widespread use of Transport Layer Security (TLS) – Popularity of anonymity networks (e.g., Tor) – Use of strong authenTcaTon/encrypTon in WiFi • ExpectaTon on security and privacy impacts design decisions: – OperaTng system (iOS, Android) – Apps/services (e.g., messenger, adblocker) – Network infrastructure (inter-domain SDN) APNet 2017 3

  4. Trend 2: CommodiBzaBon of Trusted ExecuBon Environment • Trusted ExecuTon Environment (TEE) – Isolated execuTon: integrity of code, confidenTality – Remote a_estaTon • CommodiTzaTon of TEE – Trusted Plaaorm Module (TPM) : Slow performance – ARM TrustZone : Only available for embedded devices The commoditization of TEE brings new – Intel Sodware Guard Extension (SGX) opportunities for networking. 1. NaTve performance 2. CompaTbility with x86 APNet 2017 4

  5. SGX : Isolated ExecuBon System Memory CPU Package Enclave Access from OS/VMM Memory Encrypted Snooping EncrypTon code/data Engine (MEE) • ApplicaTon keeps its data/code inside the “enclave” – Smallest a_ack surface by reducing TCB (App + processor) – Protect app’s secret from untrusted privilege sodware (e.g., OS, VMM) APNet 2017 5

  6. SGX : Remote ALestaBon Remote plaaorm Host plaaorm 1. Request Hash Target 2. Calculate Challenger Enclave MAC CMAC 3. Send MAC 6. Send signature QuoBng SGX CPU Enclave 4. Verify 5. Sign with group key [EPID] • A_est an applicaTon on remote plaaorm • Check the idenTty of enclave ( hash of code/data pages ) • Can establish a “secure channel” between enclaves APNet 2017 6

  7. SGX Research: Current Status and Challenges • SGX specificaTon released in 2013. – SGX available in Intel’s Skylake microarchitecture (2015) – Hardware and sodware implementaTons for SGX lag behind their specificaTons. SGX CPU and SDK is now available! But.. • SpecificaTon for SGX [revision 1 & 2] is not fully available on the SGX hardware (only funcTonaliTes in revision 1) Barriers to SGX research • SGX technology has a complex license model – Hard to obtain full license. APNet 2017 7

  8. Our work 1. Open-source emulator plaaorm for SGX research - OpenSGX [NDSS16] 2. What impact does SGX have on networking? - A first Step Towards Leveraging Commodity Trusted execuTon Environments for Network ApplicaTons [HotNets15] - Enhancing Security and Privacy of Tor’s Ecosystem by using Trusted ExecuTon Environment [NSDI17] - SGX-Box: Enabling Visibility on Encrypted Traffic using a Secure Middlebox Module [APNet17] 8

  9. Network ApplicaBons + TEE = ? • What impact does TEE have on networking? [HotNets15] TEE Enhanced security Network ApplicaBons New design space New funcBonality Intel SGX • Previous efforts: AdopTng TEE to cloud plaaorm – Haven [OSDI’14] : Protects applicaTons from an untrusted cloud – VC3 [S&P’15] : Trustworthy data analyTcs in the cloud 9

  10. Case Studies: Three ApplicaBons TEE Enhanced security Network ApplicaBons New design space New funcBonality Intel SGX 1. Network infrastructure: Sodware-defined inter- domain rouTng [HotNets2015] 2. Peer-to-peer systems: Tor anonymity network [NSDI2017] 3. Middlebox: Secure Middlebox [APNet2017] 10

  11. Our work 1. OpenSGX [NDSS16]: Open-source emulator plaaorm for SGX research 2. What impact does SGX have on networking? - A first Step Towards Leveraging Commodity Trusted execuTon Environments for Network ApplicaTons [HotNets15] - - Enhancing Security and Privacy of Tor’s Ecosystem by using Trusted ExecuTon Environment [NSDI17] - SGX-Box: Enabling Visibility on Encrypted Traffic using a Secure Middlebox Module [APNet17] 11

  12. Background: Enclave Life Cycle Virtual Address Space Physical Address Space 1. ECREATE Plaintext Create an enclave Code/Data Enclave 2. EADD Plaintext Code/Data Add pages Memory Code/Data Code/Data 3. EINIT (Untrusted) Code/Data Code/Data Finalize the enclave EPC 4. EENTER Plaintext Enters the enclave Code/Data 5. EEXIT Plaintext Code/Data Leaves the enclave ApplicaTon code 13

  13. OpenSGX: Design Goal • Offer a complete plaaorm for SGX research – To explore sodware and hardware design space of SGX – To develop and evaluate SGX-enabled applicaTons • Solve non-trivial issues on SGX sodware components – Support for system sodware and user-level APIs – Familiar programming model and interface – Secure design to defend against potenTal a_ack vectors (e.g., Iago a_acks) APNet 2017 13

  14. OpenSGX: Component Overview ü • Emulated SGX hardware • Enclave loader ü • Performance monitor • OS emulaTon layer ü • Enclave debugger • OpenSGX user library • OpenSGX toolchain Enclave Program SGX Libraries Enclave Enclave RunBme Debugger Trampoline loader library Stub Performance Monitor SGX OS EmulaBon OpenSGX toolchain SGX QEMU (HW emulaBon) APNet 2017 14

  15. OpenSGX: Approach • Using user-space emulaTon of QEMU – Binary translaTon to support SGX instrucTons – QEMU helper rouTne to implement complex instrucTons Host (single address space) QEMU Entry point EPC Code RIP enclu(){ Lib EPC Binary … … Helper rouTne asm(“.byte TranslaTon … 0x0f” EPC Data if(opcode == - Set registers “.byte … 0x01” 0x0f01d7) { - Operates “.byte EPC Stack 0xd7” SGX instrucBons EENTER helper_enclu(); EPC Heap “rax=entry” … } Enclave } Wrapper … 15

  16. Hardware EmulaBon • Emulates SGX data structures and SGX processor key • Enclave page cache (EPC) memory management – Direct mapping on virtual memory – Access protecTon: Instrument memory access … EPC_begin Case (Load | Store) { enclave_begin 1. Prohibit access from host to EPC enclave_end 2. Prohibit others enclaves’ EPC to current enclave’s EPC EPC_end } … Virtual address space QEMU’s translaTon rouTne 16

  17. InstrucBon Support • OpenSGX supports most instrucTons in the specificaTon – Except for debugging related instrucTons (e.g., EDBGRD) – Instead, it offers rich environment for debugging since it is a “ so_ware emulator ” (e.g., GDB stub) • Provides simple C APIs which wraps assembly code – User-level instrucTons (ENCLU) : accessible to user-level APIs – Super-level instrucTons (ENCLS) : Requires system support APNet 2017 17

  18. OS EmulaBon Layer • Emulate OS to execute the privileged SGX instrucTons • OS-neutral interface for: – Bootstrapping (EPC allocaTon) – Enclave iniTalizaTon & page translaTon – Dynamic EPC page allocaTon System call DescripBon sys_sgx_init() Allocate EPC memory region sys_init_enclave() Create an enclave, Add and measure EPC pages sys_add_epc() Allocates a new EPC page to the running enclave sys_stat_enclave() Obtains the enclave performance staTsTcs APNet 2017 18

  19. Narrow interface for SGX user lib: Trampoline and Stub “A strict and narrow interface to handle enclave-host communicaTon using shared data/code” Trampoline Lib Trampoline : Shared code to call <SpecificaBon> malloc(){ … … user-level APIs in the wrapper fcode : FUNC_MALLOC if (fcode == mcode : EAUG sgx_exit(tram); FUNC_MALLOC) size: 100 … alloc_tramp(); } … Code Stub … Stub : Shared data to specify the malloc(100); heap_end … funcBon code and arguments fcode FULL! mcode Heap Heap argument1 … (Shared) Wrapper Emulated OS Enclave 19

  20. Trampoline and Stub Interface “A strict and narrow interface to handle enclave-host communicaTon using shared data/code” Lib Trampoline User-level EEXIT APIs to request malloc(){ … if (fcode == … system calls sgx_exit(tram); … FUNC_MALLOC) alloc_tramp() { } Call EAUG alloc_tramp(); ERESUME … … int sys_add_epc() { sys_add_epc(); Code Stub encls(EAUG, …); … … heap_end+4K heap_end … } malloc(100); System … FUNC_MALLOC Call EAUG 100 Heap … (Shared) Wrapper Emulated OS Enclave 20

  21. OpenSGX: Usage Example • Similar to building a C program – Compile (Similar to gcc) – Sign (Using programmer’s key) – ExecuTon (Compiled enclave binary is loaded and executed) void enclave_main(){ 0x0000 Code char *hello = “hello sgx!\n”; enclave_main() EPC1 sgx_enclave_write(hello, strlen(hello)); sgx_exit(NULL); 0x1000 Data } EPC2 “hello sgx\n” $opensgx –c hello.c $ opensgx –s hello.sgx –key sign.key Entry point : $ opensgx hello.sgx hello.conf SigStruct: … hello sgx! APNet 2017 21

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend


More recommend