SLIDE 1
Security and confidential computing
axel simon
- ffice of the CTO
enarx.io
Security and confidential computing axel simon office of the CTO - - PowerPoint PPT Presentation
Security and confidential computing axel simon office of the CTO - - PowerPoint PPT Presentation
Security and confidential computing axel simon office of the CTO enarx.io The Problem The Need for Confidentiality and Integrity Banking & Finance Government & Public Sector Telco IoT HIPAA GDPR
SLIDE 2
SLIDE 3
The Need for Confidentiality and Integrity
- Banking & Finance
- Government & Public Sector
- Telco
- IoT
- HIPAA
- GDPR
- Sensitive enterprise functions
- Defense
- Human Rights NGOs
- ...
SLIDE 4
Virtualization Stack
Middleware Userspace Kernel Firmware Hypervisor BIOS | EFI CPU | Management Engine Bootloader Application
SLIDE 5
Container Stack
Middleware Userspace Container Engine Firmware Bootloader BIOS | EFI CPU | Management Engine Hypervisor Kernel Application
SLIDE 6
Virtualization Stack
as seen by xkcd (xkcd.com/2166)
SLIDE 7
Trusted Execution Environments
SLIDE 8
What’s a TEE?
Middleware Userspace Kernel Firmware Hypervisor BIOS | EFI CPU | Management Engine Bootloader Application
TEE
SLIDE 9
What’s a TEE?
Middleware Userspace Kernel Firmware Hypervisor BIOS | EFI CPU | Management Engine Bootloader Application
TEE Only the CPU has access
SLIDE 10
What’s a TEE?
Middleware Userspace Kernel Firmware Hypervisor BIOS | EFI CPU | Management Engine Bootloader Application
TEE Only the CPU has access What happens when
- ther layers try to
access?
SLIDE 11
What’s a TEE?
Middleware Userspace Kernel Firmware Hypervisor BIOS | EFI CPU | Management Engine Bootloader Application
TEE Only the CPU has access What happens when
- ther layers try to
access? Blocked by CPU
SLIDE 12
Trusted Execution Environments
TEE TEE is a protected area within the host, for execution of sensitive workloads Host
SLIDE 13
TEE provides:
- Memory Confidentiality
- Integrity Protection
- General compute
- HWRNG
Trusted Execution Environments
TEE TEE is a protected area within the host, for execution of sensitive workloads Host
SLIDE 14
TEE provides:
- Memory Confidentiality
- Integrity Protection
- General compute
- HWRNG
Trusted Execution Environments
TEE Host
- Q. “But how do I know that it’s a
valid TEE?” Tenant
SLIDE 15
TEE provides:
- Memory Confidentiality
- Integrity Protection
- General compute
- HWRNG
Trusted Execution Summary
Tenant TEE
- Q. “But how do I know that it’s a
valid TEE?”
- A. Attestation
Host Attestation
SLIDE 16
TEE provides:
- Memory Confidentiality
- Integrity Protection
- General compute
- HWRNG
Trusted Execution Summary
Tenant TEE Attestation Attestation includes:
- Diffie-Hellman Public Key
- Hardware Root of Trust
- TEE Measurement
Code + Data (Encrypted) Host
SLIDE 17
Trusted Execution Models
- 1. Attestation is discussed here: https://patents.google.com/patent/US20190042463A1/en?oq=20190042463
Process-Based
- Intel SGX (not upstream)
- RISC-V Sanctum (no hardware)
VM-Based
- AMD SEV
- IBM PEF (no hardware)
- Intel MKTME (no attestation¹)
Not a TEE: TrustZone, TPM
SLIDE 18
Trusted Execution: Process-Based
PROS
- Access to system APIs from Keep
CONS
- Unfiltered system API calls from Keep
- Application redesign required
- Untested security boundary
- Fantastic for malware
- Lock-in
SLIDE 19
Trusted Execution: Virtual Machine-Based
PROS
- Strengthening of existing boundary
- Run application on existing stacks
- Bidirectional isolation
- Limits malware
CONS
- Hardware emulation
- Heavy weight for microservices
- CPU architecture lock-in
- Duplicated kernel pages
- Host-provided BIOS
SLIDE 20
Introducing Enarx
SLIDE 21
The Enarx 5-bullet overview
- Uses TEEs (SGX, SEV, etc.) for confidential workloads
SLIDE 22
The Enarx 5-bullet overview
- Uses TEEs (SGX, SEV, etc.) for confidential workloads
- Easy development and deployment using Wasm
SLIDE 23
The Enarx 5-bullet overview
- Uses TEEs (SGX, SEV, etc.) for confidential workloads
- Easy development and deployment using Wasm
- Strong security design principles
SLIDE 24
The Enarx 5-bullet overview
- Uses TEEs (SGX, SEV, etc.) for confidential workloads
- Easy development and deployment using Wasm
- Strong security design principles
- Cloud-native → Openshift, kubernetes
SLIDE 25
The Enarx 5-bullet overview
- Uses TEEs (SGX, SEV, etc.) for confidential workloads
- Easy development and deployment using Wasm
- Strong security design principles
- Cloud-native → Openshift, kubernetes
- Open source: project, not production-ready (yet)
SLIDE 26
Where do we want to be?
Enarx
SLIDE 27
What’s the full picture?
27
Enarx Keep “Server” “Client” Tenant
Attestation handshake Workload delivery (encrypted)
Host
CPU + firmware Workload runs
SLIDE 28
Enarx Architecture
VM-Based Keep Process-Based Keep SGX Sanctum SEV PEF WebAssembly WASI Language Bindings (libc, etc.)
W3C standards
Application MKTME
SLIDE 29
Enarx Architecture
VM-Based Keep Process-Based Keep SGX SEV WebAssembly WASI Language Bindings (libc, etc.)
W3C standards
Application Intel AMD
SLIDE 30
Breaking things down with SGX
Process-Based Keep SGX Application
SLIDE 31
Breaking things down with SGX
Process-Based Keep Application SGX
SLIDE 32
Breaking things down with SGX
Process-Based Keep SGX Application
SLIDE 33
CONFIDENTIAL Designator
SGX demo
SLIDE 34
Breaking things down with SEV
VM-Based Keep SEV Application
SLIDE 35
Breaking things down with SEV
VM-Based Keep SEV Application
SLIDE 36
Breaking things down with SEV
VM-Based Keep SEV Application
SLIDE 37
CONFIDENTIAL Designator
SEV demo
SLIDE 38
Where we’d like to be
VM-Based Keep SEV Process-Based Keep SGX Application
SLIDE 39
Where we’d like to be
VM-Based Keep SEV Process-Based Keep SGX Application
SLIDE 40
Where we’d like to be
VM-Based Keep SEV Process-Based Keep SGX Application Application Same binary
SLIDE 41
Where we’d like to be Where we are
VM-Based Keep SEV Process-Based Keep SGX Application Application Same binary
SLIDE 42
CONFIDENTIAL Designator
SLIDE 43
CONFIDENTIAL Designator
SLIDE 44
Layers - process-based Keep
Trusted via Measurement Root of Trust Distrusted CPU (Intel) Kernel Loader Shim WASM (JIT) WASI Application Enarx
Silicon architecture-dependent
Enarx Keep
Silicon architecture-dependent
SLIDE 45
Layers (now) - process-based Keep
CPU (Intel) Kernel Loader Shim Application Enarx
SLIDE 46
Layers - VM-based Keep
Trusted via Measurement Root of Trust Distrusted CPU (AMD) Kernel Loader (VMM) Shim WASM (JIT) WASI Application Enarx
Silicon architecture-dependent
Enarx Keep
Silicon architecture-dependent
SLIDE 47
Layers (now) - process-based Keep
CPU (AMD) Kernel Loader (VMM) Shim Application Enarx
SLIDE 48
Where we’d like to be Where we are
Same binary CPU (AMD) Kernel Loader (VMM) Shim ELF static-PIE binary Enarx Kernel Loader Shim CPU (Intel) ELF static-PIE binary Enarx
SLIDE 49
Where we’d like to be next
One binary CPU (AMD) Kernel Loader (VMM) Shim Enarx Kernel Loader Shim CPU (Intel) Wasm binary WASM (JIT) WASI Enarx
SLIDE 50
We are an open project
50
- Code
- Wiki
- Design
- Issues & PRs
- Chat
- CI/CD resources
- Stand-ups
- Diversity
✓ GitHub ✓ GitHub ✓ GitHub ✓ GitHub ✓ Rocket.Chat (Thank you!) ✓ Packet.io (Thank you!) ✓ Open to all ✓ Contributor Covenant CofC
SLIDE 51
We Need Your Help!
51
Website: https://enarx.io Code: https://github.com/enarx License: Apache 2.0 Language: Rust
Daily stand-ups open to all! Check the website wiki for details.
SLIDE 52
We Need Your Help!
52
Website: https://enarx.io Code: https://github.com/enarx License: Apache 2.0 Language: Rust
Daily stand-ups open to all! Check the website wiki for details.
SLIDE 53
Questions?
https://enarx.io