T ag- I solated M emory B ringing Fine-grained E nclaves to R ISC- V - - PowerPoint PPT Presentation

S C I E N C E T E C H N O L O G Y P A S S I O N NDSS’19, San Diego www.iaik.tugraz.at

Tag-Isolated Memory Bringing Fine-grained Enclaves to RISC-V

Samuel Weiser∗ Mario Werner∗ Ferdinand Brasser† Maja Malenko∗ Stefan Mangard∗ Ahmad Sadeghi†

∗Graz University of Technology †TU Darmstadt

2

TIMBER-V

Motivation

Goal: Protect sensitive code and data

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

2

TIMBER-V

Motivation

Goal: Protect sensitive code and data

App OS Hypervisor

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

2

TIMBER-V

Motivation

Goal: Protect sensitive code and data

App OS Hypervisor Enclave

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

2

TIMBER-V

Motivation

Goal: Protect sensitive code and data from malicious software

App OS Hypervisor Enclave App OS Hypervisor

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

2

TIMBER-V

Motivation

Goal: Protect sensitive code and data from malicious software Intel SGX is cool, but

App OS Hypervisor Enclave App OS Hypervisor

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

2

TIMBER-V

Motivation

Goal: Protect sensitive code and data from malicious software Intel SGX is cool, but Closed ISA, microarchitecture Hardware backdoors? [8]

App OS Hypervisor Enclave App OS Hypervisor

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

2

TIMBER-V

Motivation

Goal: Protect sensitive code and data from malicious software Intel SGX is cool, but Closed ISA, microarchitecture Hardware backdoors? [8] RISC-V is completely open

App OS Hypervisor Enclave App OS Hypervisor

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

2

TIMBER-V

Motivation

Goal: Protect sensitive code and data from malicious software Intel SGX is cool, but Closed ISA, microarchitecture Hardware backdoors? [8] RISC-V is completely open Bring SGX features to embedded RISC-V

App OS Hypervisor Enclave App OS Hypervisor

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

2

TIMBER-V

Motivation

Goal: Protect sensitive code and data from malicious software Intel SGX is cool, but Closed ISA, microarchitecture Hardware backdoors? [8] RISC-V is completely open Bring SGX features to embedded RISC-V (embedded = ARM Cortex-M)

App OS Hypervisor Enclave App OS Hypervisor

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

3

TIMBER-V

Background: Enclaves

Secure execution

Enclave

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

3

TIMBER-V

Background: Enclaves

Secure execution Protect against all other software Malicious app

Enclave App

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

3

TIMBER-V

Background: Enclaves

Secure execution Protect against all other software Malicious app Malicious OS

Enclave App OS

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

3

TIMBER-V

Background: Enclaves

Secure execution Protect against all other software Malicious app Malicious OS Malicious hypervisor

Enclave App OS Hypervisor

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

3

TIMBER-V

Background: Enclaves

Secure execution Protect against all other software Malicious app Malicious OS Malicious hypervisor Malicious enclaves

Enclave App OS Hypervisor Enclave App

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

3

TIMBER-V

Background: Enclaves

Secure execution Protect against all other software Malicious app Malicious OS Malicious hypervisor Malicious enclaves Minimal trust (enclave + HW)

Enclave App OS Hypervisor Enclave App

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

4

TIMBER-V

Related Work - Secure Execution

”Large”: Sanctum (RISC-V) [2] ”Embedded”: [3, 4, 7, 1, 9] RISC-V: MultiZone [5], Keystone [6]

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

4

TIMBER-V

Related Work - Secure Execution

”Large”: Sanctum (RISC-V) [2] ”Embedded”: [3, 4, 7, 1, 9] RISC-V: MultiZone [5], Keystone [6]

Problems

Inflexible isolation boundaries Memory fragmentation

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

5

TIMBER-V

Problem: Memory Fragmentation

Physical memory

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

5

TIMBER-V

Problem: Memory Fragmentation

Physical memory

Process A App Enclave Data Stack

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

5

TIMBER-V

Problem: Memory Fragmentation

Physical memory

Process A App Enclave Data Stack Data Stack

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

5

TIMBER-V

Problem: Memory Fragmentation

Physical memory

Process A App Enclave Process B App Enclave Data Stack Data Stack Data Stack

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

5

TIMBER-V

Problem: Memory Fragmentation

Physical memory

Process A App Enclave Process B App Enclave Data Stack Data Stack Data Stack Data Stack

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

5

TIMBER-V

Problem: Memory Fragmentation

Physical memory

Process A App Enclave Process B App Enclave Process C App Enclave

X

Data Stack Data Stack Data Stack Data Stack

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

5

TIMBER-V

Problem: Memory Fragmentation

Physical memory

Process A App Enclave Process B App Enclave Process C App Enclave

X

Data Stack Data Stack Data Stack Data Stack

Bad memory utilization

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

5

TIMBER-V

Problem: Memory Fragmentation

Process A App Enclave Process B App Enclave Process C App Enclave Data Stack

Bad memory utilization We want to interleave memory → Stack sharing

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

5

TIMBER-V

Problem: Memory Fragmentation

Process A App Enclave Process B App Enclave Process C App Enclave Data Stack Data Stack

Bad memory utilization We want to interleave memory → Stack sharing

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

5

TIMBER-V

Problem: Memory Fragmentation

Process A App Enclave Process B App Enclave Process C App Enclave Data Stack Data Stack Data Stack

Bad memory utilization We want to interleave memory → Stack sharing

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

6

TIMBER-V

Contributions

: Enclaves from tagged memory for embedded RISC-V

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

6

TIMBER-V

Contributions

: Enclaves from tagged memory for embedded RISC-V Novel stack sharing

App Shared stack Enclave

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

6

TIMBER-V

Contributions

: Enclaves from tagged memory for embedded RISC-V Novel stack sharing Fast shared enclave memory ... Proof-of-concept

App Shared stack Enclave

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

7

TIMBER-V

TIMBER-V Overview

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

7

TIMBER-V

TIMBER-V Overview

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

7

TIMBER-V

TIMBER-V Overview

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

8

TIMBER-V

Enclave building blocks:

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

8

TIMBER-V

Enclave building blocks:

Memory isolation

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

8

TIMBER-V

Enclave building blocks:

Memory isolation Entry points

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

8

TIMBER-V

Enclave building blocks:

Memory isolation Entry points Attestation, sealing Inter-enclave communication

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

8

TIMBER-V

Enclave building blocks:

Memory isolation Entry points Attestation, sealing Inter-enclave communication

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

9

TIMBER-V

Traditional Memory Protection Unit (MPU)

Physical Memory

MPU regions define application Problem: inflexible

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

10

TIMBER-V

Tagged Memory

Physical Memory Memory tags →

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

10

TIMBER-V

Tagged Memory

Physical Memory Memory tags →

Memory tags define applications

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

10

TIMBER-V

Tagged Memory

Physical Memory Memory tags →

Memory tags define applications Problem: high memory overhead

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

11

TIMBER-V

TIMBER-V: MPU + Tagged Memory

MPU region defines application

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

11

TIMBER-V

TIMBER-V: MPU + Tagged Memory

MPU region defines application Application cannot escape

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

11

TIMBER-V

TIMBER-V: MPU + Tagged Memory

Memory tag defines enclave

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

11

TIMBER-V

TIMBER-V: MPU + Tagged Memory

Memory tag defines enclave Memory tag defines TagRoot

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

12

TIMBER-V

TIMBER-V Tag Isolation

Normal memory

Normal

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

12

TIMBER-V

TIMBER-V Tag Isolation

Normal memory Cannot access others

Normal

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

12

TIMBER-V

TIMBER-V Tag Isolation

Normal memory Cannot access others

Normal

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

13

TIMBER-V

TIMBER-V Tag Isolation

Trusted User memory (enclaves)

Normal Trusted User

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

13

TIMBER-V

TIMBER-V Tag Isolation

Trusted User memory (enclaves) Can access and update normal memory

Normal Trusted User

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

13

TIMBER-V

TIMBER-V Tag Isolation

Trusted User memory (enclaves) Can access and update normal memory

Normal Trusted User

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

13

TIMBER-V

TIMBER-V Tag Isolation

Trusted User memory (enclaves) Can access and update normal memory

Normal Trusted User

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

13

TIMBER-V

TIMBER-V Tag Isolation

Trusted User memory (enclaves) Can access and update normal memory

Normal Trusted User

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

14

TIMBER-V

TIMBER-V Tag Isolation

Trusted Supervisor memory (TagRoot)

Normal Trusted User Trusted Supervisor

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

14

TIMBER-V

TIMBER-V Tag Isolation

Trusted Supervisor memory (TagRoot) Can access and update any tag

Normal Trusted User Trusted Supervisor

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

14

TIMBER-V

TIMBER-V Tag Isolation

Trusted Supervisor memory (TagRoot) Can access and update any tag

Normal Trusted User Trusted Supervisor

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

14

TIMBER-V

TIMBER-V Tag Isolation

Trusted Supervisor memory (TagRoot) Can access and update any tag

Normal Trusted User Trusted Supervisor

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

14

TIMBER-V

TIMBER-V Tag Isolation

Trusted Supervisor memory (TagRoot) Can access and update any tag

Normal Trusted User Trusted Supervisor

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

15

TIMBER-V

TIMBER-V Memory Isolation

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

16

TIMBER-V

Enclave building blocks:

Memory isolation Entry points Attestation, sealing Inter-enclave communication

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

16

TIMBER-V

Enclave building blocks:

Memory isolation Entry points Attestation, sealing Inter-enclave communication

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

17

TIMBER-V

TIMBER-V Entry Points

Enter only at Trusted Callable

Normal Trusted User Trusted Supervisor Trusted Callable

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

17

TIMBER-V

TIMBER-V Entry Points

Enter only at Trusted Callable Zero runtime overhead (ordinary jmp)

Normal Trusted User Trusted Supervisor Trusted Callable

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

17

TIMBER-V

TIMBER-V Entry Points

Enter only at Trusted Callable Zero runtime overhead (ordinary jmp)

Normal Trusted User Trusted Supervisor Trusted Callable

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

17

TIMBER-V

TIMBER-V Entry Points

Four tags → two tag bits only

Normal Trusted User Trusted Supervisor Trusted Callable

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

17

TIMBER-V

TIMBER-V Entry Points

Four tags → two tag bits only For 32-bit system +6.25% memory overhead

Normal Trusted User Trusted Supervisor Trusted Callable

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

18

TIMBER-V

Enclave building blocks:

Memory isolation Entry points Attestation, sealing Inter-enclave communication

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

18

TIMBER-V

Enclave building blocks:

Memory isolation Entry points Attestation, sealing Inter-enclave communication

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

19

TIMBER-V

TIMBER-V TagRoot

Root of trust in privileged software

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

19

TIMBER-V

TIMBER-V TagRoot

Root of trust in privileged software Supports SGX and TrustZone model

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

19

TIMBER-V

TIMBER-V TagRoot

Root of trust in privileged software Supports SGX and TrustZone model Enclave management

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

19

TIMBER-V

TIMBER-V TagRoot

Root of trust in privileged software Supports SGX and TrustZone model Enclave management Inter-enclave communication Fast shared memory Mutual authentication Implicit local attestation

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

19

TIMBER-V

TIMBER-V TagRoot

Root of trust in privileged software Supports SGX and TrustZone model Enclave management Inter-enclave communication Fast shared memory Mutual authentication Implicit local attestation Sealing (like SGX)

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

20

TIMBER-V

Enclave building blocks:

Memory isolation Entry points Attestation, sealing Inter-enclave communication

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

21

TIMBER-V

Novel Stack Sharing

Application

store XXX jmp e ... a: store YYY store ZZZ

N N N N N

Stack Enclave

e: store KEY store KEY jmp a ...

TU TC TU TU TU

Single stack shared between application and enclave ...

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

21

TIMBER-V

Novel Stack Sharing

Application

store XXX jmp e ... a: store YYY store ZZZ

N N N N N

Stack Enclave

e: store KEY store KEY jmp a ...

TU TC TU TU TU

Single stack shared between application and enclave ...

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

21

TIMBER-V

Novel Stack Sharing

Application

store XXX jmp e ... a: store YYY store ZZZ

N N N N N

Stack

XXX

N

Enclave

e: store KEY store KEY jmp a ...

TU TC TU TU TU

Single stack shared between application and enclave ...

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

21

TIMBER-V

Novel Stack Sharing

Application

store XXX jmp e ... a: store YYY store ZZZ

N N N N N

Stack

XXX

N

Enclave

e: store KEY store KEY jmp a ...

TU TC TU TU TU

Single stack shared between application and enclave ...

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

21

TIMBER-V

Novel Stack Sharing

Application

store XXX jmp e ... a: store YYY store ZZZ

N N N N N

Stack

XXX

N

Enclave

e: store KEY store KEY jmp a ...

TU TC TU TU TU

Single stack shared between application and enclave ...

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

21

TIMBER-V

Novel Stack Sharing

Application

store XXX jmp e ... a: store YYY store ZZZ

N N N N N

Stack

XXX KEY

N UT

Enclave

e: store KEY store KEY jmp a ...

TU TC TU TU TU

Single stack shared between application and enclave ...

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

21

TIMBER-V

Novel Stack Sharing

Application

store XXX jmp e ... a: store YYY store ZZZ

N N N N N

Stack

XXX KEY

N UT

Enclave

e: store KEY store KEY jmp a ...

TU TC TU TU TU

Single stack shared between application and enclave ...

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

21

TIMBER-V

Novel Stack Sharing

Application

store XXX jmp e ... a: store YYY store ZZZ

N N N N N

Stack

XXX KEY KEY

N UT UT

Enclave

e: store KEY store KEY jmp a ...

TU TC TU TU TU

Single stack shared between application and enclave ...

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

21

TIMBER-V

Novel Stack Sharing

Application

store XXX jmp e ... a: store YYY store ZZZ

N N N N N

Stack

XXX KEY KEY

N UT UT

Enclave

e: store KEY store KEY jmp a ...

TU TC TU TU TU

Single stack shared between application and enclave ...

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

21

TIMBER-V

Novel Stack Sharing

Application

store XXX jmp e ... a: store YYY store ZZZ

N N N N N

Stack

XXX KEY KEY

N UT UT

Enclave

e: store KEY store KEY jmp a ...

TU TC TU TU TU

Single stack shared between application and enclave ...

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

21

TIMBER-V

Novel Stack Sharing

Application

store XXX jmp e ... a: store YYY store ZZZ

N N N N N

Stack

XXX KEY KEY YYY

N UT UT N

Enclave

e: store KEY store KEY jmp a ...

TU TC TU TU TU

Single stack shared between application and enclave ...

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

21

TIMBER-V

Novel Stack Sharing

Application

store XXX jmp e ... a: store YYY store ZZZ

N N N N N

Stack

XXX KEY KEY YYY

N UT UT N

Enclave

e: store KEY store KEY jmp a ...

TU TC TU TU TU

Single stack shared between application and enclave ...

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

21

TIMBER-V

Novel Stack Sharing

Application

store XXX jmp e ... a: store YYY store ZZZ

N N N N N

Stack

XXX KEY KEY YYY ZZZ

N UT UT N N

Enclave

e: store KEY store KEY jmp a ...

TU TC TU TU TU

Single stack shared between application and enclave ...

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

21

TIMBER-V

Novel Stack Sharing

Application

store XXX jmp e ... a: store YYY store ZZZ

N N N N N

Stack

XXX KEY KEY YYY ZZZ

N UT UT N N

Enclave

e: store KEY store KEY jmp a ...

TU TC TU TU TU

Single stack shared between application and enclave ... ... and between TagRoot!

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

21

TIMBER-V

Novel Stack Sharing

Application

store XXX jmp e ... a: store YYY store ZZZ

N N N N N

Stack

XXX KEY KEY YYY ZZZ

N UT UT N N

Enclave

e: store KEY store KEY jmp a ...

TU TC TU TU TU

Single stack shared between application and enclave ... ... and between TagRoot! Heap sharing quite similar

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

22

TIMBER-V

Key Insights

Build enclaves with tagged memory Fine granularity and high flexibility Combination with MPU allows tiny 2-bit tags Reduced memory fragmentation Shared stacks, heaps ...

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

23

TIMBER-V

Proof-of-Concept

Integration in ISA simulator (Spike) Full TagRoot implementation FreeRTOS integration Gnu GCC support Benchmarks (Coremark, Beebs) Open source: github.com/IAIK/timber-v

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

S C I E N C E T E C H N O L O G Y P A S S I O N NDSS’19, San Diego www.iaik.tugraz.at

Tag-Isolated Memory Bringing Fine-grained Enclaves to RISC-V

Samuel Weiser∗ Mario Werner∗ Ferdinand Brasser† Maja Malenko∗ Stefan Mangard∗ Ahmad Sadeghi†

∗Graz University of Technology †TU Darmstadt

25

TIMBER-V

Bonus: New Instructions

RISC-V TIMBER-V Arguments

Load lb,lbu lbct,lbuct etag ← check for expected memory tag lh,lhu lhct,lhuct etag (fault on mismatch) lw lwct etag ltt etag ← load and test tag w.o. fault Store sb sbct etag,ntag ← also store new memory tag sh shct etag,ntag sw swct etag,ntag

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

26

TIMBER-V

Bonus: TIMBER-V Overhead Estimate

Average overhead: 25.2% vs 2.6% (with caching of tags)

aha-compress aha-mont64 bs bubblesort cnt compress cover crc ctl-stack dijkstra duff edn expint fac fibcall fir huffbench insertsort janne-cmplx jfdctint lcdnum ludcmp matmult-int minver ndes nettle-arcfour nettle-cast128 nettle-des newlib-exp newlib-log newlib-mod newlib-sqrt ns nsichneu picojpeg prime qsort qurt recursion select sglib-binsearch sglib-heapsort sglib-quicksort sglib-dllist sglib-hashtable sglib-listinssort sglib-listsort sglib-queue sglib-rbtree strstr sqrt statemate tarai ud coremark geo-mean

10 20 30 40 50 60 70

0.9 0.5 1.8 3.1 2 4 1.7 0.9 4.2 3.5 3.1 3 1.1 3.3 0.3 2.7 2.8 4.6 1.6 2 2.4 2.5 3.8 2.6 3 3.3 2.5 2.2 1.6 1.5 1.8 0.6 2.1 4.7 2.7 1.3 2.2 1.8 2.9 2.7 1.5 2.6 2.5 3.8 4 3.7 3.5 2.2 4 2.9 0.9 4.1 4.3 2.5 2.8 2.6 9.4 5.3 17.6 30.8 20 40.3 17 9.4 41.7 35.4 31.2 29.8 11.2 32.9 3.4 26.7 27.8 46.3 15.7 19.7 24.4 25 37.8 25.9 29.8 33.3 25.5 21.7 16.4 14.9 18 6.3 21.2 47 26.6 12.7 22.3 18.4 29 27.1 15 26.4 24.8 37.8 40.4 36.9 34.9 22.3 40.4 29.3 8.8 41.2 43.4 25.1 28.1 25.2

Runtime overhead (%) Optimized Unoptimized

Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at

27

TIMBER-V

References

[1] Franz Ferdinand Brasser, Brahim El Mahjoub, Ahmad-Reza Sadeghi, Christian Wachsmann, and Patrick Koeberl. “TyTAN: tiny trust anchor for tiny devices”. In: Design Automation Conference – DAC’15. ACM, 2015, 34:1–34:6. ISBN: 978-1-4503-3520-1. [2] Victor Costan, Ilia A. Lebedev, and Srinivas Devadas. “Sanctum: Minimal Hardware Extensions for Strong Software Isolation”. In: USENIX Security’16. USENIX Association, 2016, pp. 857–874. [3] Karim Eldefrawy, Gene Tsudik, Aur´ elien Francillon, and Daniele Perito. “SMART: Secure and Minimal Architecture for (Establishing Dynamic) Root of Trust”. In: Network and Distributed System Security Symposium – NDSS’12. The Internet Society, 2012. [4] Johannes G¨

• tzfried, Tilo M¨

uller, Ruan de Clercq, Pieter Maene, Felix C. Freiling, and Ingrid Verbauwhede. “Soteria: Offline Software Protection within Low-cost Embedded Devices”. In: Annual Computer Security Applications Conference – ACSAC’15. ACM, 2015, pp. 241–250. ISBN: 978-1-4503-3682-6. [5] Hex-Five MultiZone Security - the First Trusted Execution Environment (TEE) For RISC-V. https://hex-five.com/products/ (Accessed 2018/12/10). 2018. [6] Keystone: Open-source Secure Hardware Enclave. https://keystone-enclave.org/ (Accessed 2018/12/10). 2018. [7] Patrick Koeberl, Steffen Schulz, Ahmad-Reza Sadeghi, and Vijay Varadharajan. “TrustLite: a security architecture for tiny embedded devices”. In: European Conference on Computer Systems – EUROSYS’14. ACM, 2014, 10:1–10:14. ISBN: 978-1-4503-2704-6. [8] Joanna Rutkowska. Thoughts on Intel’s upcoming Software Guard Extensions (Part 2). http://theinvisiblethings.blogspot.co.at/2013/09/thoughts-on-intels-upcoming-software.html. (Accessed 2016/10/20).

• Sept. 2013.

[9] TrustZone Technology for ARMv8-M Architecture. Ref. no. 100690 0200 00 en. https://static.docs.arm.com/100690/0200/armv8m_trustzone_technology_100690_0200.pdf. (Accessed 2018/11/22). 2017. Samuel Weiser NDSS’19, San Diego www.iaik.tugraz.at