SGXBOUNDS: Memory Safety for Shielded Execution
Dmitrii Kuvaiskii,Oleksii Oleksenko,Sergei Arnautov,Bohdan Trach,Pramod Bhatotia,Pascal Felber,Christof Fetzer +6 more
- pp 205-221
Reads0
Chats0
TLDR
SGXBounds is an efficient memory-safety approach for shielded execution exploiting the architectural features of Intel SGX based on the LLVM compiler framework targeting unmodified multithreaded applications and has performance and memory overheads similar to AddressSanitizer and Intel MPX.Abstract:
Shielded execution based on Intel SGX provides strong security guarantees for legacy applications running on untrusted platforms. However, memory safety attacks such as Heartbleed can render the confidentiality and integrity properties of shielded execution completely ineffective. To prevent these attacks, the state-of-the-art memory-safety approaches can be used in the context of shielded execution.In this work, we first showcase that two prominent software- and hardware-based defenses, AddressSanitizer and Intel MPX respectively, are impractical for shielded execution due to high performance and memory overheads. This motivated our design of SGXBounds---an efficient memory-safety approach for shielded execution exploiting the architectural features of Intel SGX. Our design is based on a simple combination of tagged pointers and compact memory layout.We implemented SGXBounds based on the LLVM compiler framework targeting unmodified multithreaded applications. Our evaluation using Phoenix, PARSEC, and RIPE benchmark suites shows that SGXBounds has performance and memory overheads of 17% and 0.1% respectively, while providing security guarantees similar to AddressSanitizer and Intel MPX. We have obtained similar results with SPEC CPU2006 and four real-world case studies: SQLite, Memcached, Apache, and Nginx.read more
Citations
More filters
Proceedings Article
Graphene-SGX: a practical library OS for unmodified applications on SGX
TL;DR: This paper presents a port of Graphene to SGX, as well as a number of improvements to make the security benefits of SGX more usable, such as integrity support for dynamically-loaded libraries, and secure multiprocess support.
Proceedings ArticleDOI
Ekiden: A Platform for Confidentiality-Preserving, Trustworthy, and Performant Smart Contract Execution
Raymond Cheng,Fan Zhang,Jernej Kos,Warren He,Nicholas Hynes,Noah M. Johnson,Ari Juels,Andrew Miller,Dawn Song +8 more
TL;DR: Ekiden as mentioned in this paper is a system that combines blockchains with Trusted Execution Environments (TEEs), and leverages a novel architecture that separates consensus from execution, enabling efficient TEE-backed confidentiality-preserving smart-contracts and high scalability.
Proceedings ArticleDOI
SgxPectre Attacks: Stealing Intel Secrets from SGX Enclaves via Speculative Execution
TL;DR: SgxPectre attacks as mentioned in this paper exploit the recently disclosed CPU bugs to subvert the confidentiality and integrity of SGX enclaves by modifying the control flow of enclave programs to execute instructions that lead to observable cache-state changes.
Posted Content
SgxPectre Attacks: Leaking Enclave Secrets via Speculative Execution.
TL;DR: SgxPectre Attacks that exploit the recently disclosed CPU bugs to subvert the confidentiality of SGX enclaves are presented and it is shown that when branch prediction of the enclave code can be influenced by programs outside the enclave, the control flow can be temporarily altered to execute instructions that lead to observable cache-state changes.
Proceedings ArticleDOI
SoK: Sanitizing for Security
Dokyung Song,Julian Lettner,Prabhu Rajasekaran,Yeoul Na,Stijn Volckaert,Per Larsen,Michael Franz +6 more
TL;DR: This work provides a systematic overview of sanitizers with an emphasis on their role in finding security issues, taxonomize the available tools and the security vulnerabilities they cover, describe their performance and compatibility properties, and highlight various trade-offs.
References
More filters
Proceedings ArticleDOI
LLVM: a compilation framework for lifelong program analysis & transformation
Chris Lattner,Vikram Adve +1 more
TL;DR: The design of the LLVM representation and compiler framework is evaluated in three ways: the size and effectiveness of the representation, including the type information it provides; compiler performance for several interprocedural problems; and illustrative examples of the benefits LLVM provides for several challenging compiler problems.
Proceedings ArticleDOI
Valgrind: a framework for heavyweight dynamic binary instrumentation
TL;DR: Valgrind is described, a DBI framework designed for building heavyweight DBA tools that can be used to build more interesting, heavyweight tools that are difficult or impossible to build with other DBI frameworks such as Pin and DynamoRIO.
Journal ArticleDOI
SPEC CPU2006 benchmark descriptions
TL;DR: On August 24, 2006, the Standard Performance Evaluation Corporation (SPEC) announced CPU2006, which replaces CPU2000, and the SPEC CPU benchmarks are widely used in both industry and academia.
Proceedings ArticleDOI
Efficient software-based fault isolation
TL;DR: It is demonstrated that for frequently communicating modules, implementing fault isolation in software rather than hardware can substantially improve end-to-end application performance.
Proceedings ArticleDOI
Innovative instructions and software model for isolated execution
Frank Mckeen,Ilya Alexandrovich,Alex Berenzon,Carlos V. Rozas,Hisham Shafi,Vedvyas Shanbhogue,Uday R. Savagaonkar +6 more
TL;DR: This paper analyzes the threats and attacks to applications, then describes the ISA extension for generating a HW based container, and describes the programming model of this container.