Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
158 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

QuanShield: Protecting against Side-Channels Attacks using Self-Destructing Enclaves (2312.11796v1)

Published 19 Dec 2023 in cs.CR

Abstract: Trusted Execution Environments (TEEs) allow user processes to create enclaves that protect security-sensitive computation against access from the OS kernel and the hypervisor. Recent work has shown that TEEs are vulnerable to side-channel attacks that allow an adversary to learn secrets shielded in enclaves. The majority of such attacks trigger exceptions or interrupts to trace the control or data flow of enclave execution. We propose QuanShield, a system that protects enclaves from side-channel attacks that interrupt enclave execution. The main idea behind QuanShield is to strengthen resource isolation by creating an interrupt-free environment on a dedicated CPU core for running enclaves in which enclaves terminate when interrupts occur. QuanShield avoids interrupts by exploiting the tickless scheduling mode supported by recent OS kernels. QuanShield then uses the save area (SA) of the enclave, which is used by the hardware to support interrupt handling, as a second stack. Through an LLVM-based compiler pass, QuanShield modifies enclave instructions to store/load memory references, such as function frame base addresses, to/from the SA. When an interrupt occurs, the hardware overwrites the data in the SA with CPU state, thus ensuring that enclave execution fails. Our evaluation shows that QuanShield significantly raises the bar for interrupt-based attacks with practical overhead.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (88)
  1. OBFUSCURO: A commodity obfuscation engine on intel SGX. In 26th Annual Network and Distributed System Security Symposium, NDSS 2019, San Diego, California, USA, February 24-27, 2019. The Internet Society, 2019.
  2. AMD. AMD Secure Encrypted Virtualization (SEV). https://www.amd.com/en/developer/sev.html. Last accessed: July 27, 2023.
  3. Nadav Amit. Optimizing the TLB shootdown algorithm with page access tracking. In Dilma Da Silva and Bryan Ford, editors, 2017 USENIX Annual Technical Conference, USENIX ATC 2017, Santa Clara, CA, USA, July 12-14, 2017, pages 27–39. USENIX Association, 2017.
  4. ARM. Technologies TrustZone for Cortex-A. . Last accessed: August 7, 2023.
  5. SCONE: Secure Linux Containers With Intel SGX. In 12th USENIX Symposium on Operating Systems Design and Implementation, OSDI, pages 689–703, 2016.
  6. Avoiding TLB shootdowns through self-invalidating TLB entries. In 26th International Conference on Parallel Architectures and Compilation Techniques, PACT 2017, Portland, OR, USA, September 9-13, 2017, pages 273–287. IEEE Computer Society, 2017.
  7. Shielding Applications from an Untrusted Cloud with Haven. In Proceedings of the 11th USENIX Conference on Operating Systems Design and Implementation, OSDI, pages 267–283, 2014.
  8. DR.SGX: automated and adjustable side-channel protection for SGX using data location randomization. In Proceedings of the 35th Annual Computer Security Applications Conference, ACSAC 2019, San Juan, PR, USA, December 09-13, 2019, pages 788–800. ACM, 2019.
  9. Software grand exposure: SGX cache attacks are practical. In 11th USENIX Workshop on Offensive Technologies, WOOT, 2017.
  10. LVI: hijacking transient execution through microarchitectural load value injection. In 2020 IEEE Symposium on Security and Privacy, SP 2020, San Francisco, CA, USA, May 18-21, 2020, pages 54–72. IEEE, 2020.
  11. Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary CPU Interrupt Logic. In CCS 2018, pages 178–195. ACM, 2018.
  12. Telling Your Secrets without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution. In USENIX Security 2017, pages 1041–1056. USENIX Association, 2017.
  13. Fallout: Leaking data on meltdown-resistant cpus. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, UK, November 11-15, 2019, pages 769–784. ACM, 2019.
  14. SgxPectre Attacks: Leaking Enclave Secrets via Speculative Execution. CoRR, abs/1802.09085, 2018.
  15. Racing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races. In 2018 IEEE Symposium on Security and Privacy, SP, pages 178–194, 2018.
  16. Leveraging hardware transactional memory for cache side-channel defenses. In Jong Kim, Gail-Joon Ahn, Seungjoo Kim, Yongdae Kim, Javier López, and Taesoo Kim, editors, Proceedings of the 2018 on Asia Conference on Computer and Communications Security, AsiaCCS 2018, Incheon, Republic of Korea, June 04-08, 2018, pages 601–608. ACM, 2018.
  17. Detecting Privileged Side-Channel Attacks in Shielded Execution with Déjà Vu. In AsiaCCS 2017, pages 7–18. ACM, 2017.
  18. Prime+count: Novel cross-world covert channels on ARM trustzone. In Proceedings of the 34th Annual Computer Security Applications Conference, ACSAC 2018, San Juan, PR, USA, December 03-07, 2018, pages 441–452. ACM, 2018.
  19. Aex-notify: Thwarting precise single-stepping attacks through interrupt awareness for intel SGX enclaves. In Joseph A. Calandrino and Carmela Troncoso, editors, 32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023. USENIX Association, 2023.
  20. Intel Corp. Software Guard Extensions Programming Reference, Ref. 329298-002US. https://software.intel.com/sites/default/files/managed/48/88/329298-002.pdf, 2014.
  21. BranchScope: A New Side-Channel Attack on Directional Branch Predictor. In ASPLOS 2018, pages 693–707. ACM, 2018.
  22. Sgx-lapd: Thwarting controlled side channel attacks via enclave verifiable page faults. In Research in Attacks, Intrusions, and Defenses - 20th International Symposium, RAID 2017, Atlanta, GA, USA, September 18-20, 2017, Proceedings, volume 10453 of Lecture Notes in Computer Science, pages 357–380. Springer, 2017.
  23. Enhanced operating system security through efficient and fine-grained address space randomization. In Tadayoshi Kohno, editor, Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, August 8-10, 2012, pages 475–490. USENIX Association, 2012.
  24. Cache Attacks on Intel SGX. In Proceedings of the 10th European Workshop on Systems Security, EUROSEC, pages 2:1–2:6, 2017.
  25. Strong and efficient cache side-channel protection using hardware transactional memory. In 26th USENIX Security Symposium, USENIX Security 2017, Vancouver, BC, Canada, August 16-18, 2017, pages 217–233. USENIX Association, 2017.
  26. High-Resolution Side Channels for Untrusted Operating Systems. In USENIX ATC 2017, pages 299–312. USENIX Association, 2017.
  27. Steven M. Hand. Self-paging in the nemesis operating system. In Margo I. Seltzer and Paul J. Leach, editors, Proceedings of the Third USENIX Symposium on Operating Systems Design and Implementation (OSDI), New Orleans, Louisiana, USA, February 22-25, 1999, pages 73–86. USENIX Association, 1999.
  28. Transactional memory: Architectural support for lock-free data structures. In Alan Jay Smith, editor, Proceedings of the 20th Annual International Symposium on Computer Architecture, San Diego, CA, USA, May 1993, pages 289–300. ACM, 1993.
  29. Security analysis of encrypted virtual machines. In Proceedings of the 13th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, VEE 2017, Xi’an, China, April 8-9, 2017, pages 129–142. ACM, 2017.
  30. Mitigating branch-shadowing attacks on intel sgx using control flow randomization. In Proceedings of the 3rd Workshop on System Software for Trusted Execution, SysTEX ’18, pages 42–47. Association for Computing Machinery, 2018.
  31. Bluethunder: A 2-level directional predictor based side-channel attack against SGX. IACR Trans. Cryptogr. Hardw. Embed. Syst., 2020(1):321–347, 2020.
  32. Intel. Intel Software Guard Extensions SDK for Linux* OS. https://www.intel.com/content/www/us/en/developer/tools/software-guard-extensions/linux-overview.html#downloads. Last accessed: July 27, 2023.
  33. Simon Johnson. Keynote: Scaling Towards Confidential Computing. https://systex.ibr.cs.tu-bs.de/systex19/slides/systex19-keynote-simon.pdf.
  34. Spectre attacks: exploiting speculative execution. Commun. ACM, 63(7):93–101, 2020.
  35. Load-step: A precise trustzone execution control framework for exploring new side-channel attacks like flush+evict. In 58th ACM/IEEE Design Automation Conference, DAC 2021, San Francisco, CA, USA, December 5-9, 2021, pages 979–984. IEEE, 2021.
  36. LATR: lazy translation coherence. In Xipeng Shen, James Tuck, Ricardo Bianchini, and Vivek Sarkar, editors, Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2018, Williamsburg, VA, USA, March 24-28, 2018, pages 651–664. ACM, 2018.
  37. Navigating the samsung trustzone and cache-attacks on the keymaster trustlet. In Javier López, Jianying Zhou, and Miguel Soriano, editors, Computer Security - 23rd European Symposium on Research in Computer Security, ESORICS 2018, Barcelona, Spain, September 3-7, 2018, Proceedings, Part I, volume 11098 of Lecture Notes in Computer Science, pages 175–196. Springer, 2018.
  38. Inferring fine-grained control flow inside SGX enclaves with branch shadowing. In 26th USENIX Security Symposium, USENIX Security 2017, Vancouver, BC, Canada, August 16-18, 2017, pages 557–574. USENIX Association, 2017.
  39. Crossline: Breaking "security-by-crash" based memory isolation in AMD SEV. In Yongdae Kim, Jong Kim, Giovanni Vigna, and Elaine Shi, editors, CCS ’21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15 - 19, 2021, pages 2937–2950. ACM, 2021.
  40. Exploiting unprotected I/O operations in amd’s secure encrypted virtualization. In Nadia Heninger and Patrick Traynor, editors, 28th USENIX Security Symposium, USENIX Security 2019, Santa Clara, CA, USA, August 14-16, 2019, pages 1257–1272. USENIX Association, 2019.
  41. CIPHERLEAKS: breaking constant-time cryptography on AMD SEV via the ciphertext side channel. In Michael Bailey and Rachel Greenstadt, editors, 30th USENIX Security Symposium, USENIX Security 2021, August 11-13, 2021, pages 717–732. USENIX Association, 2021.
  42. TLB poisoning attacks on AMD secure encrypted virtualization. In ACSAC ’21: Annual Computer Security Applications Conference, Virtual Event, USA, December 6 - 10, 2021, pages 609–619. ACM, 2021.
  43. libigl dev team. Eigen. https://github.com/libigl/eigen. Last accessed: November 27, 2023.
  44. Linux. Linux/Unix nbench. https://www.math.utah.edu/~mayer/linux/bmark.html. Last accessed: December 7, 2020.
  45. Armageddon: Cache attacks on mobile devices. In Thorsten Holz and Stefan Savage, editors, 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10-12, 2016, pages 549–564. USENIX Association, 2016.
  46. Meltdown: reading kernel memory from user space. Commun. ACM, 63(6):46–56, 2020.
  47. Catalyst: Defeating last-level cache side channel attacks in cloud computing. In 2016 IEEE International Symposium on High Performance Computer Architecture, HPCA 2016, Barcelona, Spain, March 12-16, 2016, pages 406–418. IEEE Computer Society, 2016.
  48. Microsoft. Open Enclave SDK. https://openenclave.io/sdk/. Last accessed: October 2, 2021.
  49. CacheZoom: How SGX Amplifies the Power of Cache Attacks. In Cryptographic Hardware and Embedded Systems - CHES 2017 - 19th International Conference, pages 69–90. Springer, 2017.
  50. Memjam: A false dependency attack against constant-time crypto implementations. Int. J. Parallel Program., 47(4):538–570, 2019.
  51. Copycat: Controlled instruction-level attacks on enclaves. In 29th USENIX Security Symposium (USENIX Security 20), pages 469–486. USENIX Association, August 2020.
  52. Extracting secrets from encrypted virtual machines. In Gail-Joon Ahn, Bhavani Thuraisingham, Murat Kantarcioglu, and Ram Krishnan, editors, Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy, CODASPY 2019, Richardson, TX, USA, March 25-27, 2019, pages 221–230. ACM, 2019.
  53. Severed: Subverting amd’s virtual machine encryption. In Angelos Stavrou and Konrad Rieck, editors, Proceedings of the 11th European Workshop on Systems Security, EuroSec@EuroSys 2018, Porto, Portugal, April 23, 2018, pages 1:1–1:6. ACM, 2018.
  54. Fine-grained address space layout randomization on program load. Program. Comput. Softw., 44(5):363–370, 2018.
  55. Varys: Protecting SGX Enclaves from Practical Side-Channel Attacks. In Haryadi S. Gunawi and Benjamin Reed, editors, 2018 USENIX Annual Technical Conference, USENIX ATC 2018, Boston, MA, USA, July 11-13, 2018, pages 227–240. USENIX Association, 2018.
  56. oneAPI-SRC. oneAPI Deep Neural Network Library (oneDNN). https://github.com/oneapi-src/oneDNN. Last accessed: November 27, 2023.
  57. OpenSSL. https://www.openssl.org/. Last accessed: November 12, 2023.
  58. Autarky: closing controlled channels with self-paging enclaves. In EuroSys ’20: Fifteenth EuroSys Conference 2020, Heraklion, Greece, April 27-30, 2020, pages 7:1–7:16. ACM, 2020.
  59. Eleos: Exitless OS services for SGX enclaves. In Gustavo Alonso, Ricardo Bianchini, and Marko Vukolic, editors, Proceedings of the Twelfth European Conference on Computer Systems, EuroSys 2017, Belgrade, Serbia, April 23-26, 2017, pages 238–253. ACM, 2017.
  60. CoSMIX: A compiler-based system for secure memory instrumentation and execution in enclaves. In Dahlia Malkhi and Dan Tsafrir, editors, 2019 USENIX Annual Technical Conference, USENIX ATC 2019, Renton, WA, USA, July 10-12, 2019, pages 555–570. USENIX Association, 2019.
  61. SGX-LKL: securing the host OS interface for trusted execution. CoRR, abs/1908.11143, 2019.
  62. Frontal attack: Leaking control-flow in SGX via the CPU frontend. In Michael Bailey and Rachel Greenstadt, editors, 30th USENIX Security Symposium, USENIX Security 2021, August 11-13, 2021, pages 663–680. USENIX Association, 2021.
  63. CROSSTALK: Speculative data leaks across cores are real.
  64. Keegan Ryan. Hardware-backed heist: Extracting ECDSA keys from qualcomm’s trustzone. In Lorenzo Cavallaro, Johannes Kinder, XiaoFeng Wang, and Jonathan Katz, editors, Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, UK, November 11-15, 2019, pages 181–194. ACM, 2019.
  65. Zombieload: Cross-privilege-boundary data sampling. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, UK, November 11-15, 2019, pages 753–768. ACM, 2019.
  66. Malware guard extension: abusing intel SGX to conceal cache attacks. Cybersecur., 3(1):2, 2020.
  67. SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs. In NDSS 2017. The Internet Society, 2017.
  68. On the effectiveness of address-space randomization. In Vijayalakshmi Atluri, Birgit Pfitzmann, and Patrick D. McDaniel, editors, Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS 2004, Washington, DC, USA, October 25-29, 2004, pages 298–307. ACM, 2004.
  69. T-SGX: eradicating controlled-channel attacks against enclave programs. In NDSS 2017. The Internet Society, 2017.
  70. Preventing Page Faults from Telling Your Secrets. In AsiaCCS 2016, pages 317–328. ACM, 2016.
  71. The Heisenberg Defense: Proactively Defending SGX Enclaves against Page-Table-Based Side-Channel Attacks. CoRR, abs/1712.08519, 2017.
  72. Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX. In Proceedings of the USENIX Annual Technical Conference (ATC), page 8, 2017.
  73. Princeton University. PARSEC. https://parsec.cs.princeton.edu/. Last accessed: August 7, 2019.
  74. Foreshadow: Extracting the Keys to the Intel SGX Kingdom With Transient Out-Of-Order Execution. In 27th USENIX Security Symposium (USENIX Security), pages 991–1008, 2018.
  75. SGX-Step: A practical attack framework for precise enclave execution control. In 2nd Workshop on System Software for Trusted Execution (SysTEX), pages 4:1–4:6. ACM, October 2017.
  76. Malicious Management Unit: Why Stopping Cache Attacks in Software is Harder Than You Think. In USENIX Security 2018, pages 937–954. USENIX Association, 2018.
  77. RIDL: rogue in-flight data load. In 2019 IEEE Symposium on Security and Privacy, SP 2019, San Francisco, CA, USA, May 19-23, 2019, pages 88–105. IEEE, 2019.
  78. Cacheout: Leaking data on intel cpus via cache evictions. CoRR, abs/2006.13353, 2020.
  79. Didi: Mitigating the performance impact of TLB shootdowns using a shared TLB directory. In Lawrence Rauchwerger and Vivek Sarkar, editors, 2011 International Conference on Parallel Architectures and Compilation Techniques, PACT 2011, Galveston, TX, USA, October 10-14, 2011, pages 340–349. IEEE Computer Society, 2011.
  80. Leaky cauldron on the dark land: Understanding memory side-channel hazards in SGX. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, October 30 - November 03, 2017, pages 2421–2434. ACM, 2017.
  81. The severest of them all: Inference attacks against secure virtual enclaves. In Steven D. Galbraith, Giovanni Russello, Willy Susilo, Dieter Gollmann, Engin Kirda, and Zhenkai Liang, editors, Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, AsiaCCS 2019, Auckland, New Zealand, July 09-12, 2019, pages 73–85. ACM, 2019.
  82. Sev-step: A single-stepping framework for amd-sev, 2023.
  83. Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. In Security and Privacy (SP), 2015 IEEE Symposium On, pages 640–656, 2015.
  84. COLORIS: a dynamic cache partitioning system using page coloring. In José Nelson Amaral and Josep Torrellas, editors, International Conference on Parallel Architectures and Compilation, PACT ’14, Edmonton, AB, Canada, August 24-27, 2014, pages 381–392. ACM, 2014.
  85. Truspy: Cache side-channel information leakage from the secure world on ARM devices. IACR Cryptol. ePrint Arch., page 980, 2016.
  86. Trusense: Information leakage from trustzone. In 2018 IEEE Conference on Computer Communications, INFOCOM 2018, Honolulu, HI, USA, April 16-19, 2018, pages 1097–1105. IEEE, 2018.
  87. Klotski: Efficient obfuscated execution against controlled-channel attacks. In ASPLOS ’20: Architectural Support for Programming Languages and Operating Systems, Lausanne, Switzerland, March 16-20, 2020, pages 1263–1276, 2020.
  88. A software approach to defeating side channels in last-level caches. In Edgar R. Weippl, Stefan Katzenbeisser, Christopher Kruegel, Andrew C. Myers, and Shai Halevi, editors, Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, October 24-28, 2016, pages 871–882. ACM, 2016.

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now