Aegis: A single-chip secure processor

Suh, G.; O'Donnell, Barry; Devadas, Srinivas

doi:10.1109/mdt.2007.4343587

Cited by 18 publications

(18 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Our current design for an oblivious execution framework is SGX-specific. However, we believe its design characteristics and optimization techniques are general, which can be applied to other trusted platforms such as AEGIS [51], Ascend [52], XOM [53], Bastion [54], Sanctum [55]. For example, our register-based stash ( §V-B1) can be considered as a generic optimization for ORAM, if the underlying trust architecture shares any of memory-related subsystem such as cache, TLB, MMU, and DRAM.…”

Section: Discussionmentioning

confidence: 99%

OBFUSCURO: A Commodity Obfuscation Engine on Intel SGX

Ahmad¹,

Joe²,

Xiao³

et al. 2019

Proceedings 2019 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Program obfuscation is a popular cryptographic construct with a wide range of uses such as IP theft prevention. Although cryptographic solutions for program obfuscation impose impractically high overheads, a recent breakthrough leveraging trusted hardware has shown promise. However, the existing solution is based on special-purpose trusted hardware, restricting its use-cases to a limited few. In this paper, we first study if such obfuscation is feasible based on commodity trusted hardware, Intel SGX, and we observe that certain important security considerations are not afforded by commodity hardware. In particular, we found that existing obfuscation/obliviousness schemes are insecure if directly applied to Intel SGX primarily due to side-channel limitations. To this end, we present OBFUSCURO, the first system providing program obfuscation using commodity trusted hardware, Intel SGX. The key idea is to leverage ORAM operations to perform secure code execution and data access. Initially, OBFUSCURO transforms the regular program layout into a side-channelsecure and ORAM-compatible layout. Then, OBFUSCURO ensures that its ORAM controller performs data oblivious accesses in order to protect itself from all memory-based side-channels. Furthermore, OBFUSCURO ensures that the program is secure from timing attacks by ensuring that the program always runs for a pre-configured time interval. Along the way, OBFUSCURO also introduces a systematic optimization such as register-based ORAM stash. We provide a thorough security analysis of OBFUSCURO along with empirical attack evaluations showing that OBFUSCURO can protect the SGX program execution from being leaked by access pattern-based and timing-based channels. We also provide a detailed performance benchmark results in order to show the practical aspects of OBFUSCURO.

show abstract

Section: Discussionmentioning

confidence: 99%

OBFUSCURO: A Commodity Obfuscation Engine on Intel SGX

Ahmad¹,

Joe²,

Xiao³

et al. 2019

Proceedings 2019 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

show abstract

“…The state-of-the-art secure processor, AEGIS [2], was designed to only reveal the data inside the processor. Therefore any data leaving the processor is encrypted.…”

Section: A Plaintext Processingmentioning

confidence: 99%

“…However, in reality the only entity that can be truly trusted is the user themselves. A physical approach to privacy preserving data processing is with Field-Programmable Gate Arrays (FPGAs) and custom hardware, which bestow greater security and privacy over their software alternatives [2] [3]. We propose Secure FPGA as a Service (SFaaS) to leverage these security properties of FPGAs to harden the cloud against both insider and outsider threats.…”

Section: Introductionmentioning

confidence: 99%

Secure FPGA as a Service — Towards Secure Data Processing by Physicalizing the Cloud

Will

2017

2017 IEEE Trustcom/BigDataSE/Icess

View full text Add to dashboard Cite

Securely processing data in the cloud is still a difficult problem, even with homomorphic encryption and other privacy preserving schemes. Hardware solutions provide additional layers of security and greater performance over their software alternatives. However by definition the cloud should be flexible and adaptive, often viewed as abstracting services from products. By creating services reliant on custom hardware, the core essence of the cloud is lost. FPGAs bridge this gap between software and hardware with programmable logic, allowing the cloud to remain abstract. FPGA as a Service (FaaS) has been proposed for a greener cloud, but not for secure data processing. This paper explores the possibility of Secure FaaS in the cloud for privacy preserving data processing, describes the technologies required, identifies use cases, and highlights potential challenges.

show abstract

“…Architectural support for physical RAM privacy. There have been many designs for encrypting physical memory to counter physical attacks (e.g., [34,35,36,21,37,18,38,39,40,41]). Representation examples are: 1) protecting data privacy by performing decryption in parallel to memory access [21]; 2) protecting data privacy and integrity in distributed shared memory multi-processors systems [39] by adapting the Galois/Counter Mode of operation with the counter-mode encryption [38], or by using the address independent counter-mode encryption and Merkle tree built on top of the counters [42]; 3) preventing secret leakage against intrusive memory attack by integrating secret sharing and coding based schemes [40]; 4) a hybrid hardware-software approach to full system security named SecureME [41].…”

Section: Related Workmentioning

confidence: 99%

Multi-processor architectural support for protecting virtual machine privacy in untrusted cloud environment

Wen

Lee

Liu

et al. 2013

Proceedings of the ACM International Conference on Computing Frontiers

View full text Add to dashboard Cite

Virtualization is fundamental to cloud computing because it allows multiple operating systems to run simultaneously on a physical machine. However, it also brings a range of security/privacy problems. One particularly challenging and important problem is: how can we protect the Virtual Machines (VMs) from being attacked by Virtual Machine Monitors (VMMs) and/or by the cloud vendors when they are not trusted? In this paper, we propose an architectural solution to the above problem in multi-processor cloud environments. Our key idea is to exploit hardware mechanisms to enforce access control over the shared resources (e.g., memory spaces), while protecting VM memory integrity as well as inter-processor communications and data sharing. We evaluate the solution using full-system emulation and cycle-based architecture models. Experiments based on 20 benchmark applications show that the performance overhead is 1.5%-10% when access control is enforced, and 9%-19% when VM memory is encrypted.

show abstract

Aegis: A single-chip secure processor

Cited by 18 publications

References 5 publications

OBFUSCURO: A Commodity Obfuscation Engine on Intel SGX

OBFUSCURO: A Commodity Obfuscation Engine on Intel SGX

Secure FPGA as a Service — Towards Secure Data Processing by Physicalizing the Cloud

Multi-processor architectural support for protecting virtual machine privacy in untrusted cloud environment

Contact Info

Product

Resources

About