Provably Secure Isolation for Interruptible Enclaved Execution on Small Microprocessors: Extended Version

01/29/2020
by   Matteo Busi, et al.
0

Computer systems often provide hardware support for isolation mechanisms like privilege levels, virtual memory, or enclaved execution. Over the past years, several successful software-based side-channel attacks have been developed that break, or at least significantly weaken the isolation that these mechanisms offer. Extending a processor with new architectural or micro-architectural features, brings a risk of introducing new such side-channel attacks. This paper studies the problem of extending a processor with new features without weakening the security of the isolation mechanisms that the processor offers. We propose to use full abstraction as a formal criterion for the security of a processor extension, and we instantiate that criterion to the concrete case of extending a microprocessor that supports enclaved execution with secure interruptibility of these enclaves. This is a very relevant instantiation as several recent papers have shown that interruptibility of enclaves leads to a variety of software-based side-channel attacks. We propose a design for interruptible enclaves, and prove that it satisfies our security criterion. We also implement the design on an open-source enclave-enabled microprocessor, and evaluate the cost of our design in terms of performance and hardware size.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

09/11/2020

HECTOR-V: A Heterogeneous CPU Architecture for a Secure RISC-V Execution Environment

To ensure secure and trustworthy execution of applications, vendors freq...
12/24/2018

MI6: Secure Enclaves in a Speculative Out-of-Order Processor

Recent attacks have broken process isolation by exploiting microarchitec...
05/18/2019

Methodically Defeating Nintendo Switch Security

We explain, step by step, how we strategically circumvented the Nintendo...
06/06/2020

Hardware-Software Contracts for Secure Speculation

Since the discovery of Spectre, a large number of hardware mechanisms fo...
09/09/2021

LEASH: Enhancing Micro-architectural Attack Detection with a Reactive Process Scheduler

Micro-architectural attacks use information leaked through shared resour...
04/29/2019

IRONHIDE: A Secure Multicore Architecture that Leverages Hardware Isolation Against Microarchitecture State Attacks

Modern microprocessors enable aggressive hardware virtualization that ex...
12/13/2021

FlexOS: Towards Flexible OS Isolation

At design time, modern operating systems are locked in a specific safety...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.