system for intel sgx
play

System for Intel SGX Adil Ahmad Kyungtae Kim Muhammad Ihsanulhaq - PowerPoint PPT Presentation

Nov 27, 2023 •46 likes •1.06k views

Obliviate: A Data Oblivious File System for Intel SGX Adil Ahmad Kyungtae Kim Muhammad Ihsanulhaq Sarfaraz Byoungyoung Lee 1 Clouds? The Ultimate Dream? User Clouds 2 Clouds? The Ultimate Dream? User Clouds 2 Clouds? The Ultimate

  1. Obliviate: memory charm against the OS ☺ Application Enclave Filesystem Enclave Obliviate T rusted Proxy ORAM Trees C A B D 2. Encrypted Disk Channel 12

  2. Obliviate: memory charm against the OS ☺ 3. Data Oblivious Application Enclave Filesystem Enclave Metadata Handling Obliviate T rusted Proxy ORAM Trees C A B D Disk 12

  3. Obliviate: memory charm against the OS ☺ Application Enclave Filesystem Enclave Obliviate 4. Asynchronous ORAM Operation T rusted Proxy ORAM Trees C A B D Disk 12

  4. Obliviate: memory charm against the OS ☺ Application Enclave Filesystem Enclave Obliviate T rusted Proxy ORAM Trees C A B D 5. Extended Disk Secure Region 12

  5. Decoupling file system support Application Enclaves Obliviate Disk 13

  6. Decoupling file system support Application Enclaves Obliviate Pass all FS syscalls using encrypted channel Disk 13

  7. Decoupling file system support Application Enclaves Obliviate Allow Obliviate to worry about securing file access Pass all FS syscalls using encrypted channel Disk 13

  8. Decoupling file system support Application Enclaves Obliviate Allow Obliviate to worry about securing file access Separation of functions facilitates development! Pass all FS syscalls using encrypted channel Disk 13

  9. Legacy application support Application 14

  10. Legacy application support Application Intercept FS syscalls and encrypt T rusted Proxy 14

  11. Legacy application support Application Intercept FS syscalls and encrypt T rusted Proxy Oblivate Exit-less message queue (SCONE [OSDI16], ELEOS [EuroSys17]) Disk 14

  12. Legacy application support Application Intercept FS syscalls and encrypt No changes from the app developer! T rusted Proxy Oblivate Exit-less message queue (SCONE [OSDI16], ELEOS [EuroSys17]) Disk 14

  13. Securing ORAM Obliviate Application Disk 15

  14. Securing ORAM Obliviate Need to store ORAM client Application metadata in enclave Position Map Stash Disk 15

  15. Securing ORAM Obliviate ORAM client Application Position Map Obliviate’s enclave is Stash not side-channel free Disk 15

  16. Securing ORAM Obliviate ORAM client Application Position Map Position Map Stash Disk 15

  17. Securing ORAM Obliviate ORAM client Application Position Map Position Map Load from index Stash Disk 15

  18. Securing ORAM Last-Level Cache Obliviate cache-set 0 cache-set 1 ORAM client Application cache-set 2 cache-set 3 Position Map Position Map Stash Page T able Access Frame # 0 0x1000 0 0x1001 0 0x1002 1 0 0x1003 0x1003 Disk 15

  19. Securing ORAM Last-Level Cache Obliviate Use Conditional Move cache-set 0 cache-set 1 (CMOV) ORAM client Application cache-set 2 cache-set 3 Position Map Position Map Stash Page T able Access Frame # 0 0x1000 0 0x1001 0 0x1002 1 0 0x1003 0x1003 Disk 15

  20. Securing ORAM Last-Level Cache Obliviate Use Conditional Move cache-set 0 cache-set 0 cache-set 1 cache-set 1 (CMOV) ORAM client Application cache-set 2 cache-set 2 cache-set 3 Position Map Position Map Stash Page T able Access Frame # 1 0 0x1000 0x1000 0 1 0x1001 0x1001 0 1 0x1002 0x1002 0 1 0x1003 0x1003 Disk 15

  21. Securing ORAM Last-Level Cache Obliviate Use Conditional Move cache-set 0 cache-set 0 cache-set 1 cache-set 1 (CMOV) ORAM client Application cache-set 2 cache-set 2 cache-set 3 Position Map Position Map Stash Page T able Access Frame # 0 1 0x1000 0x1000 0 1 0x1001 0x1001 1 0 0x1002 0x1002 1 0 0x1003 0x1003 The attacker cannot distinguish CMOV from MOV Disk 15

  22. Securing ORAM Last-Level Cache Obliviate Use Conditional Move cache-set 0 cache-set 0 cache-set 1 cache-set 1 (CMOV) ORAM client Application cache-set 2 cache-set 2 Side-channel resistant ORAM implementation! cache-set 3 Position Map Position Map Stash Page T able Access Frame # 0 1 0x1000 0x1000 1 0 0x1001 0x1001 1 0 0x1002 0x1002 0 1 0x1003 0x1003 The attacker cannot distinguish CMOV from MOV Disk 15

  23. Extending Enclave Memory Obliviate Disk 16

  24. Extending Enclave Memory Large enclaves degrade Obliviate performance Program EPC Physical Memory Disk 16

  25. Extending Enclave Memory Large enclaves degrade Obliviate performance ORAM Client Program Position Map Metadata ( small ) inside enclave EPC Stash Physical Memory ORAM Trees ( large ) outside enclave Encrypted ORAM Trees C A B D Disk 16

  26. Extending Enclave Memory Large enclaves degrade Obliviate performance ORAM Client Program Position Map Metadata ( small ) inside enclave EPC Encrypted ORAM trees outside enclave! Stash Physical Memory ORAM Trees ( large ) outside enclave Encrypted ORAM Trees C A B D Disk 16

  27. Leveraging asynchronicity Obliviate Application Communication Thread Operation Thread Encrypted ORAM Trees C A B D Disk 17

  28. Leveraging asynchronicity Obliviate Application Communication Thread (a) read(1, 0x18289, 4096) Operation Thread Encrypted ORAM Trees C A B D Disk 17

  29. Leveraging asynchronicity Obliviate Application Communication Thread (a) read(1, 0x18289, 4096) Operation Thread (b) Read(A) Encrypted ORAM Trees C A B D Disk 17

  30. Leveraging asynchronicity Obliviate Application Communication Thread (a) read(1, 0x18289, 4096) Operation Thread (c) Reply to the request (c) Write-back(A) (b) Read(A) Encrypted ORAM Trees C A B D Disk 17

  31. Leveraging asynchronicity Obliviate Application Communication Thread (a) read(1, 0x18289, 4096) Perform Asynchronous ORAM write-back! Operation Thread (c) Reply to the request (c) Write-back(A) (b) Read(A) Encrypted ORAM Trees C A B D Disk 17

  32. Implementation 1. Obliviate runs using Intel SGX SDK Library 2. Graphene-SGX integration to run “heavyweight” applications, e.g., SQLite and Lighttpd 18

  33. Performance Evaluation Evaluated filesystems: 1. Native Filesystem (Non-SGX) 2. In-memory Filesystem (SGX, based on Graphene-SGX) 3. Obliviate (SGX, based on Intel SGX SDK) 19

  34. Iozone Benchmarks 10000000 10000000 1000000 1000000 100000 100000 10000 10000 1000 1000 100 100 10 10 1 1 2M 128M 512M 1G 2M 128M 512M 1G Native FS In-memory FS Obliviate Native FS In-memory FS Obliviate a) Sequential Reads (Bytes/sec) b) Sequential Writes (Bytes/sec) 20

  35. Iozone Benchmarks 2-3x overhead over the in-memory FS 10000000 10000000 1000000 1000000 100000 100000 10000 10000 1000 1000 100 100 10 10 1 1 2M 128M 512M 1G 2M 128M 512M 1G Native FS In-memory FS Obliviate Native FS In-memory FS Obliviate a) Sequential Reads (Bytes/sec) b) Sequential Writes (Bytes/sec) 20

  36. Iozone Benchmarks In-memory FS exerts a 2-3x overhead over lot of pressure on EPC the in-memory FS 10000000 10000000 1000000 1000000 100000 100000 10000 10000 1000 1000 100 100 10 10 1 1 2M 128M 512M 1G 2M 128M 512M 1G Native FS In-memory FS Obliviate Native FS In-memory FS Obliviate a) Sequential Reads (Bytes/sec) b) Sequential Writes (Bytes/sec) 20

  37. Comparable performance Iozone Benchmarks for smaller file sizes In-memory FS exerts a 2-3x overhead over lot of pressure on EPC the in-memory FS 10000000 10000000 1000000 1000000 100000 100000 10000 10000 1000 1000 100 100 10 10 1 1 2M 128M 512M 1G 2M 128M 512M 1G Native FS In-memory FS Obliviate Native FS In-memory FS Obliviate a) Sequential Reads (Bytes/sec) b) Sequential Writes (Bytes/sec) 20

  38. Macro-Benchmarks 2500 10000 2000 1500 1000 1000 500 0 100 INSERT SELECT 1K 16K 128K 1M In-memory FS Obliviate In-memory FS Obliviate a) SQLite Response Times (milli-sec) b) Lighttpd Throughput (Req/s) 21

  39. Macro-Benchmarks ~2x overhead over in-memory FS 2500 10000 2000 1500 1000 1000 500 0 100 INSERT SELECT 1K 16K 128K 1M In-memory FS Obliviate In-memory FS Obliviate a) SQLite Response Times (milli-sec) b) Lighttpd Throughput (Req/s) 21

  40. Conclusion 22

  41. Conclusion 1. All existing SGX filesystems are vulnerable to side-channels 22

  42. Conclusion 1. All existing SGX filesystems are vulnerable to side-channels 2. File system operations can leak sensitive information about program execution. 22

  43. Conclusion 1. All existing SGX filesystems are vulnerable to side-channels 2. File system operations can leak sensitive information about program execution. 3. Obliviate provides theoretically-strong defense against side- channels. 22

  44. Conclusion 1. All existing SGX filesystems are vulnerable to side-channels 2. File system operations can leak sensitive information about program execution. 3. Obliviate provides theoretically-strong defense against side- channels. Opensource: https://github.com/adilahmad17/Obliviate Contact: ahmad37@purdue.edu 22

  45. Thanks! Merci! Shukriya! 23

  46. Extra Slides 24

  47. Securing file system 25

  48. Securing file system c a b d 25

  49. Securing file system Single ORAM Tree protects file offset c a b d 25

  50. Securing file system Single ORAM Tree protects file offset c a b d c c Hierarchical a b d a b d ORAM Trees can protect files c c c c a b d a b d a a b d b d 25

Recommend

Challenging the Intel Xeon: ARM and OpenPower Now you really have to optimize Mighty Intel

Challenging the Intel Xeon: ARM and OpenPower Now you really have to optimize Mighty Intel

Challenging the Intel Xeon: ARM and OpenPower Now you really have to optimize Mighty Intel Intel had a 99.2 percent market share in server chips (IDC, 2015 Quoted on InfoWorld) We started experimenting with SoCs two

838 views • 47 slides
5G Cloud Native from RAN to Core Christian Maciocco, Intel Shilpa Talwar, Intel Saikrishna

5G Cloud Native from RAN to Core Christian Maciocco, Intel Shilpa Talwar, Intel Saikrishna

5G Cloud Native from RAN to Core Christian Maciocco, Intel Shilpa Talwar, Intel Saikrishna Edupuganti, Intel Muhammad (Asim) Jamshed, Intel 2020 Agenda Cloud Native Disaggregated Network Infrastructure Transition to 5G Near

639 views • 38 slides
Isolating Operating System Components with Intel SGX Lars Richter, Johannes Gtzfried, Tilo

Isolating Operating System Components with Intel SGX Lars Richter, Johannes Gtzfried, Tilo

SysTEX16 Trento, Italy Isolating Operating System Components with Intel SGX Lars Richter, Johannes Gtzfried, Tilo Mller Department of Computer Science FAU Erlangen-Nuremberg, Germany December 12, 2016 Motivation or Why are we here?

393 views • 17 slides
Validation Labs with OpenStack Shuquan Huang, Intel IT Engineering Computing Weibo: @

Validation Labs with OpenStack Shuquan Huang, Intel IT Engineering Computing Weibo: @

Intel IT OpenStack Practice Validation Labs with OpenStack Shuquan Huang, Intel IT Engineering Computing Weibo: @ Intel Information Technology Intel Confidential Do Not Forward Agenda About Me Intel IT with OpenStack

405 views • 39 slides
Due to Code Placement in IA Zia Ansari zia.ansari@intel.com Intel Corporation 11/03/16 Agenda

Due to Code Placement in IA Zia Ansari zia.ansari@intel.com Intel Corporation 11/03/16 Agenda

Causes of Performance Swings Due to Code Placement in IA Zia Ansari zia.ansari@intel.com Intel Corporation 11/03/16 Agenda The purpose of this presentation Intel Architecture FE 101 Lets look at some example So can we do

289 views • 24 slides
Seeding Random Number Generators Jesse Walker Intel Corpora:on

Seeding Random Number Generators Jesse Walker Intel Corpora:on

Seeding Random Number Generators Jesse Walker Intel Corpora:on Intel Labs Circuits and System Research Security Research Lab 1 Agenda The problem

513 views • 13 slides
intel.com/cloudforall Legal Disclaimer OpenStack is a registered trademark of the OpenStack

intel.com/cloudforall Legal Disclaimer OpenStack is a registered trademark of the OpenStack

intel.com/cloudforall Legal Disclaimer OpenStack is a registered trademark of the OpenStack Foundation in the United States, other countries or both. Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other

325 views • 29 slides
SC19 briefing notes J. Simone Intel Ponte Vecchio GPU and OneAPI SW Promotional keynote at Intel

SC19 briefing notes J. Simone Intel Ponte Vecchio GPU and OneAPI SW Promotional keynote at Intel

SC19 briefing notes J. Simone Intel Ponte Vecchio GPU and OneAPI SW Promotional keynote at Intel sponsored HPC Developer Conference by Raja Koduri: senior VP, chief architect, and GM of Architecture, Graphics, and Software at Intel Corporation.

191 views • 6 slides
Intel 8086 Intel 8086 was launched in 1978. It was the first 16-bit microprocessor.

Intel 8086 Intel 8086 was launched in 1978. It was the first 16-bit microprocessor.

10/13/2010 Intel 8086 Intel 8086 was launched in 1978. It was the first 16-bit microprocessor. This microprocessor had major improvement over the execution speed of 8085. Gursharan Singh Tatla professorgstatla@gmail.com It is

268 views • 6 slides
UNECE ac activi vities on s on Intel elligent t tran ansport s system ems Content

UNECE ac activi vities on s on Intel elligent t tran ansport s system ems Content

UNECE ac activi vities on s on Intel elligent t tran ansport s system ems Content Short presentation of the institution WP.29s work so far on automated and connected vehicles New structure of WP.29 Content Short

559 views • 18 slides
Quantitative Evaluation of Intel PEBS Overhead for Online System-Noise Analysis June 27, 2017,

Quantitative Evaluation of Intel PEBS Overhead for Online System-Noise Analysis June 27, 2017,

Quantitative Evaluation of Intel PEBS Overhead for Online System-Noise Analysis June 27, 2017, ROSS @ Washington, DC Soramichi Akiyama, Takahiro Hirofuchi National Institute of Advanced Industrial Science and Technology (AIST), Japan {s.akiyama,

713 views • 18 slides
SVM on Intel Graphics Jesse Barnes Intel Open Source Technology Center 1 What is SVM?

SVM on Intel Graphics Jesse Barnes Intel Open Source Technology Center 1 What is SVM?

SVM on Intel Graphics Jesse Barnes Intel Open Source Technology Center 1 What is SVM? Discussion of current practices SVM OS and driver modifications Device options and implications 2 SVM defined Pointer sharing between CPU

389 views • 18 slides
Optimizing Codes For Intel Xeon Phi Brian Friesen NERSC 2017 July 26 Cori What is different

Optimizing Codes For Intel Xeon Phi Brian Friesen NERSC 2017 July 26 Cori What is different

Optimizing Codes For Intel Xeon Phi Brian Friesen NERSC 2017 July 26 Cori What is different about Cori? Cori is transitioning the NERSC workload to more energy efficient architectures Cray XC40 system with 9688 Intel Xeon Phi

744 views • 39 slides
Intels Corporate Water Strategy Varinder Malik Intel Corporation 1 1 Intel Manufacturing

Intels Corporate Water Strategy Varinder Malik Intel Corporation 1 1 Intel Manufacturing

Intels Corporate Water Strategy Varinder Malik Intel Corporation 1 1 Intel Manufacturing Sites Ireland Oregon Dalian Arizona Israel Massachusetts New Mexico Chengdu Vietnam Costa Rica Penang & Kulim Wafer Fab Assembly/Test

382 views • 8 slides
Partial functional correspondence Michael Bronstein University of Lugano Intel Corporation

Partial functional correspondence Michael Bronstein University of Lugano Intel Corporation

Partial functional correspondence Michael Bronstein University of Lugano Intel Corporation Lyon, 7 July 2016 1/59 Microsoft Kinect 2010 (Acquired by Intel in 2012) 4/59 Different form factor computers featuring Intel RealSense 3D camera

1.1k views • 107 slides
Competing in todays fabless eco -system Keynote @Semi/Gartner Market Symposium, July 7, 2014,

Competing in todays fabless eco -system Keynote @Semi/Gartner Market Symposium, July 7, 2014,

Intel Custom Foundry Competing in todays fabless eco -system Keynote @Semi/Gartner Market Symposium, July 7, 2014, San Francisco Sunit Rikhi Vice President, Technology & Manufacturing Group General Manager, Intel Custom Foundry AGENDA

611 views • 42 slides
PC Refresh in the Consumerized IT Environment David Buchholz, Director of Consumerization, Intel

PC Refresh in the Consumerized IT Environment David Buchholz, Director of Consumerization, Intel

PC Refresh in the Consumerized IT Environment David Buchholz, Director of Consumerization, Intel IT John Mahvi, Business Client Product Line Manager, Intel IT Moderator: Chris Peters, Global Business Marketing Strategist, Intel W hy Refresh

265 views • 11 slides
Intel Case Intel Case Processor Serial Number (PSN) Processor Serial Number (PSN) 5/9/99 Group

Intel Case Intel Case Processor Serial Number (PSN) Processor Serial Number (PSN) 5/9/99 Group

Intel Case Intel Case Processor Serial Number (PSN) Processor Serial Number (PSN) 5/9/99 Group J - Intel Case Issue Issue Intel recently issued a new CPU (Pentium III) with a unique ID number that could be used for intellectual property

818 views • 18 slides
CMS TMS Integration How Using Available Standards Could Help Loc Dufresne de Virel

CMS TMS Integration How Using Available Standards Could Help Loc Dufresne de Virel

CMS TMS Integration How Using Available Standards Could Help Loc Dufresne de Virel Localization Strategist Intel Corporation Intel Information Technology Intel Information Technology 2 Intel Information Technology Intel

293 views • 7 slides
The Design of Malware on Modern Hardware Malware inside Intel SGX enclaves Jeroen van Prooijen

The Design of Malware on Modern Hardware Malware inside Intel SGX enclaves Jeroen van Prooijen

The Design of Malware on Modern Hardware Malware inside Intel SGX enclaves Jeroen van Prooijen University of Amsterdam 29th June 2016 Introduction 2/18 What is Intel SGX? Intel Software Guard Extension (SGX) A vault (enclave) to

353 views • 19 slides
Formal Methods at Intel An Overview John Harrison Intel Corporation Second NASA Formal

Formal Methods at Intel An Overview John Harrison Intel Corporation Second NASA Formal

Formal Methods at Intel An Overview John Harrison Intel Corporation Second NASA Formal Methods Symposium NASA HQ, Washington DC 14th April 2010 (09:0010:00) 0 Table of contents Intels diverse verification problems Verifying

834 views • 45 slides
Formal Methods at Intel An Overview John Harrison Intel Corporation 11th Annual Oregon

Formal Methods at Intel An Overview John Harrison Intel Corporation 11th Annual Oregon

Formal Methods at Intel An Overview John Harrison Intel Corporation 11th Annual Oregon Programming Languages Summer School University of Oregon, Eugene 26th July 2012 (19:0020:00) 0 Table of contents Intels diverse verification

575 views • 45 slides
State of the Intel Kernel Graphics Driver Daniel Vetter, Intel OTC LinuxTag Berlin 2014

State of the Intel Kernel Graphics Driver Daniel Vetter, Intel OTC LinuxTag Berlin 2014

State of the Intel Kernel Graphics Driver Daniel Vetter, Intel OTC LinuxTag Berlin 2014 overview review of the past year: features, driver internals, testing & documentation highlights of upcoming platforms: broadwell, baytrail

801 views • 20 slides
a key TTM enabler KS Ramesh Intel Corporation Designing with leading edge process tech at Intel

a key TTM enabler KS Ramesh Intel Corporation Designing with leading edge process tech at Intel

Std cell library: a key TTM enabler KS Ramesh Intel Corporation Designing with leading edge process tech at Intel Have unbridled access to the latest process technology Can tailor your design to process and vice versa, since you

225 views • 9 slides

More recommend