QuanShield: Protecting against Side-Channels Attacks using Self-Destructing Enclaves
CoRR(2023)
摘要
Trusted Execution Environments (TEEs) allow user processes to create enclaves
that protect security-sensitive computation against access from the OS kernel
and the hypervisor. Recent work has shown that TEEs are vulnerable to
side-channel attacks that allow an adversary to learn secrets shielded in
enclaves. The majority of such attacks trigger exceptions or interrupts to
trace the control or data flow of enclave execution.
We propose QuanShield, a system that protects enclaves from side-channel
attacks that interrupt enclave execution. The main idea behind QuanShield is to
strengthen resource isolation by creating an interrupt-free environment on a
dedicated CPU core for running enclaves in which enclaves terminate when
interrupts occur. QuanShield avoids interrupts by exploiting the tickless
scheduling mode supported by recent OS kernels. QuanShield then uses the save
area (SA) of the enclave, which is used by the hardware to support interrupt
handling, as a second stack. Through an LLVM-based compiler pass, QuanShield
modifies enclave instructions to store/load memory references, such as function
frame base addresses, to/from the SA. When an interrupt occurs, the hardware
overwrites the data in the SA with CPU state, thus ensuring that enclave
execution fails. Our evaluation shows that QuanShield significantly raises the
bar for interrupt-based attacks with practical overhead.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要