SERVAS! Secure Enclaves via RISC-V Authenticryption Shield

Stefan Steinegger*, David Schrammel, Samuel Weiser, Pascal Nasahl, Stefan Mangard

*Korrespondierende/r Autor/-in für diese Arbeit

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem KonferenzbandBegutachtung

Abstract

Isolation is a long-standing security challenge. Privilege rings and virtual memory are increasingly augmented with capabilities, protection keys, and powerful enclaves. Moreover, we are facing an increased need for physical protection, e.g., via transparent memory encryption, resulting in a complex interplay of various security mechanisms. In this work, we tackle the isolation challenge with a new extensible isolation primitive called authenticryption shield that unifies various isolation policies. By using authenticated memory encryption, we streamline the security reasoning towards cryptographic guarantees. We showcase the versatility of our approach by designing and prototyping SERVAS – a novel enclave architecture for RISC-V. SERVAS facilitates a new efficient and secure enclave memory sharing mechanism. While the memory encryption constitutes the main overhead, invoking SERVAS enclave requires only 3.5x of a simple syscall instead of 71x for Intel SGX.
Originalspracheenglisch
TitelComputer Security – ESORICS 2021
Untertitel26th European Symposium on Research in Computer Security, Darmstadt, Germany, October 4–8, 2021, Proceedings, Part II
Redakteure/-innenElisa Bertino, Haya Shulman, Michael Waidner
ErscheinungsortCham
Herausgeber (Verlag)Springer
Seiten370-391
Seitenumfang22
ISBN (Print)978-3-030-88427-7
DOIs
PublikationsstatusVeröffentlicht - 2 Okt. 2021
Veranstaltung26th European Symposium on Research in Computer Security: ESORICS 2021 - Darmstadt
Dauer: 4 Okt. 20218 Okt. 2021

Publikationsreihe

NameLecture Notes in Computer Science
Band12973

Konferenz

Konferenz26th European Symposium on Research in Computer Security
KurztitelESORICS 2021
OrtDarmstadt
Zeitraum4/10/218/10/21

ASJC Scopus subject areas

  • Theoretische Informatik
  • Allgemeine Computerwissenschaft

Fingerprint

Untersuchen Sie die Forschungsthemen von „SERVAS! Secure Enclaves via RISC-V Authenticryption Shield“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren