TME-Box: Scalable In-Process Isolation through Intel TME-MK Memory Encryption

Martin Unterguggenberger*, Lukas Lamster, David Schrammel, Martin Schwarzl, Stefan Mangard

*Korrespondierende/r Autor/-in für diese Arbeit

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem KonferenzbandBegutachtung

Abstract

Efficient cloud computing relies on in-process isolation to optimize performance by running workloads within a single process. Without heavy-weight process isolation, memory safety errors pose a significant security threat by allowing an adversary to extract or corrupt the private data of other co-located tenants. Existing in-process isolation mechanisms are not suitable for modern cloud requirements, e.g., MPK’s 16 protection domains are insufficient to isolate thousands of cloud workers per process. Consequently, cloud service providers have a strong need for lightweight in-process isolation on commodity x86 machines.

This paper presents TME-Box, a novel isolation technique that enables fine-grained and scalable sandboxing on commodity x86 CPUs. By repurposing Intel TME-MK, which is intended for the encryption of virtual machines, TME-Box offers lightweight and efficient in-process isolation. TME-Box enforces that sandboxes use their designated encryption keys for memory interactions through compiler instrumentation. This cryptographic isolation enables fine-grained access control, from single cache lines to full pages, and supports flexible data relocation. In addition, the design of TME-Box allows the efficient isolation of up to 32K concurrent sandboxes. We present a performance-optimized TME-Box prototype, utilizing x86 segment-based addressing, that showcases geomean performance overheads of 5.2 % for data isolation and 9.7 % for code and data isolation, evaluated with the SPEC CPU2017 benchmark suite.
Originalspracheenglisch
TitelNetwork and Distributed System Security (NDSS) Symposium 2025
DOIs
PublikationsstatusAngenommen/In Druck - 2025
VeranstaltungNetwork and Distributed System Security Symposium 2025: NDSS 2025 - San Diego, USA / Vereinigte Staaten
Dauer: 23 Feb. 202528 Feb. 2025
https://www.ndss-symposium.org/ndss2025/

Konferenz

KonferenzNetwork and Distributed System Security Symposium 2025
KurztitelNDSS 2025
Land/GebietUSA / Vereinigte Staaten
OrtSan Diego
Zeitraum23/02/2528/02/25
Internetadresse

Fingerprint

Untersuchen Sie die Forschungsthemen von „TME-Box: Scalable In-Process Isolation through Intel TME-MK Memory Encryption“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren