Montsalvat: Intel SGX shielding for GraalVM native images

The popularity of the Java programming language has led to its wide adoption in cloud computing infrastructures. However, Java applications running in untrusted clouds are vulnerable to various forms of privileged attacks. The emergence of trusted execution environments (TEEs) such as Intel SGX mitigates this problem. TEEs protect code and data in secure enclaves inaccessible to untrusted software, including the kernel and hypervisors. To efficiently use TEEs, developers must manually partition their applications into trusted and untrusted parts, in order to reduce the size of the trusted computing base (TCB) and minimise the risks of security vulnerabilities. However, partitioning applications poses two important challenges: (i) ensuring efficient object communication between the partitioned components, and (ii) ensuring the consistency of garbage collection between the parts, especially with memory-managed languages such as Java. We present Montsalvat, a tool which provides a practical and intuitive annotation-based partitioning approach for Java applications destined for secure enclaves. Montsalvat provides an RMI-like mechanism to ensure inter-object communication, as well as consistent garbage collection across the partitioned components. We implement Montsalvat with GraalVM native-image, a tool for compiling Java applications ahead-of-time into standalone native executables that do not require a JVM at runtime. Our extensive evaluation with micro- and macro-benchmarks shows our partitioning approach to boost performance in real-world applications up to 6.6x (PalDB) and 2.2x (GraphChi) as compared to solutions that naively include the entire applications in the enclave.

[1]  Insik Shin,et al.  SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs , 2017, NDSS.

[2]  Donald E. Porter,et al.  Civet: An Efficient Java Partitioning Framework for Hardware Enclaves , 2020, USENIX Security Symposium.

[3]  Christos Faloutsos,et al.  R-MAT: A Recursive Model for Graph Mining , 2004, SDM.

[4]  Marcelo d'Amorim,et al.  Static Analysis of Implicit Control Flow: Resolving Java Reflection and Android Intents (T) , 2015, 2015 30th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[5]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[6]  Flavio D. Garcia,et al.  VoltPillager: Hardware-based fault injection attacks against Intel SGX Enclaves using the SVID voltage scaling interface , 2021, USENIX Security Symposium.

[7]  Daniele Bonetta,et al.  GraalVM: metaprogramming inside a polyglot system (invited talk) , 2018, Proceedings of the 3rd ACM SIGPLAN International Workshop on Meta-Programming Techniques and Reflection.

[8]  Shoumeng Yan,et al.  Switchless Calls Made Practical in Intel SGX , 2018 .

[9]  Ke Cheng,et al.  CFHider: Control Flow Obfuscation with Intel SGX , 2019, IEEE INFOCOM 2019 - IEEE Conference on Computer Communications.

[10]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[11]  Christian Wimmer,et al.  Scalable pointer analysis of data structures using semantic models , 2020, CC.

[12]  Rüdiger Kapitza,et al.  sgx-perf: A Performance Analysis Tool for Intel SGX Enclaves , 2018, Middleware.

[13]  Shujie Cui,et al.  SGX-LKL: Securing the Host OS Interface for Trusted Execution , 2019, ArXiv.

[14]  Galen C. Hunt,et al.  Shielding Applications from an Untrusted Cloud with Haven , 2014, OSDI.

[15]  Daniel Gruss,et al.  Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory , 2017, USENIX Security Symposium.

[16]  Shweta Shinde,et al.  Panoply: Low-TCB Linux Applications With SGX Enclaves , 2017, NDSS.

[17]  Srinivas Devadas,et al.  Intel SGX Explained , 2016, IACR Cryptol. ePrint Arch..

[18]  David M. Eyers,et al.  Glamdring: Automatic Application Partitioning for Intel SGX , 2017, USENIX ATC.

[19]  Thomas Mauldin,et al.  Runtime Detection of Probing/Tampering on Interconnecting Buses , 2021, 2021 IEEE 29th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM).

[20]  Peter Hofer,et al.  Initialize once, start fast: application initialization at build time , 2019, Proc. ACM Program. Lang..

[21]  Christof Fetzer,et al.  Varys: Protecting SGX Enclaves from Practical Side-Channel Attacks , 2018, USENIX ATC.

[22]  Valerio Schiavoni,et al.  Plinius: Secure and Persistent Machine Learning Model Training , 2021, 2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[23]  Christof Fetzer,et al.  SecureKeeper: Confidential ZooKeeper using Intel SGX , 2016, Middleware.

[24]  Moshe Tennenholtz,et al.  Ranking systems: the PageRank axioms , 2005, EC '05.

[25]  Christos Gkantsidis,et al.  VC3: Trustworthy Data Analytics in the Cloud Using SGX , 2015, 2015 IEEE Symposium on Security and Privacy.

[26]  David M. Eyers,et al.  SCONE: Secure Linux Containers with Intel SGX , 2016, OSDI.

[27]  Stefan Mangard,et al.  Malware Guard Extension: Using SGX to Conceal Cache Attacks , 2017, DIMVA.

[28]  Heming Cui,et al.  Uranus: Simple, Efficient SGX Programming and its Applications , 2020, AsiaCCS.

[29]  Rajeev Balasubramonian,et al.  VAULT: Reducing Paging Overheads in SGX with Efficient Integrity Verification Structures , 2018, ASPLOS.

[30]  T. Alves,et al.  TrustZone : Integrated Hardware and Software Security , 2004 .

[31]  Ion Stoica,et al.  Opaque: An Oblivious and Encrypted Distributed Analytics Platform , 2017, NSDI.

[32]  Pascal Felber,et al.  Supply Chain Malware Targets SGX: Take Care of what you Sign , 2019, 2019 38th Symposium on Reliable Distributed Systems (SRDS).

[33]  Ten-Hwang Lai,et al.  OPERA: Open Remote Attestation for Intel's Secure Enclaves , 2019, CCS.

[34]  Ariel J. Feldman,et al.  Lest we remember: cold-boot attacks on encryption keys , 2008, CACM.

[35]  Mike Barnett,et al.  Annotations for (more) Precise Points-to Analysis , 2007 .

[36]  Todd M. Austin,et al.  Regaining lost cycles with HotCalls: A fast interface for SGX secure enclaves , 2017, 2017 ACM/IEEE 44th Annual International Symposium on Computer Architecture (ISCA).

[37]  Barbara G. Ryder,et al.  Points-to analysis for Java using annotated constraints , 2001, OOPSLA '01.

[38]  Donald E. Porter,et al.  Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX , 2017, USENIX Annual Technical Conference.

[39]  Thomas F. Wenisch,et al.  Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution , 2018, USENIX Security Symposium.

[40]  Guy E. Blelloch,et al.  GraphChi: Large-Scale Graph Computation on Just a PC , 2012, OSDI.

[41]  Guy L. Steele,et al.  The Java Language Specification , 1996 .