OpenSGX: An Open Platform for SGX Research

Hardware technologies for trusted computing, or trusted execution environments (TEEs), have rapidly matured over the last decade. In fact, TEEs are at the brink of widespread commoditization with the recent introduction of Intel Software Guard Extensions (Intel SGX). Despite such rapid development of TEE, software technologies for TEE significantly lag behind their hardware counterpart, and currently only a select group of researchers have the privilege of accessing this technology. To address this problem, we develop an open source platform, called OpenSGX, that emulates Intel SGX hardware components at the instruction level and provides new system software components necessarily required for full TEE exploration. We expect that the OpenSGX framework can serve as an open platform for SGX research, with the following contributions. First, we develop a fully functional, instruction-compatible emulator of Intel SGX for enabling the exploration of software/hardware design space, and development of enclave programs. OpenSGX provides a platform for SGX development, meaning that it provides not just emulation but also operating system components, an enclave program loader/packager, an OpenSGX user library, debugging, and performance monitoring. Second, to show OpenSGX’s use cases, we applied OpenSGX to protect sensitive information (e.g., directory) of Tor nodes and evaluated their potential performance impacts. Therefore, we believe OpenSGX has great potential for broader communities to spark new research on soon-to-becommodity Intel SGX.

[1]  Ittai Anati,et al.  Innovative Technology for CPU Based Attestation and Sealing , 2013 .

[2]  Ahmad-Reza Sadeghi,et al.  TyTAN: Tiny trust anchor for tiny devices , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[3]  Juan del Cuvillo,et al.  Using innovative instructions to create trustworthy software solutions , 2013, HASP '13.

[4]  Jacob R. Lorch,et al.  TrInc: Small Trusted Hardware for Large Distributed Systems , 2009, NSDI.

[5]  Peter Williams,et al.  CPU Support for Secure Executables , 2011, TRUST.

[6]  Galen C. Hunt,et al.  Shielding Applications from an Untrusted Cloud with Haven , 2014, OSDI.

[7]  Jiang Wang,et al.  SecureSwitch: BIOS-Assisted Isolation and Switch between Trusted and Untrusted Commodity OSes , 2012, NDSS.

[8]  Adrian Perrig,et al.  TrustVisor: Efficient TCB Reduction and Attestation , 2010, 2010 IEEE Symposium on Security and Privacy.

[9]  Michael Norrish,et al.  seL4: formal verification of an OS kernel , 2009, SOSP '09.

[10]  Michael Stumm,et al.  FlexSC: Flexible System Call Scheduling with Exception-Less System Calls , 2010, OSDI.

[11]  Jonathan M. McCune,et al.  OASIS: on achieving a sanctuary for integrity and secrecy on untrusted platforms , 2013, CCS.

[12]  Xiaoxin Chen,et al.  Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems , 2008, ASPLOS.

[13]  Vijay Varadharajan,et al.  TrustLite: a security architecture for tiny embedded devices , 2014, EuroSys '14.

[14]  James Newsome,et al.  Trustworthy Execution on Mobile Devices: What Security Properties Can My Mobile Platform Give Me? , 2012, TRUST.

[15]  Dongsu Han,et al.  A First Step Towards Leveraging Commodity Trusted Execution Environments for Network Applications , 2015, HotNets.

[16]  Jiangtao Li,et al.  Enhanced Privacy ID: A Direct Anonymous Attestation Scheme with Enhanced Revocation Capabilities , 2007, IEEE Transactions on Dependable and Secure Computing.

[17]  Christos Gkantsidis,et al.  VC3: Trustworthy Data Analytics in the Cloud Using SGX , 2015, 2015 IEEE Symposium on Security and Privacy.

[18]  Sanjit A. Seshia,et al.  Moat: Verifying Confidentiality of Enclave Programs , 2015, CCS.

[19]  Carlos V. Rozas,et al.  Innovative instructions and software model for isolated execution , 2013, HASP '13.

[20]  James Newsome,et al.  MiniBox: A Two-Way Sandbox for x86 Native Code , 2014, USENIX ATC.

[21]  Udo Steinberg,et al.  NOVA: a microhypervisor-based secure virtualization architecture , 2010, EuroSys '10.

[22]  Hovav Shacham,et al.  Iago attacks: why the system call API is a bad untrusted RPC interface , 2013, ASPLOS '13.

[23]  Adrian Perrig,et al.  VIPER: verifying the integrity of PERipherals' firmware , 2011, CCS '11.

[24]  Micah Sherr,et al.  Users get routed: traffic correlation on tor by realistic adversaries , 2013, CCS.

[25]  Prateek Mittal,et al.  RAPTOR: Routing Attacks on Privacy in Tor , 2015, USENIX Security Symposium.

[26]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[27]  Peng Ning,et al.  SICE: a hardware-level strongly isolated computing environment for x86 multi-core platforms , 2011, CCS '11.

[28]  Walid Dabbous,et al.  One Bad Apple Spoils the Bunch: Exploiting P2P Applications to Trace and Profile Tor Users , 2011, LEET.

[29]  Fengwei Zhang IOCheck: A framework to enhance the security of I/O devices at runtime , 2013, 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W).

[30]  Benjamin Morin,et al.  What If You Can't Trust Your Network Card? , 2011, RAID.

[31]  Eric C. Price,et al.  Browser-Based Attacks on Tor , 2007, Privacy Enhancing Technologies.

[32]  Stefan Lindskog,et al.  Spoiled Onions: Exposing Malicious Tor Exit Relays , 2014, Privacy Enhancing Technologies.

[33]  Michael K. Reiter,et al.  Flicker: an execution infrastructure for tcb minimization , 2008, Eurosys '08.