Protecting Enclaves from Intra-Core Side-Channel Attacks through Physical Isolation

Van Der Maas, M; Moore, SW

Protecting Enclaves from Intra-Core Side-Channel Attacks through Physical Isolation

Published version

Peer-reviewed

Repository URI

https://www.repository.cam.ac.uk/handle/1810/337408

Repository DOI

https://doi.org/10.17863/CAM.84820

Files

Published version (1.14 MB)

Type

Conference Object

Authors

Van Der Maas, M

Moore, SW

Abstract

Systems that protect enclaves from privileged software must consider software-based side-channel attacks. Our system isolates enclaves on separate secure cores to stop attackers from running on the same core as the victim, which mitigates intra-core side-channel attacks. Redesigning the memory hierarchy based on enclave ownership protects enclaves against inter-core side-channel attacks. We implement this system and evaluate it in terms of communication performance, memory overhead and hardware area. Combining physical isolation and a redesigned memory hierarchy protects enclaves against all known software-based side-channel attacks.

Keywords

46 Information and Computing Sciences, 4604 Cybersecurity and Privacy, Clinical Research

Journal Title

CYSARM 2020 - Proceedings of the 2nd Workshop on Cyber-Security Arms Race

Conference Name

CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security

Publisher

ACM

Publisher DOI

https://doi.org/10.1145/3411505.3418437

Rights

Attribution 4.0 International

Sponsorship

Engineering and Physical Sciences Research Council (EP/N509620/1)
EPSRC (via Queen's University Of Belfast) (R1098ECI)
EPSRC (1940704)

Collections

Cambridge University Research Outputs