IRONHIDE: A Secure Multicore that Efficiently Mitigates Microarchitecture State Attacks for Interactive Applications
Hamza Omar, Omer Khan

TL;DR
IRONHIDE introduces spatial isolation in multicore processors, enabling secure and insecure processes to interact efficiently without microarchitecture state purging overheads, thus enhancing performance and security against microarchitecture attacks.
Contribution
It proposes a novel multicore architecture with spatially isolated clusters, reducing microarchitecture state attack surface and performance overheads compared to existing solutions like MI6.
Findings
IRONHIDE achieves 2.1x performance improvement over MI6.
It provides 20% better performance than SGX-like baselines.
Strong isolation is maintained against microarchitecture state attacks.
Abstract
Microprocessors enable aggressive hardware virtualization by means of which multiple processes temporally execute on the system. These security-critical and ordinary processes interact with each other to assure application progress. However, temporal sharing of hardware resources exposes the processor to various microarchitecture state attacks. State-of-the-art secure processors, such as MI6 adopt Intel's SGX enclave execution model. MI6 architects strong isolation by statically isolating shared memory state, and purging the microarchitecture state of private core, cache, and TLB resources on every enclave entry and exit. The purging overhead significantly impacts performance as the interactivity across the secure and insecure processes increases. This paper proposes IRONHIDE that implements strong isolation in the context of multicores to form spatially isolated secure and insecure…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
