SGX-LKL: Securing the Host OS Interface for Trusted Execution

TL;DR

SGX-LKL is a system that securely runs Linux binaries inside Intel SGX enclaves by minimizing and protecting the host OS interface, enabling secure data processing in untrusted cloud environments with acceptable performance overhead.

Contribution

It introduces a minimal, protected, and oblivious host interface for SGX enclaves, including a complete library OS and encrypted, shuffled disk I/O for secure cloud computing.

Findings

Protects TensorFlow training with 21% overhead

Uses only 7 host calls for minimal interface

Encrypts and shuffles disk blocks for oblivious I/O

Abstract

Hardware support for trusted execution in modern CPUs enables tenants to shield their data processing workloads in otherwise untrusted cloud environments. Runtime systems for the trusted execution must rely on an interface to the untrusted host OS to use external resources such as storage, network, and other functions. Attackers may exploit this interface to leak data or corrupt the computation. We describe SGX-LKL, a system for running Linux binaries inside of Intel SGX enclaves that only exposes a minimal, protected and oblivious host interface: the interface is (i) minimal because SGX-LKL uses a complete library OS inside the enclave, including file system and network stacks, which requires a host interface with only 7 calls; (ii) protected because SGX-LKL transparently encrypts and integrity-protects all data passed via low-level I/O operations; and (iii) oblivious because SGX-LKL performs host operations independently of the application workload. For oblivious disk I/O, SGX-LKL uses an encrypted ext4 file system with shuffled disk blocks. We show that SGX-LKL protects TensorFlow training with a 21% overhead.