Provably Secure Isolation for Interruptible Enclaved Execution on Small Microprocessors: Extended Version

TL;DR

This paper introduces a formal security criterion for extending microprocessors with new features, specifically secure interruptible enclaves, and demonstrates its effectiveness through a design, implementation, and evaluation on open-source hardware.

Contribution

It proposes a formal security criterion based on full abstraction for processor extensions and applies it to secure interruptible enclaves, including a practical implementation and evaluation.

Findings

The proposed design satisfies the security criterion.

Implementation on open-source hardware shows acceptable performance overhead.

The approach effectively prevents side-channel attacks related to enclave interruptibility.

Abstract

Computer systems often provide hardware support for isolation mechanisms like privilege levels, virtual memory, or enclaved execution. Over the past years, several successful software-based side-channel attacks have been developed that break, or at least significantly weaken the isolation that these mechanisms offer. Extending a processor with new architectural or micro-architectural features, brings a risk of introducing new such side-channel attacks. This paper studies the problem of extending a processor with new features without weakening the security of the isolation mechanisms that the processor offers. We propose to use full abstraction as a formal criterion for the security of a processor extension, and we instantiate that criterion to the concrete case of extending a microprocessor that supports enclaved execution with secure interruptibility of these enclaves. This is a very relevant instantiation as several recent papers have shown that interruptibility of enclaves leads to a variety of software-based side-channel attacks. We propose a design for interruptible enclaves, and prove that it satisfies our security criterion. We also implement the design on an open-source enclave-enabled microprocessor, and evaluate the cost of our design in terms of performance and hardware size.