KVSEV: A Secure In-Memory Key-Value Store with Secure Encrypted Virtualization
Authors: 
Junseung You, Kyeongryong Lee, Hyungon Moon, Yeongpil Cho, Yunheung PaekAuthors Info & Claims
Pages 233 - 248
Abstract
AMD's Secure Encrypted Virtualization (SEV) is a hardware-based Trusted Execution Environment (TEE) designed to secure tenants' data on the cloud, even against insider threats. The latest version of SEV, SEV-Secure Nested Paging (SEV-SNP), offers protection against most well-known attacks such as cold boot and hypervisor-based attacks. However, it remains susceptible to a specific type of attack known as Active DRAM Corruption (ADC), where attackers manipulate memory content using specially crafted memory devices. The in-memory key-value store (KVS) on SEV is a prime target for ADC attacks due to its critical role in cloud infrastructure and the predictability of its data structures. To counter this threat, we propose KVSEV, an in-memory KVS resilient to ADC attacks. KVSEV leverages SNP's Virtual Machine Management (VMM) and attestation mechanism to protect the integrity of key-value pairs, thereby securing the KVS from ADC attacks. Our evaluation shows that KVSEV secures in-memory KVSs on SEV with a performance overhead comparable to other secure in-memory KVS solutions.
References
[1]
AMD. 2016. AMD Secure Encrypted Virtualization (SEV) - AMD. https://developer.amd.com/sev/. Accessed: 2022-03.
[2]
AMD. 2020. AMD SEV-SNP: Strengthening VM isolation with integrity protection and more. White Paper, January (2020).
[3]
AMDESE. 2016. AMDESE_Linux. https://github.com/AMDESE/linux. [Online; accessed 2022-03].
[4]
Arvind Arasu, Badrish Chandramouli, Johannes Gehrke, Esha Ghosh, Donald Kossmann, Jonathan Protzenko, Ravi Ramamurthy, Tahina Ramananandro, Aseem Rastogi, Srinath Setty, et al. 2021. FastVer: Making Data Integrity a Commodity. In Proceedings of the 2021 International Conference on Management of Data. 89--101.
[5]
Arvind Arasu, Ken Eguro, Raghav Kaushik, Donald Kossmann, Pingfan Meng, Vineet Pandey, and Ravi Ramamurthy. 2017. Concerto: A high concurrency key-value store with integrity. In Proceedings of the 2017 ACM International Conference on Management of Data. 251--266.
[6]
Maurice Bailleu, Dimitra Giantsidi, Vasilis Gavrielatos, Vijay Nagarajan, Pramod Bhatotia, et al. 2021. Avocado: A Secure In-Memory Distributed Storage System. In 2021 USENIX Annual Technical Conference (USENIX ATC 21). 65--79.
[7]
Maurice Bailleu, Jörg Thalheim, Pramod Bhatotia, Christof Fetzer, Michio Honda, and Kapil Vaswani. 2019. SPEICHER: Securing lsm-based key-value stores using shielded execution. In 17th USENIX Conference on File and Storage Technologies (FAST 19). 173--190.
[8]
Rodrigo Branco and Shay Gueron. 2016. Blinded random corruption attacks. In 2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). IEEE, 85--90.
[9]
Intel Corporation. 2017. TinyCrypt - TinyCrypt Cryptographic Library. https://github.com/tinycrypt. [Online; accessed 2022-03].
[10]
A Micro Devices. 2006. AMD64 architecture programmer's manual volume 2: System programming.
[11]
Zhao-Hui Du, Zhiwei Ying, Zhenke Ma, Yufei Mai, Phoebe Wang, Jesse Liu, and Jesse Fang. 2017. Secure encrypted virtualization is unsecure. arXiv preprint arXiv:1712.05090 (2017).
[12]
Loïc Duflot, Yves-Alexis Perez, Guillaume Valadon, and Olivier Levillain. 2010. Can you still trust your network card. CanSecWest/core10 (2010), 24--26.
[13]
Reouven Elbaz, David Champagne, Catherine Gebotys, Ruby B Lee, Nachiketh Potlapally, and Lionel Torres. 2009. Hardware mechanisms for memory authentication: A survey of existing techniques and engines. Transactions on Computational Science IV (2009), 1--22.
[14]
Reouven Elbaz, Lionel Torres, Gilles Sassatelli, Pierre Guillemin, Michel Bardouillet, and Albert Martinez. 2006. A parallelized way to provide data encryption and integrity checking on a processor-memory bus. In Proceedings of the 43rd annual Design Automation Conference. 506--509.
[15]
NCC Group. 2018. TPM Genie: Interposer Attacks Against the Trusted Platform Module Serial Bus. https://www.nccgroup.com/globalassets/about-us/us/documents/tpm-genie.pdf. Accessed: 2022-11.
[16]
Shay Gueron. 2016. A memory encryption engine suitable for general purpose processors. IACR Cryptol. ePrint Arch. 2016 (2016), 204.
[17]
J Alex Halderman, Seth D Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A Calandrino, Ariel J Feldman, Jacob Appelbaum, and Edward W Felten. 2009. Lest we remember: cold-boot attacks on encryption keys. Commun. ACM 52, 5 (2009), 91--98.
[18]
Felicitas Hetzelt and Robert Buhren. 2017. Security Analysis of Encrypted Virtual Machines. SIGPLAN Not. 52, 7 (apr 2017), 129--142. https://doi.org/10.1145/3140607.3050763
[19]
Felicitas Hetzelt and Robert Buhren. 2017. Security analysis of encrypted virtual machines. ACM SIGPLAN Notices 52, 7 (2017), 129--142.
[20]
IBM. 2019. IBM's TPM 2.0 TSS. https://sourceforge.net/projects/ibmtpm20tss. Accessed: 2023-09.
[21]
Intel. 2016. SGX documentation: sgx_create_monotonic_counter. https://software.intel.com/en-us/node/696638. Accessed: 2023-09.
[22]
Intel. 2019. Intel Hardware Shield - Intel Total Memory Encryption. https://www.intel.com/content/dam/www/central-libraries/us/en/documents/white-paper-intel-tme.pdf. Accessed: 2022-04.
[23]
Intel. 2021. 11th Generation Intel Core Processor Desktop. https://cdrdv2.intel.com/v1/dl/getContent/634648. Accessed: 2022-04.
[24]
Intel. 2022. 12th Generation Intel Core Processors. https://cdrdv2.intel.com/v1/dl/getContent/655258. Accessed: 2022-04.
[25]
David Kaplan. 2017. Protecting vm register state with sev-es. White paper, Feb (2017).
[26]
David Kaplan, Jeremy Powell, and Tom Woller. 2016. AMD memory encryption. White paper (2016).
[27]
Zijo Kenjar, Tommaso Frassetto, David Gens, Michael Franz, and Ahmad-Reza Sadeghi. 2020. V0LTpwn: Attacking x86 Processor Integrity from Software. In 29th USENIX Security Symposium (USENIX Security 20). 1445--1461.
[28]
Igjae Kim, J. Hyun Kim, Minu Chung, HyunGon Moon, and Sam H. Noh. 2022. A Log-Structured Merge Tree-aware Message Authentication Scheme for Persistent Key-Value Stores. In 20th USENIX Conference on File and Storage Technologies (FAST 22). USENIX Association, Santa Clara, CA, 363--380. https://www.usenix.org/conference/fast22/presentation/kim-igjae
[29]
Taehoon Kim, Joongun Park, Jaewook Woo, Seungheun Jeon, and Jaehyuk Huh. 2019. Shieldstore: Shielded in-memory key-value storage with sgx. In Proceedings of the Fourteenth EuroSys Conference 2019. 1--15.
[30]
Andreas Kogler, Daniel Gruss, and Michael Schwarz. 2022. Minefield: A Software-only Protection for SGX Enclaves against DVFS Attacks. In USENIX Security Symposium.
[31]
Mengyuan Li, Luca Wilke, Jan Wichelmann, Thomas Eisenbarth, Radu Teodorescu, and Yinqian Zhang. 2022. A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP. In 2022 IEEE Symposium on Security and Privacy (SP). IEEE Computer Society, 1541--1541.
[32]
Mengyuan Li, Yinqian Zhang, Zhiqiang Lin, and Yan Solihin. 2019. Exploiting unprotected i/o operations in amd's secure encrypted virtualization. In 28th USENIX Security Symposium (USENIX Security 19). 1257--1272.
[33]
Mengyuan Li, Yinqian Zhang, Huibo Wang, Kang Li, and Yueqiang Cheng. 2021. CIPHERLEAKS: Breaking Constant-time Cryptography on AMDSEV via the Ciphertext Side Channel. In 30th USENIX Security Symposium (USENIX Security 21). 717--732.
[34]
Ashish Lingayat, Ranjana R Badre, and Anil Kumar Gupta. 2018. Performance evaluation for deploying docker containers on baremetal and virtual machine. In 2018 3rd International Conference on Communication and Electronics Systems (ICCES). IEEE, 1019--1023.
[35]
Ming Mao and Marty Humphrey. 2012. A performance study on the vm startup time in the cloud. In 2012 IEEE Fifth International Conference on Cloud Computing. IEEE, 423--430.
[36]
MemCached. 2014. memcached - a distributed memory object caching system. http://memcached.org. Accessed: 2022-03.
[37]
Mathias Morbitzer, Manuel Huber, and Julian Horsch. 2019. Extracting secrets from encrypted virtual machines. In Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy. 221--230.
[38]
Mathias Morbitzer, Manuel Huber, Julian Horsch, and Sascha Wessel. 2018. Severed: Subverting amd's virtual machine encryption. In Proceedings of the 11th European Workshop on Systems Security. 1--6.
[39]
Mathias Morbitzer, Sergej Proskurin, Martin Radev, Marko Dorfhuber, and Erick Quintanar Salas. 2021. SEVerity: Code Injection Attacks against Encrypted Virtual Machines. arXiv preprint arXiv:2105.13824 (2021).
[40]
Kit Murdock, David Oswald, Flavio D Garcia, Jo Van Bulck, Daniel Gruss, and Frank Piessens. 2020. Plundervolt: Software-based fault injection attacks against Intel SGX. In 2020 IEEE Symposium on Security and Privacy (SP). IEEE, 1466--1482.
[41]
Pengfei Qiu, Dongsheng Wang, Yongqiang Lyu, and Gang Qu. 2019. VoltJockey: Breaching TrustZone by software-controlled voltage manipulation over multi-core frequencies. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. 195--209.
[42]
Pengfei Qiu, Dongsheng Wang, Yongqiang Lyu, Ruidong Tian, Chunlu Wang, and Gang Qu. 2020. VoltJockey: A New Dynamic Voltage Scaling-Based Fault Injection Attack on Intel SGX. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 40, 6 (2020), 1130--1143.
[43]
Anja Rabich, Thomas Eisenbarth, and Luca Wilke. 2020. Software-based Undervolting Faults in AMD Zen Processors. (2020).
[44]
Martin Radev and Mathias Morbitzer. 2020. Exploiting Interfaces of Secure Encrypted Virtual Machines. In Reversing and Offensive-oriented Trends Symposium. 1--12.
[45]
Redis. 2015. Redis. https://redis.io. Accessed: 2022-03.
[46]
Albert Reuther, Peter Michaleas, Andrew Prout, and Jeremy Kepner. 2012. HPC-VMs: Virtual machines in high performance computing systems. In 2012 IEEE Conference on High Performance Extreme Computing. IEEE, 1--6.
[47]
Joerg Roedel. 2020. Joerg Roedel. 2020. x86/sev-es: Do not support MMIO to/from encrypted memory. https://git.kernel.org/pub/scm/linux/kernel/git/joro/linux.git/commit/?h=sev-es-tip-updates&id=5282faf01e085d57658a39494ea760c2b7309f3d. Accessed: 2022-01.
[48]
Brian Rogers, Siddhartha Chhabra, Milos Prvulovic, and Yan Solihin. 2007. Using address independent seed encryption and bonsai merkle trees to make secure processors os-and performance-friendly. In 40th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO 2007). IEEE, 183--196.
[49]
FuturePlus System. 2016. DDR2 800 Bus Analysis Probe. http://www.futureplus.com/News-Releases/fs2332_pr_010604.pdf. Accessed: 2022-11.
[50]
Meysam Taassori, Ali Shafiee, and Rajeev Balasubramonian. 2018. VAULT: Reducing paging overheads in SGX with efficient integrity verification structures. In Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems. 665--678.
[51]
T.C.Group. 2019. TPM Library Part 1: Architecture, Family "2.0", Level 00, Revision 01.38. http://www.trustedcomputinggroup.org/resources/tpm_library_specification. Accessed: 2023-09.
[52]
Jo Van Bulck, Frank Piessens, and Raoul Strackx. 2017. SGX-Step: A practical attack framework for precise enclave execution control. In Proceedings of the 2nd Workshop on System Software for Trusted Execution. 1--6.
[53]
Luca Wilke, Jan Wichelmann, Mathias Morbitzer, and Thomas Eisenbarth. 2020. SEVurity: No Security Without Integrity: Breaking Integrity-Free Memory Encryption with Minimal Assumptions. In 2020 IEEE Symposium on Security and Privacy (SP). IEEE, 1483--1496.
[54]
David Wragg. 2016. KVM hello world. https://github.com/dpw/kvm-hello-world. [Online; accessed 2022-03].
[55]
ycsb. 2017. YCSB. https://github.com/brianfrankcooper/YCSB. Accessed: 2022-03.
[56]
Shijun Zhao, Qianying Zhang, Yu Qin, Wei Feng, and Dengguo Feng. 2019. Minimal kernel: an operating system architecture for TEE to resist board level physical attacks. In 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2019). 105--120.
Index Terms
- KVSEV: A Secure In-Memory Key-Value Store with Secure Encrypted Virtualization
Recommendations
CrossLine: Breaking "Security-by-Crash" based Memory Isolation in AMD SEV
CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications SecurityAMD's Secure Encrypted Virtualization (SEV) is an emerging security feature of modern AMD processors that allows virtual machines to run with encrypted memory and perform confidential computing even with an untrusted hypervisor. This paper first ...
TLB Poisoning Attacks on AMD Secure Encrypted Virtualization
ACSAC '21: Proceedings of the 37th Annual Computer Security Applications ConferenceAMD’s Secure Encrypted Virtualization (SEV) is an emerging technology of AMD server processors, which provides transparent memory encryption and key management for virtual machines (VM) without trusting the underlying hypervisor. Like Intel Software ...
TEE-KV: Secure Immutable Key-Value Store for Trusted Execution Environments
SoCC '18: Proceedings of the ACM Symposium on Cloud ComputingTrusted Execution Environments (TEEs) ensure strong data confidentiality for applications running in the TEEs even on untrusted servers. In particular, TEEs are expected to bring significant benefits to blockchain workloads for enterprise because it ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
October 2023
624 pages
ISBN:9798400703874
DOI:10.1145/3620678
Copyright © 2023 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 31 October 2023
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
Acceptance Rates
Overall Acceptance Rate 169 of 722 submissions, 23%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 317Total Downloads
- Downloads (Last 12 months)175
- Downloads (Last 6 weeks)15
Reflects downloads up to 31 Jan 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in