research-article

Public Access

SGXElide: enabling enclave code secrecy via self-modification

Authors:

Zhiqiang LinAuthors Info & Claims

CGO '18: Proceedings of the 2018 International Symposium on Code Generation and Optimization

Pages 75 - 86

https://doi.org/10.1145/3168833

Published: 24 February 2018 Publication History

Abstract

Intel SGX provides a secure enclave in which code and data are hidden from the outside world, including privileged code such as the OS or hypervisor. However, by default, enclave code prior to initialization can be disassembled and therefore no secrets can be embedded in the binary. This is a problem for developers wishing to protect code secrets. This paper introduces SGXElide, a nearly-transparent framework that enables enclave code confidentiality. The key idea is to treat program code as data and dynamically restore secrets after an enclave is initialized. SGXElide can be integrated into any enclave, providing a mechanism to securely decrypt or deliver the secret code with the assistance of a developer-controlled trusted remote party. We have implemented SGXElide atop a recently released version of the Linux SGX SDK, and our evaluation with a number of programs shows that SGXElide can be used to protect the code secrecy of practical applications with no overhead after enclave initialization.

References

[1]

https://github.com/kokke/tiny-AES128-C.

[2]

https://github.com/tarequeh/DES.

[3]

https://tools.ietf.org/html/rfc3174.

[4]

https://tools.ietf.org/html/rfc6234.

[5]

https://github.com/poupou9779/z2048.

[6]

http://mordred.dir.bg/biniax/download2.html.

[7]

https://exploit.ph/reverse-engineering/2014/05/11/an-easy-linux-crackme/.

[8]

https://software.intel.com/en-us/forums/intel-software-guard-extensions-intel-sgx/topic/624878.

[9]

Intel software guard extensions sdk for linux os. https://download.01.org/intel-sgx/linux-1.6/docs/Intel_SGX_SDK_Developer_Reference_Linux_1.6_Open_Source.pdf.

[10]

Upx: the ultimate packer for executables. http://upx.sourceforge.net/.

[11]

Intel software guard extensions programming reference. https://software.intel.com/sites/default/files/managed/48/88/329298-002.pdf, Oct. 2014.

[12]

Intel sgx for linux. https://github.com/01org/linux-sgx, June 2016.

[13]

I. Anati, S. Gueron, S. Johnson, and V. Scarlata. Innovative technology for cpu based attestation and sealing. In Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, page 10, 2013.

[14]

S. Arnautov, B. Trach, F. Gregor, T. Knauth, A. Martin, C. Priebe, J. Lind, D. Muthukumaran, D. O'Keeffe, M. Stillwell, et al. Scone: Secure linux containers with intel sgx. In OSDI, pages 689-703, 2016.

Digital Library

[15]

E. Bauman and Z. Lin. A case for protecting computer games with sgx. In Proceedings of the 1st Workshop on System Software for Trusted Execution (SysTEX'16), Trento, Italy, December 2016.

Digital Library

[16]

A. Baumann, M. Peinado, and G. Hunt. Shielding applications from an untrusted cloud with haven. In USENIX Symposium on Operating Systems Design and Implementation (OSDI), 2014.

Digital Library

[17]

A. Baumann, M. Peinado, and G. Hunt. Shielding applications from an untrusted cloud with haven. ACM Transactions on Computer Systems (TOCS), 33(3):8, 2015.

Digital Library

[18]

S. Chandra, V. Karande, Z. Lin, L. Khan, M. Kantarcioglu, and B. Thuraisingham. Securing data analytics on sgx with randomization. In Proceedings of the 22nd European Symposium on Research in Computer Security, Oslo, Norway, September 2017.

[19]

C. S. Collberg and C. Thomborson. Watermarking, tamper-proofing, and obfuscation-tools for software protection. IEEE Transactions on software engineering, 28(8):735-746, 2002.

Digital Library

[20]

Y. Fu, E. Bauman, R. Quinonez, and Z. Lin. Sgx-lapd: Thwarting controlled side channel attacks via enclave verifiable page faults. In Proceedings of the 20th International Symposium on Research in Attacks, Intrusions and Defenses (RAID'17), Atlanta, Georgia. USA, September 2017.

[21]

D. Gruss, J. Lettner, F. Schuster, O. Ohrimenko, I. Haller, and M. Costa. Strong and efficient cache side-channel protection using hardware transactional memory. In 26th USENIX Security Symposium (USENIX Security 17), pages 217-233, Vancouver, BC, 2017. USENIX Association.

Digital Library

[22]

M. Hoekstra, R. Lal, P. Pappachan, V. Phegade, and J. Del Cuvillo. Using innovative instructions to create trustworthy software solutions. In Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy (HASP), pages 1s8, Tel-Aviv, Israel, 2013.

Digital Library

[23]

G. Hoglund and G. McGraw. Exploiting online games: cheating massively distributed systems. Addison-Wesley Professional, 2007.

Digital Library

[24]

D. Kuvaiskii, O. Oleksenko, S. Arnautov, B. Trach, P. Bhatotia, P. Felber, and C. Fetzer. Sgxbounds: Memory safety for shielded execution. In Proceedings of the Twelfth European Conference on Computer Systems, pages 205-221. ACM, 2017.

Digital Library

[25]

T. László and Á. Kiss. Obfuscating c++ programs via control flow flattening. Annales Universitatis Scientarum Budapestinensis de Rolando Eötvös Nominatae, Sectio Computatorica, 30:3-19, 2009.

[26]

J. Lind, C. Priebe, D. Muthukumaran, D. Keeffe, P.-L. Aublin, F. Kelbert, T. Reiher, D. Goltzsche, D. Eyers, R. Kapitza, et al. Glamdring: Automatic application partitioning for intel sgx. In 2017 USENIX Annual Technical Conference (USENIX ATC 17), Santa Clara, CA, 2017.

Digital Library

[27]

C. Linn and S. Debray. Obfuscation of executable code to improve resistance to static disassembly. In Proceedings of the 10th ACM conference on Computer and communications security, pages 290-299. ACM, 2003.

Digital Library

[28]

A. Majumdar, C. Thomborson, and S. Drape. A survey of control-flow obfuscations. In International Conference on Information Systems Security, pages 353-356. Springer, 2006.

Digital Library

[29]

F. McKeen, I. Alexandrovich, A. Berenzon, C. V. Rozas, H. Shafi, V. Shanbhogue, and U. R. Savagaonkar. Innovative instructions and software model for isolated execution. In Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy (HASP), pages 1-8, Tel-Aviv, Israel, 2013.

Digital Library

[30]

T. Mudge, C.-C. Lee, and S. Sechrest. Correlation and aliasing in dynamic branch predictors. In Computer Architecture, 1996 23rd Annual International Symposium on, pages 22-22. IEEE, 1996.

Digital Library

[31]

I. V. Popov, S. K. Debray, and G. R. Andrews. Binary obfuscation using signals. In Usenix Security, 2007.

Digital Library

[32]

W. Rosenblatt, S. Mooney, and W. Trippe. Digital rights management: business and technology. John Wiley & Sons, Inc., 2001.

Digital Library

[33]

F. Schuster, M. Costa, C. Fournet, C. Gkantsidis, M. Peinado, G. Mainar-Ruiz, and M. Russinovich. VC3: Trustworthy Data Analytics in the Cloud using SGX. 2015.

Digital Library

[34]

J. Seo, B. Lee, S. Kim, M.-W. Shih, I. Shin, D. Han, and T. Kim. Sgx-shield: Enabling address space layout randomization for sgx programs. In Proceedings of the 2017 Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, 2017.

[35]

J. Seo, B. Lee, S. Kim, M.-W. Shih, I. Shin, D. Han, and T. Kim. Sgx-shield: Enabling address space layout randomization for sgx programs. In Proceedings of the 2017 Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, 2017.

[36]

F. Shaon, M. Kantarcioglu, Z. Lin, and L. Khan. A practical encrypted data analytic framework with trusted processors. In Proceedings of the 24th ACM Conference on Computer and Communications Security (CCS'17), Dallas, TX, November 2017.

Digital Library

[37]

M.-W. Shih, S. Lee, T. Kim, and M. Peinado. T-sgx: Eradicating controlled-channel attacks against enclave programs. In Proceedings of the 2017 Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, 2017.

[38]

C.-C. Tsai, D. E. Porter, and M. Vij. Graphene-sgx: A practical library os for unmodified applications on sgx. In 2017 USENIX Annual Technical Conference (USENIX ATC), 2017.

Digital Library

[39]

Y. Xu, W. Cui, and M. Peinado. Controlled-channel attacks: Deterministic side channels for untrusted operating systems. In Security and Privacy (SP), 2015 IEEE Symposium on, pages 640-656. IEEE, 2015.

Digital Library

Cited By

Yu JJaeger TFletcher CSolihin YHeinrich M(2023)All Your PC Are Belong to Us: Exploiting Non-control-Transfer Instruction BTB Updates for Dynamic PC ExtractionProceedings of the 50th Annual International Symposium on Computer Architecture10.1145/3579371.3589100(1-14)Online publication date: 17-Jun-2023
https://dl.acm.org/doi/10.1145/3579371.3589100
Zhan DYu XZhang HYe L(2023)ErrHunter: Detecting Error-Handling Bugs in the Linux Kernel Through Systematic Static AnalysisIEEE Transactions on Software Engineering10.1109/TSE.2022.316015549:2(684-698)Online publication date: 1-Feb-2023
https://doi.org/10.1109/TSE.2022.3160155
Zhang XWang JCheng YLi QSun KZheng YZhang NLi X(2023)Interface-Based Side Channel in TEE-Assisted Networked ServicesIEEE/ACM Transactions on Networking10.1109/TNET.2023.329401932:1(613-626)Online publication date: 17-Jul-2023
https://dl.acm.org/doi/10.1109/TNET.2023.3294019
Show More Cited By

Recommendations

A taxonomy of self-modifying code for obfuscation

Self-modifying code is frequently used as an additional layer of complexity when obfuscating code. Although it does not provide a provable level of obfuscation, it is generally assumed to make attacks more expensive. This paper attempts to quantify the ...
Self-Modifying Code: A Provable Technique for Enhancing Program Obfuscation

This article describes how code obfuscation techniques aim to conceal the functionality of a program by mystifying the code so that it is unreadable or in an incomprehensible format. Since the objective of this article is to make a program obfuscated, ...
Code Obfuscation: Why is This Still a Thing?
CODASPY '18: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy
Early developments in code obfuscation were chiefly motivated by the needs of Digital Rights Management (DRM). Other suggested applications included intellectual property protection of software and code diversification to combat the monoculture problem ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CGO '18: Proceedings of the 2018 International Symposium on Code Generation and Optimization

February 2018

377 pages

ISBN:9781450356176

DOI:10.1145/3179541

General Chairs:
Jens Knoop
Vienna University of Technology, Austria
,
Markus Schordan
Lawrence Livermore National Laboratory, USA
,
Program Chairs:
Teresa Johnson
Google, USA
,
Michael O'Boyle
University of Edinburgh, UK

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGPLAN: ACM Special Interest Group on Programming Languages
SIGMICRO: ACM Special Interest Group on Microarchitectural Research and Processing
IEEE-CS: Computer Society

Publisher

Association for Computing Machinery

New York, NY, United States

Publication Notes

Badge change: Article originally badged under Version 1.0 guidelines https://www.acm.org/publications/policies/artifact-review-badging

Publication History

Published: 24 February 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Badges

Author Tags

Qualifiers

Research-article

Funding Sources

NSF

Conference

CGO '18

Sponsor:

CGO '18: 16th Annual IEEE/ACM International Symposium on Code Generation and Optimization

February 24 - 28, 2018

Vienna, Austria

Acceptance Rates

Overall Acceptance Rate 312 of 1,061 submissions, 29%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

12
Total Citations
View Citations
764
Total Downloads

Downloads (Last 12 months)119
Downloads (Last 6 weeks)26

Reflects downloads up to 20 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Yu JJaeger TFletcher CSolihin YHeinrich M(2023)All Your PC Are Belong to Us: Exploiting Non-control-Transfer Instruction BTB Updates for Dynamic PC ExtractionProceedings of the 50th Annual International Symposium on Computer Architecture10.1145/3579371.3589100(1-14)Online publication date: 17-Jun-2023
https://dl.acm.org/doi/10.1145/3579371.3589100
Zhan DYu XZhang HYe L(2023)ErrHunter: Detecting Error-Handling Bugs in the Linux Kernel Through Systematic Static AnalysisIEEE Transactions on Software Engineering10.1109/TSE.2022.316015549:2(684-698)Online publication date: 1-Feb-2023
https://doi.org/10.1109/TSE.2022.3160155
Zhang XWang JCheng YLi QSun KZheng YZhang NLi X(2023)Interface-Based Side Channel in TEE-Assisted Networked ServicesIEEE/ACM Transactions on Networking10.1109/TNET.2023.329401932:1(613-626)Online publication date: 17-Jul-2023
https://dl.acm.org/doi/10.1109/TNET.2023.3294019
Khan AZou MKim KXu DBianchi ATian D(2023)Fuzzing SGX Enclaves via Host Program Mutations2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP57164.2023.00035(472-488)Online publication date: Jul-2023
https://doi.org/10.1109/EuroSP57164.2023.00035
Yu JGe XJaeger TFletcher CCui W(2022)Pagoda: Towards Binary Code Privacy Protection with SGX-based Execute-Only Memory2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED)10.1109/SEED55351.2022.00019(133-144)Online publication date: Sep-2022
https://doi.org/10.1109/SEED55351.2022.00019
Hwang WLee CKim B(2021)SGX -Capsule: A Confidential Execution Engine for Unmodified Libraries on SGX Enclave2021 IEEE International Conference on Cloud Engineering (IC2E)10.1109/IC2E52221.2021.00045(276-277)Online publication date: Oct-2021
https://doi.org/10.1109/IC2E52221.2021.00045
Liu WWang WChen HWang XLu YChen KWang XShen QChen YTang H(2021)Practical and Efficient in-Enclave Verification of Privacy Compliance2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN48987.2021.00052(413-425)Online publication date: Jun-2021
https://doi.org/10.1109/DSN48987.2021.00052
Brandão AResende JMartins R(2020)Employment of Secure Enclaves in Cheat Detection HardeningTrust, Privacy and Security in Digital Business10.1007/978-3-030-58986-8_4(48-62)Online publication date: 14-Sep-2020
https://dl.acm.org/doi/10.1007/978-3-030-58986-8_4
Alder FAsokan NKurnikov APaverd ASteiner MSion RPapamanthou C(2019)S-FaaSProceedings of the 2019 ACM SIGSAC Conference on Cloud Computing Security Workshop10.1145/3338466.3358916(185-199)Online publication date: 11-Nov-2019
https://dl.acm.org/doi/10.1145/3338466.3358916
Wang HBauman EKarande VLin ZCheng YZhang YGalbraith SRussello GSusilo WGollmann DKirda ELiang Z(2019)Running Language Interpreters Inside SGXProceedings of the 2019 ACM Asia Conference on Computer and Communications Security10.1145/3321705.3329848(114-121)Online publication date: 2-Jul-2019
https://dl.acm.org/doi/10.1145/3321705.3329848
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents