Aurora: Providing Trusted System Services for Enclaves On an Untrusted System
This addresses security vulnerabilities for enclave-based applications in untrusted systems, though it is incremental as it builds on existing SGX technology.
The paper tackles the lack of trusted system services like clock and network in Intel SGX enclaves, which makes them vulnerable to Iago attacks, by presenting Aurora, an architecture that provides these services via a secure channel, resulting in microsecond accuracy for SQLite and about 1ms overhead for OpenSSL.
Intel SGX provisions shielded executions for security-sensitive computation, but lacks support for trusted system services (TSS), such as clock, network and filesystem. This makes \textit{enclaves} vulnerable to Iago attacks~\cite{DBLP:conf/asplos/CheckowayS13} in the face of a powerful malicious system. To mitigate this problem, we present Aurora, a novel architecture that provides TSSes via a secure channel between enclaves and devices on top of an untrusted system, and implement two types of TSSes, i.e. clock and end-to-end network. We evaluate our solution by porting SQLite and OpenSSL into Aurora, experimental results show that SQLite benefits from a \textit{microsecond} accuracy trusted clock and OpenSSL gains end-to-end secure network with about 1ms overhead.