SERVAS! Secure Enclaves via RISC-V Authenticryption Shield
This addresses the problem of complex and inefficient isolation mechanisms for system architects and security analysts, offering a novel approach with specific performance improvements.
The paper tackles the challenge of software isolation by introducing an authenticryption shield that unifies traditional and advanced isolation policies, resulting in SERVAS, a RISC-V enclave architecture that reduces enclave entry/exit overhead to 3.5x of a simple syscall compared to 71x for Intel SGX.
Isolation is a long-standing challenge of software security. Traditional privilege rings and virtual memory are more and more augmented with concepts such as capabilities, protection keys, and powerful enclaves. At the same time, we are evidencing an increased need for physical protection, shifting towards full memory encryption schemes. This results in a complex interplay of various security mechanisms, increasing the burden for system architects and security analysts. In this work, we tackle the isolation challenge with a new isolation primitive called authenticryption shield that unifies both traditional and advanced isolation policies while offering the potential for future extensibility. At the core, we build upon an authenticated memory encryption scheme that gives cryptographic isolation guarantees and, thus, streamlines the security reasoning. We showcase the versatility of our approach by designing and prototyping SERVAS -- an innovative enclave architecture for RISC-V. Unlike current enclave systems, SERVAS facilitates efficient and secure enclave memory sharing. While the memory encryption constitutes the main overhead, entering or exiting a SERVAS enclave requires only 3.5x of a simple syscall, instead of 71x for Intel SGX.