| dc.contributor.author | Bourgeat, Thomas | |
| dc.contributor.author | Lebedev, Ilia A. | |
| dc.contributor.author | Wright, Andrew D. | |
| dc.contributor.author | Zhang, Sizhuo | |
| dc.contributor.author | Arvind | |
| dc.contributor.author | Devadas, Srinivas | |
| dc.date.accessioned | 2021-03-04T14:32:18Z | |
| dc.date.available | 2021-03-04T14:32:18Z | |
| dc.date.issued | 2019-10 | |
| dc.identifier.isbn | 9781450369381 | |
| dc.identifier.uri | https://hdl.handle.net/1721.1/130076 | |
| dc.description.abstract | Recent attacks have broken process isolation by exploiting microarchitectural side channels that allow indirect access to shared microarchitectural state. Enclaves strengthen the process abstraction to restore isolation guarantees. We propose MI6, an aggressively speculative out-of-order processor capable of providing secure enclaves under a threat model that includes an untrusted OS and an attacker capable of mounting any software attack currently considered practical, including those utilizing control flow mis-speculation. MI6 is inspired by Sanctum [16] and extends its isolation guarantee to more realistic memory hierarchy. It also introduces a purge instruction, which is used only when a secure process is (de)scheduled, and implements it for a complex processor microarchitecture. We model the performance impact of enclaves in MI6 through FPGA emulation on AWS F1 FPGAs by running SPEC CINT2006 benchmarks as enclaves within an untrusted Linux OS. Security comes at the cost of approximately 16.4% average slowdown for protected programs. | en_US |
| dc.description.sponsorship | National Science Foundation (U.S.) (Grant CNS-1413920) | en_US |
| dc.description.sponsorship | United States. Space and Naval Warfare Systems Command (Contract N66001-15-C-4066) | en_US |
| dc.description.sponsorship | United States. Defense Advanced Research Projects Agency (Grant HR001118C0018) | en_US |
| dc.language.iso | en | |
| dc.publisher | Association for Computing Machinery (ACM) | en_US |
| dc.relation.isversionof | 10.1145/3352460.3358310 | en_US |
| dc.rights | Creative Commons Attribution-Noncommercial-Share Alike | en_US |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-sa/4.0/ | en_US |
| dc.source | arXiv | en_US |
| dc.title | MI6: Secure Enclaves in a Speculative Out-of-Order Processor | en_US |
| dc.type | Article | en_US |
| dc.identifier.citation | Bourgeat, Thomas et al. “MI6: Secure Enclaves in a Speculative Out-of-Order Processor.” Paper presented at the Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture, Columbus OH, October 2019, Association for Computing Machinery: 42–56 © 2019 The Author(s) | en_US |
| dc.contributor.department | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science | en_US |
| dc.contributor.department | Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory | en_US |
| dc.relation.journal | Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture | en_US |
| dc.eprint.version | Original manuscript | en_US |
| dc.type.uri | http://purl.org/eprint/type/ConferencePaper | en_US |
| eprint.status | http://purl.org/eprint/status/NonPeerReviewed | en_US |
| dc.date.updated | 2020-12-09T19:12:10Z | |
| dspace.orderedauthors | Bourgeat, T; Lebedev, I; Wright, A; Zhang, S; Arvind, ; Devadas, S | en_US |
| dspace.date.submission | 2020-12-09T19:12:14Z | |
| mit.journal.volume | 2019 | en_US |
| mit.license | OPEN_ACCESS_POLICY | |
| mit.metadata.status | Complete | |
