Klotski: Efficient Obfuscated Execution against Controlled-Channel Attacks

Session: Security with little performance loss--Fast and furious!

Authors: Pan Zhang (Huazhong University of Science and Technology & University of California, Riverside); Chengyu Song (University of California, Riverside); Heng Yin (University of California, Riverside); Deqing Zou (Huazhong University of Science and Technology); Elaine Shi (Cornell University); Hai Jin (Huazhong University of Science and Technology)

Intel Software Guard eXtensions (SGX) provides a hardware-based trusted execution environment for security-sensitive computations. A program running inside the trusted domain (an enclave) is protected against direct attacks from other software, including privileged software like the operating system (OS), the hypervisor, and low-level firmwares. However, recent research has shown that the SGX is vulnerable to a set of side-channel attacks that allow attackers to compromise the confidentiality of an enclave's execution, such as the controlled-channel attack. Unfortunately, existing defenses either provide an incomplete protection or impose too much performance overhead. In this work, we propose Klotski, an efficient obfuscated execution technique to defeat the controlled-channel attacks with a tunable trade-off between security and performance. From a high level, Klotski emulates a secure memory subsystem. It leverages an enhanced ORAM protocol to load code and data into two software caches with configurable size, which are re-randomized for after a configurable interval. More importantly, Klotski employs several optimizations to reduce the performance overhead caused by software-based address translation and software cache replacement. Evaluation results show that Klotski is secure against controlled-channel attacks and its performance overhead much lower than previous solutions.