Eactors: Fast and flexible trusted computing using SGX

Sartakov VA, Brenner S, Ben Mokhtar S, Bouchenak S, Thomas G, Kapitza R (2018)

Publication Type: Conference contribution

Publication year: 2018

Publisher: Association for Computing Machinery, Inc

Pages Range: 187-200

Conference Proceedings Title: Proceedings of the 19th International Middleware Conference, Middleware 2018

Event location: Rennes, Brittany, FRA

ISBN: 9781450357029

DOI: 10.1145/3274808.3274823

Abstract

Novel trusted execution support, as offered by Intel’s Software Guard eXtensions (SGX), embeds seamlessly into user space applications by establishing regions of encrypted memory, called enclaves. Enclaves comprise code and data that is executed under special protection of the CPU and can only be accessed via an enclave defined interface. To facilitate the usability of this new system abstraction, Intel offers a software development kit (SGX SDK). While the SDK eases the use of SGX, it misses appropriate programming support for inter-enclave interaction, and demands to hardcode the exact use of trusted execution into applications, which restricts flexibility. This paper proposes EActors, an actor framework that is tailored to SGX and offers a more seamless, flexible and efficient use of trusted execution – especially for applications demanding multiple enclaves. EActors disentangles the interaction with enclaves and, among them, from costly execution mode transitions. It features lightweight fine-grained parallelism based on the concept of actors, thereby avoiding costly SGX SDK provided synchronisation constructs. Finally, EActors offers a high degree of freedom to execute actors, either untrusted or trusted, depending on security requirements and performance demands. We implemented two use cases on top of EActors: (i) a secure instant messaging service, and (ii) a secure multi-party computation service. Both illustrate the ability of EActors to seamlessly and effectively build secure applications. Furthermore, our performance evaluation results show that securing the messaging service with EActors improves performance compared to the vanilla versions of JabberD2 and ejabberd by up to 40×.

Authors with CRIS profile

Rüdiger Kapitza

Related research project(s)

PRIMaTE: PRIvacy preserving Multi-compartment Trusted Execution (PRIMaTE) Oct. 16, 2017 - Aug. 31, 2023

Involved external institutions

Technische Universität Braunschweig DE Germany (DE) Institut National des Sciences Appliquées de Lyon (INSA Lyon) FR France (FR) Institut Mines-Télécom (IMT) FR France (FR)

How to cite

APA:

Sartakov, V.A., Brenner, S., Ben Mokhtar, S., Bouchenak, S., Thomas, G., & Kapitza, R. (2018). Eactors: Fast and flexible trusted computing using SGX. In Proceedings of the 19th International Middleware Conference, Middleware 2018 (pp. 187-200). Rennes, Brittany, FRA: Association for Computing Machinery, Inc.

MLA:

Sartakov, Vasily A., et al. "Eactors: Fast and flexible trusted computing using SGX." Proceedings of the 19th ACM/IFIP/USENIX International Middleware Conference, Middleware 2018, Rennes, Brittany, FRA Association for Computing Machinery, Inc, 2018. 187-200.

BibTeX: Download