{"title":"SGXoMeter:英特尔SGX的开放和模块化基准测试","authors":"Mohammad Mahhouk, Nico Weichbrodt, R. Kapitza","doi":"10.1145/3447852.3458722","DOIUrl":null,"url":null,"abstract":"Intel's Software Guard Extensions (SGX) are currently the most wide-spread commodity trusted execution environment, which provides integrity and confidentiality of sensitive code and data. Thereby, it offers protection even against privileged attackers and various forms of physical attacks. As a technology that only became available in late 2015, it has received massive interest and undergone a rapid evolution. Despite first ad-hoc attempts, there is so far no standardised approach to benchmark the SGX hardware, its associated environment, and techniques that were designed to harden SGX-based applications. In this paper, we present SGXoMeter, an open and modular framework designed to benchmark different SGX-aware CPUs, &mgr;code revisions, SDK versions and extensions to mitigate side-channel attacks. SGXoMeter provides a set of practical SGX test case scenarios and eases the development of custom benchmarks. Furthermore, we compare it to sgx-nbench, the only other SGX application benchmark tool we are aware of, and evaluate their differences. Through our benchmark results, we identified a performance overhead of up to ã10 times induced between two different SGX-SDK versions for certain workload scenarios.","PeriodicalId":329372,"journal":{"name":"Proceedings of the 14th European Workshop on Systems Security","volume":"174 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"SGXoMeter: Open and Modular Benchmarking for Intel SGX\",\"authors\":\"Mohammad Mahhouk, Nico Weichbrodt, R. Kapitza\",\"doi\":\"10.1145/3447852.3458722\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Intel's Software Guard Extensions (SGX) are currently the most wide-spread commodity trusted execution environment, which provides integrity and confidentiality of sensitive code and data. Thereby, it offers protection even against privileged attackers and various forms of physical attacks. As a technology that only became available in late 2015, it has received massive interest and undergone a rapid evolution. Despite first ad-hoc attempts, there is so far no standardised approach to benchmark the SGX hardware, its associated environment, and techniques that were designed to harden SGX-based applications. In this paper, we present SGXoMeter, an open and modular framework designed to benchmark different SGX-aware CPUs, &mgr;code revisions, SDK versions and extensions to mitigate side-channel attacks. SGXoMeter provides a set of practical SGX test case scenarios and eases the development of custom benchmarks. Furthermore, we compare it to sgx-nbench, the only other SGX application benchmark tool we are aware of, and evaluate their differences. Through our benchmark results, we identified a performance overhead of up to ã10 times induced between two different SGX-SDK versions for certain workload scenarios.\",\"PeriodicalId\":329372,\"journal\":{\"name\":\"Proceedings of the 14th European Workshop on Systems Security\",\"volume\":\"174 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-04-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 14th European Workshop on Systems Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3447852.3458722\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 14th European Workshop on Systems Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3447852.3458722","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
SGXoMeter: Open and Modular Benchmarking for Intel SGX
Intel's Software Guard Extensions (SGX) are currently the most wide-spread commodity trusted execution environment, which provides integrity and confidentiality of sensitive code and data. Thereby, it offers protection even against privileged attackers and various forms of physical attacks. As a technology that only became available in late 2015, it has received massive interest and undergone a rapid evolution. Despite first ad-hoc attempts, there is so far no standardised approach to benchmark the SGX hardware, its associated environment, and techniques that were designed to harden SGX-based applications. In this paper, we present SGXoMeter, an open and modular framework designed to benchmark different SGX-aware CPUs, &mgr;code revisions, SDK versions and extensions to mitigate side-channel attacks. SGXoMeter provides a set of practical SGX test case scenarios and eases the development of custom benchmarks. Furthermore, we compare it to sgx-nbench, the only other SGX application benchmark tool we are aware of, and evaluate their differences. Through our benchmark results, we identified a performance overhead of up to ã10 times induced between two different SGX-SDK versions for certain workload scenarios.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
