Dreissig F, Röckl J, Müller T (2022)
Publication Type: Conference contribution
Publication year: 2022
Publisher: Association for Computing Machinery
Conference Proceedings Title: ACM International Conference Proceeding Series
Event location: Vienna, AUT
ISBN: 9781450396707
To optimally utilize Intel SGX, programs must be partitioned into trusted and untrusted parts. Writing the trusted part of a program with Intel's SDK, however, requires manual effort that often becomes an obstacle for programmers. In this work, we investigate how compiler-level tooling can assist with the semi-automatic separation of code into a trusted and an untrusted partition. We present Cadote, a solution that generates SGX enclaves from programs written in Rust. Application developers are expected to mark functions as trusted, for which enclaves are then generated automatically. All other functions remain untrusted and are executed outside Intel SGX in the normal world. We implemented this concept using compiler optimization passes of the LLVM framework. Targeting Rust as input language allows us to benefit from high-level concepts, such as memory safety, which enable us to safely copy function parameters between the normal and trusted world in practice.
APA:
Dreissig, F., Röckl, J., & Müller, T. (2022). Compiler-Aided Development of Trusted Enclaves with Rust. In ACM International Conference Proceeding Series. Vienna, AUT: Association for Computing Machinery.
MLA:
Dreissig, Felix, Jonas Röckl, and Tilo Müller. "Compiler-Aided Development of Trusted Enclaves with Rust." Proceedings of the 17th International Conference on Availability, Reliability and Security, ARES 2022, Vienna, AUT Association for Computing Machinery, 2022.
BibTeX: Download