Binary code retrofiting and hardening using SGX

Shuai Wang, Wenhao Wang, Qinkun Bao, Pei Wang, Xiao Feng Wang, Dinghao Wu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

Trusted Execution Environment (TEE) is designed to deliver a safe execution environment for software systems. Intel Software Guard Extensions (SGX) provides isolated memory regions (i.e., SGX enclaves) to protect code and data from adversaries in the untrusted world. While existing research has proposed techniques to execute entire executable fles inside enclave instances by providing rich sets of OS facilities, one notable limitation of these techniques is the unavoidably large size of Trusted Computing Base (TCB), which can potentially break the principle of least privilege. In this work, we describe techniques that provide practical and efcient protection of security sensitive code components in legacy binary code. Our technique dissects input binaries into multiple components which are further built into SGX enclave instances. We also leverage deliberately-designed binary editing techniques to retroft the input binary code and preserve the original program semantics. Our tentative evaluations on hardening AES encryption and decryption procedures demonstrate the practicability and efciency of the proposed technique.

Original languageEnglish (US)
Title of host publicationFEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017
PublisherAssociation for Computing Machinery, Inc
Pages43-49
Number of pages7
ISBN (Electronic)9781450353953
DOIs
StatePublished - Nov 3 2017
Event2nd Workshop on Forming an Ecosystem Around Software Transformation, FEAST 2017 - Dallas, United States
Duration: Nov 3 2017 → …

Publication series

NameFEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017

Other

Other2nd Workshop on Forming an Ecosystem Around Software Transformation, FEAST 2017
CountryUnited States
CityDallas
Period11/3/17 → …

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Electrical and Electronic Engineering
  • Safety, Risk, Reliability and Quality

Fingerprint Dive into the research topics of 'Binary code retrofiting and hardening using SGX'. Together they form a unique fingerprint.

  • Cite this

    Wang, S., Wang, W., Bao, Q., Wang, P., Wang, X. F., & Wu, D. (2017). Binary code retrofiting and hardening using SGX. In FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017 (pp. 43-49). (FEAST 2017 - Proceedings of the 2017 Workshop on Forming an Ecosystem Around Software Transformation, co-located with CCS 2017). Association for Computing Machinery, Inc. https://doi.org/10.1145/3141235.3141244