We also have a work-in-progress poster and demo at CCS 2021: "An Open-Source Framework for developing Heterogeneous Distributed Enclave Applications." With Gianluca Scopelliti, @sepideh89310185, Job Noorman, @FritzAlder, and Frank Piessens @DistriNet. (1/5)
Our CCS 2021 paper "Aion: : Enabling Open Systems through Strong Availability Guarantees for Enclaves" is online. With @FritzAlder, @jovanbulck, Frank Piessens, @DistriNet. Aion extends a light-weight TEE towards a
configurable security architecture that provides a notion of 1/6
guaranteed real-time execution for dynamically loaded enclaves. On top of basic TEE security guarantees, this requires bounded atomicity, which we implement on top of #Sancus with an exception engine and atomicity monitor in hardware, which interact with 2/6
Conspiracy! For several days already, every evening! The woodlice on our balcony meet in conspirative groups, stick their heads together and plot who knows what. Will they eat my cucumbers or will they bring down the fossil fuel industry and growth-based economics altogether?
On Friday, @HansWinderix@DistriNet will present our work on "Compiler-Assisted Hardening of Embedded Software Against Interrupt Latency Side-Channel Attacks" at @IEEEEUROSP.
Key insight: To protect code on embedded TEEs against side-channel leakage, balancing secret- /1
dependent branches can yield more efficient code than following the constant-time paradigm. We have implemented and evaluated this with an automated hardening pass in the #LLVM backend for #Sancus. The technique should also be applicable for, e.g., light-weight #ARM TEEs. /2