Enclave deployments often fail to simultaneously be secure (e.g., resistant to side channel attacks), powerful (i.e., as fast as an off-the-shelf server), and flexible (i.e., unconstrained by development hurdles). In this paper, we present nitriding, an open tool kit that enables the development of enclave applications that satisfy all three properties. We build nitriding on top of the recently-proposed AWS Nitro Enclaves whose architecture prevents side channel attacks by design, making nitriding more secure than comparable frameworks. We abstract away the constrained development model of Nitro Enclaves, making it possible to run unmodified applications inside an enclave that have seamless and secure Internet connectivity, all while making our code user-verifiable. To demonstrate nitriding's flexibility, we design three enclave applications, each a research contribution in its own right: (i) we run a Tor bridge inside an enclave, making it resistant to protocol-level deanonymization attacks; (ii) we built a service for securely revealing infrastructure configuration, empowering users to verify privacy promises like the discarding of IP addresses at the edge; (iii) and we move a Chromium browser into an enclave, thereby isolating its attack surface from the user's system. We find that nitriding enables rapid prototyping and alleviates the deployment of production-quality systems, paving the way toward usable and secure enclaves.
翻译:暂无翻译