Migrating SGX Enclaves with Persistent State

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review


Research units


Hardware-supported security mechanisms like Intel Software Guard Extensions (SGX) provide strong security guarantees, which are particularly relevant in cloud settings. However, their reliance on physical hardware conflicts with cloud practices, like migration of VMs between physical platforms. For instance, the SGX trusted execution environment (enclave) is bound to a single physical CPU. Although prior work has proposed an effective mechanism to migrate an enclave's data memory, it overlooks the migration of persistent state, including sealed data and monotonic counters; the former risks data loss whilst the latter undermines the SGX security guarantees. We show how this can be exploited to mount attacks, and then propose an improved enclave migration approach guaranteeing the consistency of persistent state. Our software-only approach enables migratable sealed data and monotonic counters, maintains all SGX security guarantees, minimizes developer effort, and incurs negligible performance overhead.


Original languageEnglish
Title of host publication48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
Publication statusPublished - 23 Jul 2018
MoE publication typeA4 Article in a conference publication
EventAnnual IEEE/IFIP International Conference on Dependable Systems and Networks - Luxembourg, Luxembourg
Duration: 25 Jun 201828 Jun 2018
Conference number: 48


ConferenceAnnual IEEE/IFIP International Conference on Dependable Systems and Networks
Abbreviated titleDSN

ID: 27036009