Donky: Domain Keys – Efficient In-Process Isolation for RISC-V and x86

David Schrammel, Samuel Weiser, Stefan Steinegger, Martin Schwarzl, Michael Schwarz, Stefan Mangard, Daniel Gruß

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem KonferenzbandBegutachtung

Abstract

Efficient and secure in-process isolation is in great demand, as evidenced in the shift towards JavaScript and the recent revival of memory protection keys. Yet, state-of-the-art systems do not offer strong security or struggle with frequent domain crossings and oftentimes intrusive kernel modifications. We propose Donky, an efficient hardware-software co-design for strong in-process isolation based on dynamic memory protection domains. The two components of our design are a secure software framework and a non-intrusive hardware extension. We facilitate domain switches entirely in userspace, thus minimizing switching overhead as well as kernel complexity. We show the versatility of Donky in three realistic use cases, secure V8 sandboxing, software vaults, and untrusted third-party libraries. We provide an open-source implementation on a RISC-V Ariane CPU and an Intel-MPK-based emulation mode for x86. We evaluate the security and performance of our implementation for RISC-V synthesized on an FPGA. We also evaluate the performance on x86 and show why our new design is more secure than Intel MPK. Donky does not impede the runtime of in-domain computation. Cross-domain switches are 16–116x faster than regular process context switches. Fully protecting the mbedTLS cryptographic operations has a 4 % overhead.
Originalspracheenglisch
TitelProceedings of the 29th USENIX Security Symposium
Herausgeber (Verlag)USENIX Association
Seiten1677-1694
Seitenumfang18
ISBN (elektronisch)9781939133175
PublikationsstatusVeröffentlicht - Aug. 2020
Veranstaltung29th USENIX Security Symposium: USENIX Security 2020 - Virtuell, USA / Vereinigte Staaten
Dauer: 12 Aug. 202014 Aug. 2020
https://www.usenix.org/conference/usenixsecurity20/

Publikationsreihe

NameProceedings of the 29th USENIX Security Symposium

Konferenz

Konferenz29th USENIX Security Symposium
Land/GebietUSA / Vereinigte Staaten
OrtVirtuell
Zeitraum12/08/2014/08/20
Internetadresse

ASJC Scopus subject areas

  • Information systems
  • Sicherheit, Risiko, Zuverlässigkeit und Qualität
  • Computernetzwerke und -kommunikation

Fingerprint

Untersuchen Sie die Forschungsthemen von „Donky: Domain Keys – Efficient In-Process Isolation for RISC-V and x86“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren