Enclave Host Interface for Security

Abstract: Secure enclave technology has during the last decade emerged as an important hardware security primitive in server computer cores, and increasingly also in chips intended for consumer devices like mobile phones and PCs. The Linux Confidential Compute Consortium has taken a leading role in defining the host APIs for enclave access (e.g. OpenEnclave APIs). Earlier solutions for security isolation in mobile phones relied on so called Trusted Execution Environments, which are similar in hardware isolation, but serve primarily OEM device security use-cases, and the environments are access controlled by remote trust roots (code signatures). This thesis examines the security requirements for enclaves, visible through APIs and SDKs. An augmented IDE / SDK interface that accounts for security, including legacy considerations present with TEEs is also proposed. This thesis also attempts to improve developer experience related to development of trusted application by providing a tight integration with IDE and an expressive way to select methods which can be carved out of an existing rust application into a seperate trusted application. Furthermore, this thesis also discusses some common pitfalls while developing code for trusted applications and attempts to mitigate several of the discussed risks. The work plan includes a background study on existing TEE and enclave SDKs, a novel SDK augmentation that accounts for the features listed above, and a prototype implementation that highlights the enclave security needs beyond mere isolated execution. An IDE plugin is also implemented, that exemplifies how software engineers (with potentially limited security knowledge) can implement a trusted application service with enclave support such that the end result (enclave code) will run without information leakage or interface security problems.