intel / linux-sgx

Intel SGX for Linux*
https://www.intel.com/content/www/us/en/developer/tools/software-guard-extensions/linux-overview.html
Other
1.34k stars 548 forks source link

Will SGX be deprecated? #760

Open AlvinChen1028 opened 3 years ago

AlvinChen1028 commented 3 years ago

I check some of tigerlake CPUs, and find many tigerlake cpus don't support SGX, but some of them support TME (total memory encryption). Does it mean SGX will be deprecated?

andyzyb commented 2 years ago

SGX will only be supported on new server platforms. New client systems don't have SGX support.

AlvinChen1028 commented 2 years ago

@andyzyb How about TME? Any work need be done in SW side to adopt TME? SGX or TME is also very important for client system, as the client systems are more easy to be attacked than server like Thunderbolt DMA attacking.

daira commented 2 years ago

SGX will only be supported on new server platforms. New client systems don't have SGX support.

To me (a security researcher who has followed the attacks against SGX in detail), it makes no sense to continue support for SGX on servers if it is being deprecated on desktops. Deprecating it on desktop chips is a clear signal that:

The security arguments don't differ between desktop and servers. Is retaining it for servers just a face-saving exercise?

DemiMarie commented 2 years ago

SGX will only be supported on new server platforms. New client systems don't have SGX support.

To me (a security researcher who has followed the attacks against SGX in detail), it makes no sense to continue support for SGX on servers if it is being deprecated on desktops. Deprecating it on desktop chips is a clear signal that:

  • Protocol designers should not develop any further designs that rely on it;
  • Even Intel acknowledges that it can't be made secure.

The security arguments don't differ between desktop and servers. Is retaining it for servers just a face-saving exercise?

Personally, I am glad that new server platforms will have it. Signal makes use of it for private contact discovery, and doing this without SGX (or a similar technology) would be much more difficult. Also, SGX is a dependency of Intel’s Trusted Domain Extensions (TDX).

Maxul commented 2 years ago

Source: https://github.com/Maxul/Awesome-SGX-Open-Source/blob/master/SGX-vs-TDX.md

Fact: Intel has deprecated SGX in the 11th, 12th generations of Core processors [1] [2].

Q1: Was SGX completely deprecated by Intel?

A1: No. Only PC processors.

Q2: Why will Intel TDX replace Intel SGX?

Personally, I believe that Intel TDX is a good alternative to Intel SGX. TDX outperforms SGX for the following reasons:

  1. Compatibility: TDX provides VM abstraction, a natural fit for the cloud service provider. The VM abstraction can easily support any unmodified applications by a POSIX-compatible guest kernel or today's Unikernels [4]. Existing SGX LibOSes (Gamine [5] or Occlum [6]) are still working in progress to support various applications.

  2. Performance: TDX supports para-virtualization or even SR-IOV for high-performance I/O. On the contrary, SGX must involve expensive context switches for I/O intensive workloads. Although asynchrony was proven to assist, asynchrony has to bring more CPUs into busy looping.

  3. Security: TDX utilizes multi-key memory encryption (MKTME) and introduces a secure hypervisor (i.e., SEAM module) that minimizes the controlled-channel attacks than SGX.

  4. Utilization: SGX must statically partition the physical memory into two halves; the secure memory (i.e., enclave page cache or EPC) cannot be shared with the OS. TD (namely, encrypted VM) pages can be flexibly configured to be private, shared or public (unencrypted).

Given the above comparison, I do not see any wins for SGX. TDX supports remote attestation and memory encryption just like SGX does. Worse, recent scalable SGX on Xeon3 abandons memory integrity, making TDX and SGX almost the same security level. When TDX is released, SGX will probably be doomed in the long run.

Q3: Will Intel SGX be finally replaced by Intel TDX?

A3: Probably not. For two reasons:

[1] https://cdrdv2.intel.com/v1/dl/getContent/634648

[2] https://cdrdv2.intel.com/v1/dl/getContent/655258

[3] https://www.intel.com/content/www/us/en/developer/articles/technical/intel-trust-domain-extensions.html

[4] http://unikernel.org/

[5] https://github.com/gramineproject/gramine

[6] https://github.com/occlum/occlum

ScottR-Intel commented 2 years ago

https://community.intel.com/t5/Blogs/Products-and-Solutions/Security/Rising-to-the-Challenge-Data-Security-with-Intel-Confidential/post/1353141

VicoChern commented 2 years ago

@ScottR-Intel , Based on the article, it seems both Intel SGX and Intel TDX are available for only Intel Xeon platform, how about the client platforms? Our customers are asking how to prevent the memory dumping attack for their clients, if the sensitive data in the memory are encrypted, then it makes the clients more secured. Does Intel have plan to support the memory encrypting on client platforms? Any information for that?

ScottR-Intel commented 2 years ago

Intel vPro Business Client platforms starting with 11th Gen, support Total Memory Encryption to encrypt memory. Here is more information on this feature: https://www.intel.com/content/dam/www/central-libraries/us/en/documents/white-paper-intel-tme.pdf . This feature provides protection against hardware snooping/memory dumping attacks. Unfortunately we currently don’t have any technology on our client platforms against privileged software dumping memory .