Formally Verifying Trusted Execution Environments with UCLID5
Pranav Gaddamadugu
EECS Department, University of California, Berkeley
Technical Report No. UCB/EECS-2021-200
August 13, 2021
http://www2.eecs.berkeley.edu/Pubs/TechRpts/2021/EECS-2021-200.pdf
Hardware enclaves provide integrity and confidentiality guarantees of a remote execution on a machine owned by an untrusted third party using hardware-enforced isolation and attestation mechanisms. Although the sophistication of enclave designs has been increasing, few are formally verified. In this work, we use a formal tool, called UCLID5, to model and verify an abstract enclave platform. We then extend our standard model to encompass a novel extension of the Keystone enclave platform called Cerberus, which enables secure and efficient multiprocessing inside enclaves and reduces enclave initialization latency. We use UCLID5 to formally verify that Cerberus provides strong integrity and confidentiality guarantees to enclave programs.
Advisors: Sanjit A. Seshia
BibTeX citation:
@mastersthesis{Gaddamadugu:EECS-2021-200, Author= {Gaddamadugu, Pranav}, Title= {Formally Verifying Trusted Execution Environments with UCLID5}, School= {EECS Department, University of California, Berkeley}, Year= {2021}, Month= {Aug}, Url= {http://www2.eecs.berkeley.edu/Pubs/TechRpts/2021/EECS-2021-200.html}, Number= {UCB/EECS-2021-200}, Abstract= {Hardware enclaves provide integrity and confidentiality guarantees of a remote execution on a machine owned by an untrusted third party using hardware-enforced isolation and attestation mechanisms. Although the sophistication of enclave designs has been increasing, few are formally verified. In this work, we use a formal tool, called UCLID5, to model and verify an abstract enclave platform. We then extend our standard model to encompass a novel extension of the Keystone enclave platform called Cerberus, which enables secure and efficient multiprocessing inside enclaves and reduces enclave initialization latency. We use UCLID5 to formally verify that Cerberus provides strong integrity and confidentiality guarantees to enclave programs.}, }
EndNote citation:
%0 Thesis %A Gaddamadugu, Pranav %T Formally Verifying Trusted Execution Environments with UCLID5 %I EECS Department, University of California, Berkeley %D 2021 %8 August 13 %@ UCB/EECS-2021-200 %U http://www2.eecs.berkeley.edu/Pubs/TechRpts/2021/EECS-2021-200.html %F Gaddamadugu:EECS-2021-200