E3X: Encrypt-Everything-Everywhere ISA eXtensions for Private Computation

Abstract

The rapid increase of recent privacy attacks has significantly decreased trust on behalf of the users. A root cause to these problems is that modern computer architectures have always been designed for performance, while security protections are traditionally addressed reactively. Practical security protections, such as Intel SGX, rely on processing unencrypted data in the architectural state, which leaves them exposed to software attacks (e.g., SGXpectre). This work revisits the traditional computation stack and introduces a novel computation paradigm, where data is never decrypted in the architectural state. Through our architecture, data are protected with symmetric or asymmetric encryption and the programmer manipulates them directly in the encrypted domain. To increase performance, we exploit data locality by introducing decryption caches in the microarchitectural state. Our proposal addresses all abstraction levels in the computation stack: from microarchitecture to library support for high-level programming. The proposed architecture is instantiated through new assembly instructions, registers and functional units operating on large integers. In our evaluation, we extend the OpenRISC 1000 architecture and develop open-source libraries for C++. As a case study, we employ data-oblivious benchmarks and observe that for benchmarks with high temporal locality, our architecture can achieve comparable performance to processing unencrypted data.