Using Intel SGX to Enforce Auditing of Running Software in Insecure Environments

In this work we propose a strategy using Intel SGX processors to guarantee the use of audited applications in insecure environments. A cloud-based toolchain allows auditors to assess if the user's application meets specifications and standards, to generate the final binaries, and to cryptographically sign them. It also generates a manifesto containing information to verify the authenticity of the audited software binaries. A SGX-based binary loader (inserted by the cloud-based toolchain during the applications building process) writes down auditing data that is encrypted and sealed by SGX functions to form reliable proofs that the original audited software is the one running. As a proof-of-concept, a Linux kernel was modified in order to cryptographically measure all processes being executed and send these results to a SGX application. An analysis was carried out to measure the performance of the altered system. On average, a system consistently running the audit increased the execution time of each process by 20 to 30%.