Erlang SGX - Protecting Confidential Erlang Workloads with Intel SGX

Abstract

Secure enclaves, such as Intel sgx, provide a trusted execution environment which offers integrity and confidentiality guarantees to supported applications. In this thesis, we show how Erlang can be protected to harden telecommunication workloads by utilizing hardware-based Intel sgx. First, we demonstrate how an untrusted Erlang runtime can execute trusted c code inside of sgx via Erlang C Nodes and nifs. A possible use case is the protection of cryptographic functionality which is demonstrated with OpenSSL inside of sgx, callable from Erlang. Second, to protect the Erlang runtime itself, a number of alternatives are explored as to enable execution of Erlang code inside of the enclave. However, Erlang ships with beam, an advanced virtual machine, which performs frequent syscalls and io activity that drastically increases the complexity of porting it to sgx enclaves. Therefore, two prominent third-party frameworks are tested which aim to support generic applications inside of sgx: the Library os Graphene and the shim-layer solution scone. Third, alternatives to implement a custom solution are discussed which could yield performance and security benefits over the generic frameworks while protecting an Erlang runtime. The complete source code for this thesis is available under a permissive bsd 3 license.