SGX-USB: Secure USB I/O Path for Secure Enclaves

Yeongjin Jang, Sejin Keem
January, 2024
PDF

Abstract

User input plays an essential role in computer security because it can control system behavior and make security decisions. Output from the system to users is also important because it often contains security-critical information that must be protected in terms of its integrity and confidentiality, such as passwords and user’s private data. Despite the importance of user input and output (I/O), modern computer systems often fail to provide necessary security guarantees for them, which could result in serious security breaches. To establish trust in the user I/O in a commodity computer system, we present SGX-USB, which combines three essential security properties: confidentiality, integrity, and authenticity, to ensure the assurance of user I/O. SGX-USB establishes a trusted communication channel between the USB controller and an enclave instance of Intel SGX. The implemented system supports common user input devices, such as keyboards and mice, over the trusted channel, ensuring the integrity of user input.

Type
Conference paper
Publication
In Proceedings of the 57th Hawaii International Conference on System Sciences (HICSS)
Yeongjin Jang
Yeongjin Jang
Principal Software Engineer

My research interests include cybersecurity/hacking, automated vulnerability discovery/analysis, secure system design, and applied cryptography.