The recently introduced second generation of Intel SGX (SGXv2) lifts memory size limitations of the first generation. Theoretically, this promises to enable secure and highly efficient analytical DBMSs in the cloud. To validate this promise, in this paper, we conduct the first in-depth evaluation study of running analytical query processing algorithms inside SGXv2. Our study reveals that state-of-the-art query operators like radix joins and SIMD-based scans can indeed achieve high performance inside SGXv2 enclaves. These operations are orders of magnitude faster than joins optimized for the discontinued SGXv1 hardware. However, substantial performance overheads are still caused by subtle hardware and software differences influencing code execution inside an SGX enclave. We investigate these differences and propose new optimizations to bring the performance inside the enclave on par with native code execution outside an enclave.

翻译：最近推出的第二代英特尔SGX（SGXv2）突破了第一代的内存容量限制。理论上，这有望在云端实现安全且高效的分析型数据库管理系统。为验证这一设想，本文首次对SGXv2中运行分析查询处理算法进行了深入的评估研究。研究发现，最先进的查询算子（如基数连接和基于SIMD的扫描）确实能在SGXv2飞地内实现高性能。这些操作的执行速度比针对已停产的SGXv1硬件优化的连接操作快数个数量级。然而，SGX飞地内代码执行仍因微妙的软硬件差异而产生显著性能开销。我们探究了这些差异，并提出新的优化方案，使飞地内的执行性能与飞地外原生代码执行性能相当。