We present Citadel, to our knowledge, the first side-channel-resistant enclave platform to run realistic secure programs on a speculative out-of-order multicore processor. First, we develop a new hardware mechanism to enable secure shared memory while defending against transient execution attacks. Then, we develop an efficient dynamic cache partitioning scheme, improving both enclaves' and unprotected processes' performance. We conduct an in-depth security analysis and a performance evaluation of our new mechanisms. Finally, we build the hardware and software infrastructure required to run our secure enclaves. Our multicore processor runs on an FPGA and boots untrusted Linux from which users can securely launch and interact with enclaves. We open-source our end-to-end hardware and software infrastructure, hoping to spark more research and bridge the gap between conceptual proposals and FPGA prototypes.

翻译：我们提出了 Citadel，据我们所知，这是首个在推测乱序多核处理器上运行实际安全程序的抗侧信道攻击飞地平台。首先，我们开发了一种新型硬件机制，在抵御瞬态执行攻击的同时实现安全共享内存。随后，我们设计了一种高效的动态缓存分区方案，同时提升了飞地程序与无保护进程的性能。我们对新机制进行了深入的安全分析与性能评估。最后，我们构建了运行安全飞地所需的硬件与软件基础设施。该多核处理器在FPGA上运行，并启动不受信任的Linux系统，用户可在此系统上安全启动飞地并进行交互。我们开源了端到端的硬件与软件基础设施，期待以此激发更多研究，并弥合概念性方案与FPGA原型之间的鸿沟。