 My name is Vasili Sartakov and I would like to present you the actors framework The first question which I want to try for answer for which I want to try to find is why do we need another framework because A lot of frameworks why another one? Sure So Just for a cup Intel is geeks offer new system companies are calling claves in clays are part of user space applications And they isolated from and the code on data of enclaves are isolated from that of other enclaves So an enclave can let's say code from enclave can access data located in ring for inside application but cannot access data and code inside another enclave and Enclaves are protected from attacks based on physical access by the use of encryption of physical memory Removes the operating system and the hypervisor from the rustic computing base and offer very interesting features like local remote attestation and data seeding and more Intel offers Intel is geeks SDKs this is DK provides you necessary primitives to Programming claves and they do this in a very straightforward and easy way so you can create Function and decorate it in a special way then compile its function together with the Intel is geeks SDK and SDK generates binary or multiple binaries of enclaves and glue code Which allows to start or deploy enclaves? And this is a very intuitive use. So it's a just an RPC like manner of programming of enclaves. However, there is a problem To Enter into enclave you need to perform something called occul. So there are mechanisms for switching between untrusted and trusted execution environments and those transitions are very very slow compared to ordinary system calls switching between trusted and untrusted 50 times slow and more than 50 times loads only for the beginning and you will need to leave your enclave very very soon because Inside enclave you cannot directly interact with the kernel So if you want to interact with the kernel or use a function which is not located inside an enclave You need to leave this enclave again 50 times slower. For example, you have two threads There's two threads need to pass a critical section. They need to use mutex's mutex's requires the involvement of the kernel Both threads needs to leave the enclave. We have more than to be 200 times slower Synchronization mechanism compared to ordinary mutex's so it's very very slow As a response for this issue researchers provided several frameworks Frameworks like heavens con graphene sgx sgx lkl Panoply and maybe some other So more than five different frameworks L and they follow Same and different approaches at the same time So you don't need to leave an enclave if you can do everything what you need inside an enclave So for example, you can emulate some unavailable system calls inside an enclave and therefore you don't need to leave an enclave and Various projects abstract different layers of the software stack. So someone that's abstract The lipstick interface another project abstract the whole the deck let's say in the kernel interface But conceptually conceptually does frameworks have problem It's a monolithical design with a lot of there's a very huge trusted computing base So and this is a kind of irony you wanted to remove the complicated kernel from the trusted computing base But to run your legacy application you anyway put parts of the kernel inside this trusted environment So large TV is the problem however, there is another way and a Single host a single process can host multiple enclaves and this is a very interesting feature of SGX enclaves inside the one memory Insulated environment you can put multiple. I mean process you can put multiple enclaves. So Your program can consist of multiple mutually distrusted components located inside different enclaves What can be what application can be for example? You have a message server like it's MPP server and you want to make Group chats you can put a one group chat inside one enclave another group chat another another enclave So they will be protected in in the case of interusion this data will be protected obviously and at the same time Since it's the one single service Clients should you or should have a mechanism for to interact through enclaves another example was considered by People from Microsoft. Thank you very nice exact multi-party computation when you have multiple mutually distrusted binaries, but those binaries Bill which belong to different owners should perform a mathematical function or Find the consensus or make a decision together without involve without Exposing of internal values in the simple case you have several Isolated parties each party has is located inside of the enclave For example, this enclave has a secret value inside and three parties should Perform a mathematical sum without in exposing of open values So for that again, you need to have multiple enclaves You need to have a mechanism for interaction between them and at the same time It should be one unique application, but not a distributed set of desolated or distributed set of different applications and to implement such applications you need to have a programming framework and you need to have a necessary system support and I think the right way is to do this by the applying of the actor on the conception of actors Because actors conceptually are not blocking entities and and therefore and they follow the conception of no sharing So you don't need to involve synchronization primitives So you don't need to leave an enclave. You don't need to develop mechanism for synchronization is in the enclave So it's a very easy so they don't use locks In conception, they are very lightweight. So it's a very nice from the point of view of another problem related to sgx enclaves It's a EPC problem. So there is a problem of paging if the size of falling cleaves reaches Let's say near 92 megabytes. So actors And of course, there are many actor-based systems and the problem that they very heavy It's very complicated. Well, it's not very complicated to port Let's say a long VM into sgx. The question is what overhead will you have if you port this? so we we can use but this very high overhead Erlang Java and Conceptually those frameworks are not tailored for Trusted execution environment. So yes, you can run it, but they are not you they they don't use features of In place and that's the reason why I decided we need another framework and I will present you today So it's the actors is the actor-based framework As many other factor-based frameworks To describe it, I will answer three questions. What an actor is what is an actor? How does actor communicate and what system support the framework provides? This figure shows a general view of the actor of the application of an application written in this framework, so there are several enclaves one in two and There are actors They are called the actor in the it's a notion of an actor in this framework. So there are four actors and Two actors are located inside one enclave to other actors located in another enclave and there are workers Workers technically are p threads physical threads That's provided execution context for actors So actors itself are passive entities and they can act only if they have Execution context and there are bindings between actors and enclaves for example, you see two actors inside this enclave two actors inside this enclave Workers to CPUs. It's a CPU affinity. You can say that this thread will work will be attached to this CPU It can be very useful from the point of view of performance and optimization and actors to workers as I said workers provide execution context to create this application you need to Have the framework the source code of your actors and the XML file that describes the deployment scenario itself, so The be the number one aim of the framework is to provide the very simple tools Which help you to build a very flexible application today For example, you wanted to put all actors inside one enclave tomorrow Let's say you want to have five different enclaves and the switching between actors between enclaves should be very very easy from the point of view of the developer and Deployment scenarios are encoded in or stored inside an XML while you don't need to fix the source code of your Application if you want to change the deployment and the framework itself generates binary binaries of Enclave so for example, we have five way enclaves the framework will generate you five different Enclave and each enclave will have only Uses it inside this enclave source code of actors So they're very lightweight without unnecessary code inside And this is a very simple application. So there is a constructor for an actor. So this a constructor initialize that usually initializes Communication interface between other actors and actors. This is the body function of the actor So by definition an actor can interact with other actors only by messages So actually what's going on we receive or send message and we will react We're this actor reacts if this actor receives a message point from another actor Question number one how does actor can interact with each other and they use nodes It's a abstraction which describes. It's a fundamental abstractions for messaging for messaging So it's technically it's a part of memory and this part of memory can be Trusted located inside an enclave or can be untrusted located outside an enclave It consists of two components. There is a header and there is a payload. So it's a just There is payload as memory for data and there is a header header is used to enqueue and to enqueue multiple nodes into queues and All nodes are located at the start. So it's part of the framework Then the framework provides API to deal with those queues. So very obvious double-linked list with Lee 4 and 5 for interfaces synchronization of Notes are protected by the use of hardware localization It's a very very high performance synchronization mechanism without any side effects compared without any side effects and This primitive can be used by Multi-producers and multi-consumers. So you just have a queue there You have set of factors that can write to this queue and set of factors that read from this queue Let's consider an example. We have two actors ping and punk and they located inside different enclave to send a message from enclave one to enclave two The first actor should have access to pull off empty messages and to inbox abstraction So firstly ping needs to dequeue an empty node from pool Right and after that the first actor will get exclusive access to this node No one else can read and write it and even access to refer somehow Then enclave can that actor can write data inside this enclave and side this node Then this node must be included into an inbox. So that and then by the way can be encrypted to non-encrypted Should be and huge into inbox at the same time the second actor tries to dequeue messages from the same inbox and succeed it will get Success it will get exclusive access again Safely read data inside that enclave decrypted if it's if it's necessary and then it needs to read me it need to return It needs to return Use it node back to the pool. So very simple and This abstraction can be as I said can be used by multi producers and multi consumers But by default communication are not encrypted So you mean because because of multiple reasons and the framework provides more complicated abstractions on top of this very simple interface those abstractions are called car coaster connectors and They provide Encrypted can can be encrypted to non encrypted with absolutely the same interface So for example today you have two actors you place it those two actors inside an enclave and obviously you don't need to use encryption because Because those Actors are protected by his geeks itself. So therefore you don't need to spend time to encrypt it But tomorrow let's say you want to create two independent enclaves put two different actor into different enclaves And obviously you need to have a mechanism for which which you encrypt your messages and car coaster connectors offer this Abstraction so with the same source code just by switching one or two source line of code you can turn your Non-encrypted messages into encrypted messages. However, of course there are It's not for free. So this interface can be used only by single producer single consumer peer-to-peer form But the framework for Mechanisms for remote for local attestation during the key exchange procedure So if you have let's say five enclaves with five different actors And those actors have five in the four. Let's say independent Communication channels the framework will generate necessary glue Necessary Check sounds which will help you to establish Encrypted connections by the use of local attestation What's what else the framework offers several system components Because you cannot use well, you shouldn't use E-calls inside an enclave and therefore you need to use messages to get access to System companies that are unavailable inside the enclave For that the framework offers system Actors, they are untrusted they're working outside the enclaves and they interact with all other actors by the messages Because it's actor-based framework. So for example And those actors implement mechanisms so that can be a system call for read for write for pipe for interaction with pipe Read write to the file system if you want. So it's just mechanism And you for example, if you want to open the file, you need to send a message this actor will perform this mechanism It will open the file and send back file descriptor So the same system actor can be simultaneously used by multiple other actors because because it doesn't Store it doesn't have a state Another thing so now we can have access to any hardware from our in-clays is the same interface and But anyway, sometimes you need to have a mechanism to To don't To store data inside an enclave is outshare the state. It's a sound a bit strange. I will explain so Conceptually actors cannot have state and cannot have access to share it entity, but at the same time Instead of saying for example have a one message and you need to send this message to let's say five or ten Actors and since this message is absolutely the same Sending five or ten sequential messages is inefficient so in Actors-based framework there is a conception of Object store which is not a store as a share it entity So you may consider object store as a set of cues a set of persistent cues where you put data But into this queue, but this Data can be accessed by or reading by multiple actors without Without any problems. So the framework offers the e-access object store. It's a technically it's a atomic k-value store It can be private. It can be public. So it's not an active entity. It's a set of apis so Set of apis that can be invoked by actors So any piece of memory if it has a necessary size can be turned into object store and Actors who has access to it can read and write to the store Also this store can be Persistent for example you can map A file into untrusted memory and turn this map it memory into object store so it will have persistence on demand That's all regarding the design the Question which I want to show you the answer later is to show you how to how fast is the communication primitives because The original motivation was we want to ammede the use of E-calls and or-calls and for that we use asynchronous messages are how fast are they? for that let's consider two and two actors located inside different enclaves and in this case they use E-calls to leave an enclave to send the message to another one and Messages used by and and boxes used by two different actors written on top of different work So this is very simple ping-pong Example we is one messages with this messages Have different size starting from 60 bytes up to one megabyte half of a megabyte Two threads so there is thread one. There is the rule everything is honest again different threads Just the same actors just different synchronization mechanism This is the performance of of the SDK As you can see there is a pike which is near 32 K. It's exactly size of the first line cache Because when you transfer message from Trusted area to trust it by the use of or-calls there is a martial in mechanism which copies data from one memory to another and Obviously if this memory fits into the a1 cache this works very very fast So this is the end of the cache and it has let's say steady a layer after 128 K And this is the performance for your actors so much much faster Very fast And because I was using in this example Cargos so as I said you can very easily to switch from it was to switch a cargo from encrypted into non-encrypted former vice-versa This is the performance for encrypted cargoes. So encrypted even encrypted cargoes approximately Three times faster than non-encrypted non-encrypted equal-basic messages and the difference between Non-encrypted cargoes and equals approximately 30 times So this interface is very fast and you can write very very high performance application on top of this framework Sources are available You can check if you want there are several examples here There is a template so which which shows an ordinary hello-world application There are there is a set of various pinepongs that use encrypted non-encrypted Cargo-basic the non-cargo-basic messages. Also, there is network version of this pinepong application And there is a huge set of various forms of local attestation Diffie-Hailman and something else So at least there's your three different pinepongs Which use different for mechanisms to establish an encrypted connection? Also, there is an example for secure multi-party computation. It's a secure assume or some the e-octr subject store and there is an HTTP web server Which provides SSL connection? Yes, unfortunately this address is wrong, but there is a service primat Dot IBR here should be primat. It's the title. It's a group site It's a site of our group and this site is Hosted on top of the framework. So it shows how how exactly you can terminate SSL inside an enclave and how you can write HTTP based application on top of this framework Let's talk about future plans Because this project was a kind of a research project. It's written in C very safe language Obviously, you may ask a lot of questions about the applicability of this framework in general and one of the primary problem Is how to make the programming language and the environment more? Let's say more safe. So currently I'm working on the hardening of Of the framework here will be instrumentation mechanism Provided by LLVM which will Limit of memory access that can be accessed by different actors. So we at the end this mechanism will help solve problems related to Uncontrolled access to memory by the C language Mechanisms for partitioning because the framework provides mechanism for easy Deployment and obviously it will be nice to have a mechanism to self deployment or Self partitioning of and of actors because actors are independent that They can be split it without or partition it without any any dependencies and problems So this is the another direction of the work Of course multi-enclave applications so though so the framework was developed to To give a tool to build such multi-enclave applications The HTTP server will be improved. It will support multiple domains and There is there is there are some additional ideas related to IOT and Currently the framework relies on the Intel SGX SDK Which is not very good from performance from security point of view. So probably we will try to Remove this legacy So Thank you very much Questions Yes, please I cannot give you numbers but conceptually All the synchronous cues asynchronous called by SGX SDK and these interface they absolutely I mean conceptually is the same you have to tread one thread inside an enclave once a one thread another Outsided enclave and there is charit memory, which is used to enqueue and dequeue a data So it will be the primitive as a primitive. It's a near the same as a limitation. Well, I Cannot compare this which less cold but calls but There is no many things that you can apply so you can use atomic instructions you can use hardware localization and you can use In nothing else. So maybe two two approaches and spin locks. So three different approaches. So they near the same performance These scales differently, but conceptually the same So you can assume that Switchless calls mean has near the same performance Yes, please Like So the question is How local attestation works I will paraphrase this if you don't mind So the framework provides Primitives to create Encrypted channels by the use of local attestation and during the compiling fast the environment generates Signatures so a marine clave if you know what is it signatures of each enclave and You need to have let's say the root of trust so some one enclave that includes all marine claves Signatures inside so it's a sequential process. There is a root of trust There is the first enclave this enclave has a set of all or maybe subset of enclaves Communication channels and then you establish one two three four five. Let's say and sequentially They perform local attestation. So of course it's Cannot be very general approach. So currently it's tailored for Sequential initialization of in place and sequential generation of encrypted channels but this Job significant this environment significantly reduces the complexity of this procedure So if you can map your application to this design so like you can Sequentially establish connections between several in place Yes, you can apply in this framework immediately and the framework will generate necessary parts. Otherwise, well, otherwise you will need to Create let's say a Z got or something very Initial very very root of root of trust and this root of trust will establish connections between different Enclave so this will require you to modify the framework. Yes, please Managed Very very good question. The question is what about namespace inside it inside the network inside the framework to distinguish different actors and I would say no, there is no mechanism there is no mechanism for that because come you are absolutely right. So name discovery so this car or mechanism beach maps that maps Actors to unique names Well would be it's very complicated in general in distributed systems. So in the framework There is a mechanism for naming at it and identification of actors at the source code level so a tool which A tool that generates Binary's know something about source code of actors and their names But there is no independent mechanism for name discovery Yeah question I Wouldn't say this is a very recent so this diagram let's say two years old I would say that Each each microcode update cuts performance Very very significant I would say so this is the problem of updates Exactly The question is do Is this the right way to use messages instead of for equals At the beginning I did not consider so at some moment for some applications I thought that the use of equals is okay, but Now I don't think so. So I still believe that and I see this in numbers that a synchronous interface is much better However, it has significant drawback Because you cannot stop a threat inside the enclave and this threat anyway, we'll need to leave the enclave at some moment so And which means that anyway at some moment for some reason Or due to the reasons of scalability all any of my threat will leave them in place So in some form or call still exist, but the programming model doesn't rely on this that that's the pot. This is important Yes, please Please okay, how much time do you have? Yes, please As his own machine or version machine and then So what you're suggesting is that we get all bring off one single CPU and therefore get more efficiency because stuff is running More locally now this bears the question If we have to be distributed models right now Can you map them to your local thing? So assume this stuff is already running as people will be okay We want to do this First of all, yes Distributed the problems of distributed computing Applied for this design. Absolutely without any Exempt, let's say. I also consider this form of secure multiparty computation is a Mechanism to improve performance exactly so instead of let's say five different Separate machines like servers located in different Countries, let's say you have a platform where you upload your binaries and there they represent your original server and In this local in this local place They can compute much faster and then go back. Let's say that so that's the design in the background But but of course the problems related to try I mean the consensus Every funny BFT a raft and other stuff can be applied and should be of course We we don't solve this and we cannot solve this I think Locally on a Okay, thank you When you schedule your actor Because Firstly you can provide some mechanisms for some of the mechanism for setting Affinity was it exactly for this so when you want to color kate your code and data within the same core of the same core and If you want to and if you need a mechanism for scheduling this this mechanism also can be implemented at their Assignment level not inside in the source code. However This not It's not the primary approach to solve this problem I mean the problem when you need to leave an enclave and the best way I found it's not a part of the framework, but you need to have a Let's say at some moment when you cannot Get a message you need to leave an enclave manually, but you do this for not random, but Let's say statically identify statistically identified in per interval of time. There is nothing better. Oh, I don't know Thank you