Visible to the public SaTC: CORE: Small: Collaborative: Oblivious ISAs for Secure and Efficient Enclave ProgrammingConflict Detection Enabled

Project Details

Lead PI

Performance Period

Aug 15, 2018 - Jul 31, 2021


University of Texas at Austin

Award Number

Computing on personal data is critical for both personal and social good. For example, we write programs that predict early onset medical conditions and detect the spread of diseases before they become epidemics. However, such computing is fraught with privacy concerns because programs, and the hardware they run on, create a trail of clues that an attacker can observe to reconstruct personal data without ever seeing the data directly. This project will create computer systems that proactively leave no clues, i.e., no side-effects that can leak personal secrets.

The technical approach is to introduce a new Oblivious Instruction Set Architecture (OISA) for side-channel secure execution. The key idea in OISAs is to decouple the programming model from the concrete techniques that prevent information leaks. The first project thrust will investigate a range of Oblivious instructions---from simple oblivious instructions like an oblivious conditional move or oblivious load to more complex instructions like oblivious sort or floating point operations---to improve performance. The second project thrust will investigate how each of these instructions can be ported across threat models, e.g., digital and power side channels.

By decoupling threat model from programming model, OISAs will unlock innovation on both software and hardware fronts. Programmers can focus on identifying secret variables that are intrinsic to applications, while abstracting out micro-architecture and threat model details. Hardware architects can focus on how to efficiently protect those secrets, and how to patch existing implementations when new threats emerge. To support this philosophy, the project will train a new class of students and researchers who can work across circuits, micro-architecture, compilers and applied cryptography to build secure systems and, in the future, apply the lessons learned to other high-impact problems that require cross-layer solutions.

The OISA project will store all publications, code, and data-sets on public-facing websites, hosted at both University of Texas and Illinois for at least 3 years after the end of the project. This information will be made available via commercial websites. Links to these websites will be mirrored at and