Cryonics: Trustworthy Function-as-a-Service using Snapshot-based Enclaves

Abstract

Recent research has proposed the use of trusted execution environments (TEEs), such as SGX, in serverless computing to safeguard against threats from insecure system software, malicious co-located tenants, or suspicious cloud operators. However, integrating SGX, one of the most mature TEE, with serverless computing results in significant performance degradation due to the function startup latency caused by enclave creation. This performance degradation arises because SGX is not designed with serverless function startup procedures in mind, where numerous application codes, libraries, and data are re-initialized upon each function invocation. The inherent limitations of SGX contribute to significant performance degradation, whether through the addition of every page into the enclave, or the restriction of page permissions, which ultimately cause TLB flushes, context switches, and re-entering the enclave. In this paper, we first take key observations resident in the intrinsic features of the server-less function and propose Cryonics, a method of serving snapshot-based enclave that accelerates the startup time of the function instance by creating a future-proof working set of that. We consider the page locality and obsolete pages of the enclaved function instance to create a lightweight working set used for serving requests. Our evaluation shows that Cryonics achieves up to 100x outperformed startup time compared to existing cold-start-based methods and reveals the stability of the startup time.