English

Leaking Uninitialized Secure Enclave Memory via Structure Padding (Extended Abstract)

Cryptography and Security 2017-10-26 v1

Abstract

Intel software guard extensions (SGX) aims to provide an isolated execution environment, known as an enclave, for a user-level process to maximize its confidentiality and integrity. In this paper, we study how uninitialized data inside a secure enclave can be leaked via structure padding. We found that, during ECALL and OCALL, proxy functions that are automatically generated by the Intel SGX Software Development Kit (SDK) fully copy structure variables from an enclave to the normal memory to return the result of an ECALL function and to pass input parameters to an OCALL function. If the structure variables contain padding bytes, uninitialized enclave memory, which might contain confidential data like a private key, can be copied to the normal memory through the padding bytes. We also consider potential countermeasures against these security threats.

Keywords

Cite

@article{arxiv.1710.09061,
  title  = {Leaking Uninitialized Secure Enclave Memory via Structure Padding (Extended Abstract)},
  author = {Sangho Lee and Taesoo Kim},
  journal= {arXiv preprint arXiv:1710.09061},
  year   = {2017}
}

Comments

4 pages

R2 v1 2026-06-22T22:24:53.367Z