English
Related papers

Related papers: Mitigating Branch-Shadowing Attacks on Intel SGX u…

200 papers

Intel SGX and hypervisors isolate non-privileged programs from other software, ensuring confidentiality and integrity. However, side-channel attacks continue to threaten Intel SGX's security, enabling malicious OS to manipulate PTE present…

Cryptography and Security · Computer Science 2025-09-05 Gang Liu , Ningjie Li , Cen Chen

Side-channel risks of Intel's SGX have recently attracted great attention. Under the spotlight is the newly discovered page-fault attack, in which an OS-level adversary induces page faults to observe the page-level access patterns of a…

Cryptography and Security · Computer Science 2026-03-03 Wenhao Wang , Guoxing Chen , Xiaorui Pan , Yinqian Zhang , XiaoFeng Wang , Vincent Bindschaedler , Haixu Tang , Carl A. Gunter

The latest generation of Intel processors supports Software Guard Extensions (SGX), a set of instructions that implements a Trusted Execution Environment (TEE) right inside the CPU, by means of so-called enclaves. This paper presents…

Performance · Computer Science 2019-06-27 Sébastien Vaucher , Valerio Schiavoni , Pascal Felber

Intel's Software Guard Extensions (SGX) introduced new instructions to switch the processor to enclave mode which protects it from introspection. While the enclave mode strongly protects the memory and the state of the processor, it cannot…

Cryptography and Security · Computer Science 2020-07-17 Tobias Cloosters , Michael Rodler , Lucas Davi

Trusted Execution Environments (TEEs), such as Intel's Software Guard Extensions (SGX), are increasingly being adopted to address trust and compliance issues in the public cloud. Intel SGX's second generation (SGXv2) addresses many…

Databases · Computer Science 2025-01-24 Adrian Lutsch , Muhammad El-Hindi , Matthias Heinrich , Daniel Ritter , Zsolt István , Carsten Binnig

Hardware-supported security mechanisms like Intel Software Guard Extensions (SGX) provide strong security guarantees, which are particularly relevant in cloud settings. However, their reliance on physical hardware conflicts with cloud…

Cryptography and Security · Computer Science 2018-10-04 Fritz Alder , Arseny Kurnikov , Andrew Paverd , N. Asokan

Application security traditionally strongly relies upon security of the underlying operating system. However, operating systems often fall victim to software attacks, compromising security of applications as well. To overcome this…

Cryptography and Security · Computer Science 2017-01-05 Samuel Weiser , Mario Werner

Intel SGX enables memory isolation and static integrity verification of code and data stored in user-space memory regions called enclaves. SGX effectively shields the execution of enclaves from the underlying untrusted OS. Attackers cannot…

Cryptography and Security · Computer Science 2022-06-16 Flavio Toffalini , Mathias Payer , Jianying Zhou , Lorenzo Cavallaro

Modern CPU architectures offer strong isolation guarantees towards user applications in the form of enclaves. For instance, Intel's threat model for SGX assumes fully trusted enclaves, yet there is an ongoing debate on whether this threat…

Cryptography and Security · Computer Science 2019-02-12 Michael Schwarz , Samuel Weiser , Daniel Gruss

Besides Intel's SGX technology, there are long-running discussions on how trusted computing technologies can be used to cloak malware. Past research showed example methods of malicious activities utilising Flicker, Trusted Platform Module,…

Cryptography and Security · Computer Science 2022-11-02 Kubilay Ahmet Küçük , Steve Moyle , Andrew Martin , Alexandru Mereacre , Nicholas Allott

Modern processors can offer hardware primitives that allow a process to run in isolation. These primitives implement a trusted execution environment (TEE) in which a program can run such that the integrity and confidentiality of its…

Cryptography and Security · Computer Science 2021-05-14 Pedro Antonino , Wojciech Aleksander Wołoszyn , A. W. Roscoe

New hardware primitives such as Intel SGX secure a user-level process in presence of an untrusted or compromised OS. Such "enclaved execution" systems are vulnerable to several side-channels, one of which is the page fault channel. In this…

Cryptography and Security · Computer Science 2016-01-13 Shweta Shinde , Zheng Leong Chua , Viswesh Narayanan , Prateek Saxena

Security and privacy concerns in computer systems have grown in importance with the ubiquity of connected devices. TEEs provide security guarantees based on cryptographic constructs built in hardware. Intel software guard extensions (SGX),…

Cryptography and Security · Computer Science 2020-03-12 Rafael Pereira Pires

Intel Software Guard Extension (SGX) offers software applications enclave to protect their confidentiality and integrity from malicious operating systems. The SSL/TLS protocol, which is the de facto standard for protecting transport-layer…

Cryptography and Security · Computer Science 2017-09-28 Yuan Xiao , Mengyuan Li , Sanchuan Chen , Yinqian Zhang

Stream processing systems are important in modern applications in which data arrive continuously and need to be processed in real time. Because of their resource and scalability requirements, many of these systems run on the cloud, which is…

Cryptography and Security · Computer Science 2025-10-16 Hung Pham , Viet Vo , Tien Tuan Anh Dinh , Duc Tran , Shuhao Zhang

Exceptions are a commodity hardware functionality which is central to multi-tasking OSes as well as event-driven user applications. Normally, the OS assists the user application by lifting the semantics of exceptions received from hardware…

Cryptography and Security · Computer Science 2021-10-14 Jinhua Cui , Jason Zhijingcheng Yu , Shweta Shinde , Prateek Saxena , Zhiping Cai

Control-flow leakage (CFL) attacks enable an attacker to expose control-flow decisions of a victim program via side-channel observations. Linearization (i.e., elimination) of secret-dependent control flow is the main countermeasure against…

Cryptography and Security · Computer Science 2025-02-12 Hans Winderix , Marton Bognar , Lesly-Ann Daniel , Frank Piessens

Trusted execution environments (TEE) such as Intel's Software Guard Extension (SGX) have been widely studied to boost security and privacy protection for the computation of sensitive data such as human genomics. However, a performance…

Cryptography and Security · Computer Science 2021-07-28 Chathura Widanage , Weijie Liu , Jiayu Li , Hongbo Chen , XiaoFeng Wang , Haixu Tang , Judy Fox

Network Function Virtualization (NFV) promises the benefits of reduced infrastructure, personnel, and management costs by outsourcing network middleboxes to the public or private cloud. Unfortunately, running network functions in the cloud…

Networking and Internet Architecture · Computer Science 2018-02-05 Dmitrii Kuvaiskii , Somnath Chakrabarti , Mona Vij

Machine learning has become a critical component of modern data-driven online services. Typically, the training phase of machine learning techniques requires to process large-scale datasets which may contain private and sensitive…

Cryptography and Security · Computer Science 2019-02-13 Roland Kunkel , Do Le Quoc , Franz Gregor , Sergei Arnautov , Pramod Bhatotia , Christof Fetzer