English
Related papers

Related papers: Mitigating Branch-Shadowing Attacks on Intel SGX u…

200 papers

Protected-module architectures (PMAs) have been proposed to provide strong isolation guarantees, even on top of a compromised system. Unfortunately, Intel SGX -- the only publicly available high-end PMA -- has been shown to only provide…

Cryptography and Security · Computer Science 2017-12-25 Raoul Strackx , Frank Piessens

Intel SGX has been a popular trusted execution environment (TEE) for protecting the integrity and confidentiality of applications running on untrusted platforms such as cloud. However, the access patterns of SGX-based programs can still be…

Cryptography and Security · Computer Science 2020-09-09 A K M Mubashwir Alam , Sagar Sharma , Keke Chen

Trusted Execution Environments, such as Intel SGX, use hardware supports to ensure the confidentiality and integrity of applications against a compromised cloud system. However, side channels like access patterns remain for adversaries to…

Cryptography and Security · Computer Science 2023-08-15 AKM Mubashwir Alam , Justin Boyce , Keke Chen

Forking attacks against TEEs like Intel SGX can be carried out either by rolling back the application to a previous state, or by cloning the application and by partitioning its inputs across the cloned instances. Current solutions to…

Cryptography and Security · Computer Science 2023-10-05 Samira Briongos , Ghassan Karame , Claudio Soriente , Annika Wilde

The last level cache is vulnerable to timing based side channel attacks because it is shared by the attacker and the victim processes even if they are located on different cores. These timing attacks evict the victim cache lines using small…

Cryptography and Security · Computer Science 2019-09-30 Kartik Ramkrishnan , Antonia Zhai , Stephen McCamant , Pen Chung Yew

Embedded devices in the Internet of Things (IoT) face a wide variety of security challenges. For example, software attackers perform code injection and code-reuse attacks on their remote interfaces, and physical access to IoT devices allows…

Cryptography and Security · Computer Science 2018-02-20 Mario Werner , Thomas Unterluggauer , David Schaffenrath , Stefan Mangard

Intel(r) Software Guard Extensions (SGX) was originally released on client platforms and later extended to single socket server platforms. As developers have become familiar with the capabilities of the technology, the applicability of this…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-07-14 Simon Johnson , Raghunandan Makaram , Amy Santoni , Vinnie Scarlata

As power consumption from AI training and inference continues to increase, AI accelerators are being integrated directly into the CPU. Intel's Advanced Matrix Extensions (AMX) is one such example, debuting on the 4th generation Intel Xeon…

Cryptography and Security · Computer Science 2025-10-06 Joshua Kalyanapu , Farshad Dizani , Darsh Asher , Azam Ghanbari , Rosario Cammarota , Aydin Aysu , Samira Mirbagher Ajorpaz

Modern processors have suffered a deluge of threats exploiting branch instruction collisions inside the branch prediction unit (BPU), from eavesdropping on secret-related branch operations to triggering malicious speculative executions.…

Cryptography and Security · Computer Science 2022-04-22 Tao Zhang , Timothy Lesch , Kenneth Koltermann , Dmitry Evtyushkin

To mitigate interrupt-based stepping attacks (notably using SGX-Step), Intel introduced AEX-Notify, an ISA extension to Intel SGX that aims to prevent deterministic single-stepping. In this work, we introduce AEX-NStep, the first interrupt…

Cryptography and Security · Computer Science 2025-10-17 Nicolas Dutly , Friederike Groschupp , Ivan Puddu , Kari Kostiainen , Srdjan Capkun

MapReduce is a programming model used extensively for parallel data processing in distributed environments. A wide range of algorithms were implemented using MapReduce, from simple tasks like sorting and searching up to complex clustering…

Distributed, Parallel, and Cluster Computing · Computer Science 2017-05-17 Rafael Pires , Daniel Gavril , Pascal Felber , Emanuel Onica , Marcelo Pasin

Computer systems often provide hardware support for isolation mechanisms like privilege levels, virtual memory, or enclaved execution. Over the past years, several successful software-based side-channel attacks have been developed that…

Cryptography and Security · Computer Science 2020-01-30 Matteo Busi , Job Noorman , Jo Van Bulck , Letterio Galletta , Pierpaolo Degano , Jan Tobias Mühlberg , Frank Piessens

A protocol for two-party secure function evaluation (2P-SFE) aims to allow the parties to learn the output of function $f$ of their private inputs, while leaking nothing more. In a sense, such a protocol realizes a trusted oracle that…

Process-based confidential computing enclaves such as Intel SGX can be used to protect the confidentiality and integrity of workloads, without the overhead of virtualisation. However, they introduce a notable performance overhead,…

Cryptography and Security · Computer Science 2021-12-15 Jakob Svenningsson , Nicolae Paladi , Arash Vahidi

Control-Flow Hijacking attacks are the dominant attack vector against C/C++ programs. Control-Flow Integrity (CFI) solutions mitigate these attacks on the forward edge,i.e., indirect calls through function pointers and virtual calls.…

Cryptography and Security · Computer Science 2019-11-26 Nathan Burow , Xinping Zhang , Mathias Payer

Trusted Execution Environments (TEEs) are gaining popularity as an effective means to provide confidentiality in the cloud. TEEs, such as Intel SGX, suffer from so-called rollback and cloning attacks (often referred to as forking attacks).…

Cryptography and Security · Computer Science 2026-01-15 Annika Wilde , Samira Briongos , Claudio Soriente , Ghassan Karame

Since its debut, SGX has been used in many applications, e.g., secure data processing. However, previous systems usually assume a trusted enclave and ignore the security issues caused by an untrusted enclave. For instance, a vulnerable (or…

Cryptography and Security · Computer Science 2020-10-26 Yuan Chen , Jiaqi Li , Guorui Xu , Yajin Zhou , Zhi Wang , Cong Wang , Kui Ren

Hardware support for trusted execution in modern CPUs enables tenants to shield their data processing workloads in otherwise untrusted cloud environments. Runtime systems for the trusted execution must rely on an interface to the untrusted…

Operating Systems · Computer Science 2020-01-22 Christian Priebe , Divya Muthukumaran , Joshua Lind , Huanzhou Zhu , Shujie Cui , Vasily A. Sartakov , Peter Pietzuch

Dynamic partial reconfiguration enables multi-tenancy in cloud-based FPGAs, which presents security challenges for tenants, IPs, and data. Malicious users can exploit FPGAs for remote side-channel attacks (SCAs), and shared on-chip…

Cryptography and Security · Computer Science 2023-03-14 Mahya Morid Ahmadi , Faiq Khalid , Radha Vaidya , Florian Kriebel , Andreas Steininger , Muhammad Shafique

Spectre attacks and their many subsequent variants are a new vulnerability class affecting modern CPUs. The attacks rely on the ability to misguide speculative execution, generally by exploiting the branch prediction structures, to execute…

Cryptography and Security · Computer Science 2019-12-06 Esmaeil Mohammadian Koruyeh , Shirin Haji Amin Shirazi , Khaled N. Khasawneh , Chengyu Song , Nael Abu-Ghazaleh