English
Related papers

Related papers: Practical Enclave Malware with Intel SGX

200 papers

Intel SGX (Software Guard Extension) is a promising TEE (trusted execution environment) technique that can protect programs running in user space from being maliciously accessed by the host operating system. Although it provides hardware…

Cryptography and Security · Computer Science 2022-08-24 Yang Chen , Jianfeng Jiang , Shoumeng Yan , Hui Xu

Recent research has demonstrated that Intel's SGX is vulnerable to software-based side-channel attacks. In a common attack, the adversary monitors CPU caches to infer secret-dependent data accesses patterns. Known defenses have major…

Cryptography and Security · Computer Science 2019-12-13 Ferdinand Brasser , Srdjan Capkun , Alexandra Dmitrienko , Tommaso Frassetto , Kari Kostiainen , Ahmad-Reza Sadeghi

Intel Software Guard Extensions (SGX) is a promising hardware-based technology for protecting sensitive computations from potentially compromised system software. However, recent research has shown that SGX is vulnerable to branch-shadowing…

Cryptography and Security · Computer Science 2018-10-04 Shohreh Hosseinzadeh , Hans Liljestrand , Ville Leppänen , Andrew Paverd

Intel SGX Guard eXtensions (SGX), a hardware-supported trusted execution environment (TEE), is designed to protect security-sensitive applications. However, since enclave applications are developed with memory unsafe languages such as…

Cryptography and Security · Computer Science 2020-05-14 Huibo Wang , Mingshen Sun , Qian Feng , Pei Wang , Tongxin Li , Yu Ding

Intel(R) Software Guard eXtensions (SGX) is a hardware-based technology for ensuring security of sensitive data from disclosure or modification that enables user-level applications to allocate protected areas of memory called enclaves. Such…

Cryptography and Security · Computer Science 2017-11-01 Rodolfo Silva , Pedro Barbosa , Andrey Brito

Intel Software Guard Extensions (SGX) enables user-level code to create private memory regions called enclaves, whose code and data are protected by the CPU from software and hardware attacks outside the enclaves. Recent work introduces…

Operating Systems · Computer Science 2020-01-22 Youren Shen , Hongliang Tian , Yu Chen , Kang Chen , Runji Wang , Yi Xu , Yubin Xia

Modern ransomware often generate and manage cryptographic keys on the victim's machine, giving defenders an opportunity to capture exposed keys and recover encrypted data without paying the ransom. However, recent work has raised the…

Cryptography and Security · Computer Science 2021-07-21 Alpesh Bhudia , Daniel O'Keeffe , Daniele Sgandurra , Darren Hurley-Smith

The latest generation of Intel processors supports Software Guard Extensions (SGX), a set of instructions that implements a Trusted Execution Environment (TEE) right inside the CPU, by means of so-called enclaves. This paper presents…

Performance · Computer Science 2019-06-27 Sébastien Vaucher , Valerio Schiavoni , Pascal Felber

Hardware support for trusted execution in modern CPUs enables tenants to shield their data processing workloads in otherwise untrusted cloud environments. Runtime systems for the trusted execution must rely on an interface to the untrusted…

Operating Systems · Computer Science 2020-01-22 Christian Priebe , Divya Muthukumaran , Joshua Lind , Huanzhou Zhu , Shujie Cui , Vasily A. Sartakov , Peter Pietzuch

Content-based routing (CBR) is a powerful model that supports scalable asynchronous communication among large sets of geographically distributed nodes. Yet, preserving privacy represents a major limitation for the wide adoption of CBR,…

Distributed, Parallel, and Cluster Computing · Computer Science 2017-01-18 Rafael Pires , Marcelo Pasin , Pascal Felber , Christof Fetzer

Hardware-supported security mechanisms like Intel Software Guard Extensions (SGX) provide strong security guarantees, which are particularly relevant in cloud settings. However, their reliance on physical hardware conflicts with cloud…

Cryptography and Security · Computer Science 2018-10-04 Fritz Alder , Arseny Kurnikov , Andrew Paverd , N. Asokan

Intel SGX is known to be vulnerable to a class of practical attacks exploiting memory access pattern side-channels, notably page-fault attacks and cache timing attacks. A promising hardening scheme is to wrap applications in hardware…

Cryptography and Security · Computer Science 2022-12-29 Yuzhe Tang , Kai Li , Yibo Wang , Jiaqi Chen , Cheng Xu

We explore the use of SGX enclaves as a means to improve the security of handling keys and data in storage systems. We study two main configurations for SGX computations, as they apply to performing data-at-rest encryption in a storage…

Cryptography and Security · Computer Science 2018-06-29 Danny Harnik , Eliad Tsfadia , Doron Chen , Ronen Kat

User programs recover from hardware exceptions and respond to signals by executing custom handlers that they register specifically for such events. We present SIGY attack, which abuses this programming model on Intel SGX to break the…

Cryptography and Security · Computer Science 2024-04-23 Supraja Sridhara , Andrin Bertschi , Benedict Schlüter , Shweta Shinde

Integrity is critical for maintaining system security, as it ensures that only genuine software is loaded onto a machine. Although confidential virtual machines (CVMs) function within isolated environments separate from the host, it is…

Cryptography and Security · Computer Science 2024-10-25 Wenhao Wang , Linke Song , Benshan Mei , Shuang Liu , Shijun Zhao , Shoumeng Yan , XiaoFeng Wang , Dan Meng , Rui Hou

A promising approach for designing critical embedded systems is based on virtualization technologies and multi-core platforms. These enable the deployment of both real-time and general-purpose systems with different criticalities in a…

Software Engineering · Computer Science 2019-09-23 Luigi De Simone , Giovanni Mazzeo

We introduce a new timing side-channel attack on Intel CPU processors. Our Frontal attack exploits timing differences that arise from how the CPU frontend fetches and processes instructions while being interrupted. In particular, we observe…

Cryptography and Security · Computer Science 2021-06-08 Ivan Puddu , Moritz Schneider , Miro Haller , Srdjan Čapkun

Cloud providers are extending support for trusted hardware primitives such as Intel SGX. Simultaneously, the field of deep learning is seeing enormous innovation as well as an increase in adoption. In this paper, we ask a timely question:…

Cryptography and Security · Computer Science 2019-09-06 Karan Grover , Shruti Tople , Shweta Shinde , Ranjita Bhagwan , Ramachandran Ramjee

In modern computing environments, hardware resources are commonly shared, and parallel computation is widely used. Parallel tasks can cause privacy and security problems if proper isolation is not enforced. Intel proposed SGX to create a…

Cryptography and Security · Computer Science 2017-08-22 Ahmad Moghimi , Gorka Irazoqui , Thomas Eisenbarth

Enclaves, such as those enabled by Intel SGX, offer a powerful hardware isolation primitive for application partitioning. To become universally usable on future commodity OSes, enclave designs should offer compatibility with existing…

Cryptography and Security · Computer Science 2020-09-03 Shweta Shinde , Jinhua Cui , Satyaki Sen , Pinghai Yuan , Prateek Saxena