English
Related papers

Related papers: SGX-LKL: Securing the Host OS Interface for Truste…

200 papers

Intel(r) Software Guard Extensions (SGX) was originally released on client platforms and later extended to single socket server platforms. As developers have become familiar with the capabilities of the technology, the applicability of this…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-07-14 Simon Johnson , Raghunandan Makaram , Amy Santoni , Vinnie Scarlata

Trusted execution environments (TEEs) such as \intelsgx facilitate the secure execution of an application on untrusted machines. Sadly, such environments suffer from serious limitations and performance overheads in terms of writing back…

Cryptography and Security · Computer Science 2022-05-16 Sandeep Kumar , Abhisek Panda , Smruti R. Sarangi

We explore the use of SGX enclaves as a means to improve the security of handling keys and data in storage systems. We study two main configurations for SGX computations, as they apply to performing data-at-rest encryption in a storage…

Cryptography and Security · Computer Science 2018-06-29 Danny Harnik , Eliad Tsfadia , Doron Chen , Ronen Kat

Enclaves have emerged as a particularly compelling primitive to implement trusted execution environments: strongly isolated sensitive user-mode processes in a largely untrusted software environment. While the threat models employed by…

Cryptography and Security · Computer Science 2018-12-31 Ilia Lebedev , Kyle Hogan , Jules Drean , David Kohlbrenner , Dayeol Lee , Krste Asanović , Dawn Song , Srinivas Devadas

Hardware-supported security mechanisms like Intel Software Guard Extensions (SGX) provide strong security guarantees, which are particularly relevant in cloud settings. However, their reliance on physical hardware conflicts with cloud…

Cryptography and Security · Computer Science 2018-10-04 Fritz Alder , Arseny Kurnikov , Andrew Paverd , N. Asokan

A promising approach for designing critical embedded systems is based on virtualization technologies and multi-core platforms. These enable the deployment of both real-time and general-purpose systems with different criticalities in a…

Software Engineering · Computer Science 2019-09-23 Luigi De Simone , Giovanni Mazzeo

In-storage computing with modern solid-state drives (SSDs) enables developers to offload programs from the host to the SSD. It has been proven to be an effective approach to alleviating the I/O bottleneck. To facilitate in-storage…

Cryptography and Security · Computer Science 2022-05-16 Yuqi Xue , Luyi Kang , Weiwei Jia , Xiaohao Wang , Jongryool Kim , Changhwan Youn , Myeong Joon Kang , Hyung Jin Lim , Bruce Jacob , Jian Huang

Enclaves, such as those enabled by Intel SGX, offer a hardware primitive for shielding user-level applications from the OS. While enclaves are a useful starting point, code running in the enclave requires additional checks whenever control…

Cryptography and Security · Computer Science 2021-03-30 Jinhua Cui , Shweta Shinde , Satyaki Sen , Prateek Saxena , Pinghai Yuan

This paper presents SgxPectre Attacks that exploit the recently disclosed CPU bugs to subvert the confidentiality and integrity of SGX enclaves. Particularly, we show that when branch prediction of the enclave code can be influenced by…

Cryptography and Security · Computer Science 2019-09-12 Guoxing Chen , Sanchuan Chen , Yuan Xiao , Yinqian Zhang , Zhiqiang Lin , Ten H. Lai

Security and privacy concerns in computer systems have grown in importance with the ubiquity of connected devices. TEEs provide security guarantees based on cryptographic constructs built in hardware. Intel software guard extensions (SGX),…

Cryptography and Security · Computer Science 2020-03-12 Rafael Pereira Pires

Intel SGX is known to be vulnerable to a class of practical attacks exploiting memory access pattern side-channels, notably page-fault attacks and cache timing attacks. A promising hardening scheme is to wrap applications in hardware…

Cryptography and Security · Computer Science 2022-12-29 Yuzhe Tang , Kai Li , Yibo Wang , Jiaqi Chen , Cheng Xu

Trusted Execution Environments (TEEs) are gaining popularity as an effective means to provide confidentiality in the cloud. TEEs, such as Intel SGX, suffer from so-called rollback and cloning attacks (often referred to as forking attacks).…

Cryptography and Security · Computer Science 2026-01-15 Annika Wilde , Samira Briongos , Claudio Soriente , Ghassan Karame

In-storage computing with modern solid-state drives (SSDs) enables developers to offload programs from the host to the SSD. It has been proven to be an effective approach to alleviate the I/O bottleneck. To facilitate in-storage computing,…

Hardware Architecture · Computer Science 2021-09-09 Luyi Kang , Yuqi Xue , Weiwei Jia , Xiaohao Wang , Jongryool Kim , Changhwan Youn , Myeong Joon Kang , Hyung Jin Lim , Bruce Jacob , Jian Huang

Intel SGX provisions shielded executions for security-sensitive computation, but lacks support for trusted system services (TSS), such as clock, network and filesystem. This makes \textit{enclaves} vulnerable to Iago…

Cryptography and Security · Computer Science 2021-03-01 Hongliang Liang , Mingyu Li , Qiong Zhang , Yue Yu , Lin Jiang , Yixiu Chen

Confidential computing safeguards sensitive computations from untrusted clouds, with Confidential Virtual Machines (CVMs) providing a secure environment for guest OS. However, CVMs often come with large and vulnerable operating system…

Cryptography and Security · Computer Science 2024-07-19 Benshan Mei , Saisai Xia , Wenhao Wang , Dongdai Lin

New types of Trusted Execution Environment (TEE) architectures like TrustLite and Intel Software Guard Extensions (SGX) are emerging. They bring new features that can lead to innovative security and privacy solutions. But each new TEE…

Cryptography and Security · Computer Science 2015-07-01 Thomas Nyman , Brian McGillion , N. Asokan

In modern computing environments, hardware resources are commonly shared, and parallel computation is widely used. Parallel tasks can cause privacy and security problems if proper isolation is not enforced. Intel proposed SGX to create a…

Cryptography and Security · Computer Science 2017-08-22 Ahmad Moghimi , Gorka Irazoqui , Thomas Eisenbarth

Malware attacks are a significant part of the new software security threats detected each year. Intel Software Guard Extensions (SGX) are a set of hardware instructions introduced by Intel in their recent lines of processors that are…

Cryptography and Security · Computer Science 2020-09-24 Vlad Crăciun , Pascal Felber , Andrei Mogage , Emanuel Onica , Rafael Pires

New trusted computing primitives such as Intel SGX have shown the feasibility of running user-level applications in enclaves on a commodity trusted processor without trusting a large OS. However, the OS can still compromise the integrity of…

Cryptography and Security · Computer Science 2019-09-23 Shweta Shinde , Shengyi Wang , Pinghai Yuan , Aquinas Hobor , Abhik Roychoudhury , Prateek Saxena

The big data industry is facing new challenges as concerns about privacy leakage soar. One of the remedies to privacy breach incidents is to encapsulate computations over sensitive data within hardware-assisted Trusted Execution…

Software Engineering · Computer Science 2020-05-12 Pei Wang , Yu Ding , Mingshen Sun , Huibo Wang , Tongxin Li , Rundong Zhou , Zhaofeng Chen , Yiming Jing