English
Related papers

Related papers: SGX-LKL: Securing the Host OS Interface for Truste…

200 papers

Intel SGX Guard eXtensions (SGX), a hardware-supported trusted execution environment (TEE), is designed to protect security-sensitive applications. However, since enclave applications are developed with memory unsafe languages such as…

Cryptography and Security · Computer Science 2020-05-14 Huibo Wang , Mingshen Sun , Qian Feng , Pei Wang , Tongxin Li , Yu Ding

Searchable encryption (SE) is one of the key enablers for building encrypted databases. It allows a cloud server to search over encrypted data without decryption. Dynamic SE additionally includes data addition and deletion operations to…

Cryptography and Security · Computer Science 2020-04-13 Viet Vo , Shangqi Lai , Xingliang Yuan , Shi-Feng Sun , Surya Nepal , Joseph K. Liu

Data exfiltration attacks have led to huge data breaches. Recently, the Equifax attack affected 147M users and a third-party library - Apache Struts - was alleged to be responsible for it. These attacks often exploit the fact that sensitive…

Cryptography and Security · Computer Science 2019-07-09 Qi Zhang , Zehra Sura , Ashish Kundu , Gong Su , Arun Iyengar , Ling Liu

Encrypting data before sending it to the cloud protects it against hackers and malicious insiders, but requires the cloud to compute on encrypted data. Trusted (hardware) modules, e.g., secure enclaves like Intel's SGX, can very efficiently…

Cryptography and Security · Computer Science 2017-10-03 Andreas Fischer , Benny Fuhry , Florian Kerschbaum , Eric Bodden

Hardware-based Trusted execution environments (TEEs) offer an isolation granularity of virtual machine abstraction. They provide confidential VMs (CVMs) that host security-sensitive code and data. AMD SEV-SNP and Intel TDX enable CVMs and…

Cryptography and Security · Computer Science 2024-04-05 Benedict Schlüter , Supraja Sridhara , Mark Kuhne , Andrin Bertschi , Shweta Shinde

Browsers, Library OSes, and system emulators rely on sandboxes and in-process isolation to emulate system resources and securely isolate untrusted components. All access to system resources like system calls (syscall) need to be securely…

Cryptography and Security · Computer Science 2024-06-12 Fangfei Yang , Anjo Vahldiek-Oberwagner , Chia-Che Tsai , Kelly Kaoudis , Nathan Dautenhahn

Trusted Execution Environments (TEEs), such as Intel SGX and ARM TrustZone, provide isolated regions of CPU and memory for secure computation and are increasingly used to protect sensitive data and code across diverse application domains.…

Software Engineering · Computer Science 2026-01-21 Yuqing Niu , Jieke Shi , Ruidong Han , Ye Liu , Chengyan Ma , Yunbo Lyu , David Lo

Content-based routing (CBR) is a powerful model that supports scalable asynchronous communication among large sets of geographically distributed nodes. Yet, preserving privacy represents a major limitation for the wide adoption of CBR,…

Distributed, Parallel, and Cluster Computing · Computer Science 2017-01-18 Rafael Pires , Marcelo Pasin , Pascal Felber , Christof Fetzer

We present S3ML, a secure serving system for machine learning inference in this paper. S3ML runs machine learning models in Intel SGX enclaves to protect users' privacy. S3ML designs a secure key management service to construct flexible…

Machine Learning · Computer Science 2020-10-14 Junming Ma , Chaofan Yu , Aihui Zhou , Bingzhe Wu , Xibin Wu , Xingyu Chen , Xiangqun Chen , Lei Wang , Donggang Cao

The Intel Software Guard Extensions (SGX) technology enables applications to run in an isolated SGX enclave environment, with elevated confidentiality and integrity guarantees. Gramine Library OS facilitates execution of existing unmodified…

Cryptography and Security · Computer Science 2022-03-04 Dmitrii Kuvaiskii , Gaurav Kumar , Mona Vij

Intel SGX enables memory isolation and static integrity verification of code and data stored in user-space memory regions called enclaves. SGX effectively shields the execution of enclaves from the underlying untrusted OS. Attackers cannot…

Cryptography and Security · Computer Science 2022-06-16 Flavio Toffalini , Mathias Payer , Jianying Zhou , Lorenzo Cavallaro

Network Function Virtualization (NFV) promises the benefits of reduced infrastructure, personnel, and management costs by outsourcing network middleboxes to the public or private cloud. Unfortunately, running network functions in the cloud…

Networking and Internet Architecture · Computer Science 2018-02-05 Dmitrii Kuvaiskii , Somnath Chakrabarti , Mona Vij

Novel confidential computing technologies such as Intel TDX, AMD SEV, and Arm CCA have recently emerged. In practice, due to its minimal trust boundaries, Intel SGX still remains widely used for enclave-based applications in cloud…

Cryptography and Security · Computer Science 2026-05-11 Matti Schulze , Thorsten Holz , Felix Freiling

Trusted execution environments like Intel SGX provide \emph{enclaves}, which offer strong security guarantees for applications. Running entire applications inside enclaves is possible, but this approach leads to a large trusted computing…

Cryptography and Security · Computer Science 2023-12-21 Peterson Yuhala , Pascal Felber , Hugo Guiroux , Jean-Pierre Lozi , Alain Tchana , Valerio Schiavoni , Gaël Thomas

Cloud providers are extending support for trusted hardware primitives such as Intel SGX. Simultaneously, the field of deep learning is seeing enormous innovation as well as an increase in adoption. In this paper, we ask a timely question:…

Cryptography and Security · Computer Science 2019-09-06 Karan Grover , Shruti Tople , Shweta Shinde , Ranjita Bhagwan , Ramachandran Ramjee

Attestation is a fundamental building block to establish trust over software systems. When used in conjunction with trusted execution environments, it guarantees that genuine code is executed even when facing strong attackers, paving the…

Cryptography and Security · Computer Science 2022-04-19 Jämes Ménétrey , Christian Göttel , Marcelo Pasin , Pascal Felber , Valerio Schiavoni

Side-channel risks of Intel's SGX have recently attracted great attention. Under the spotlight is the newly discovered page-fault attack, in which an OS-level adversary induces page faults to observe the page-level access patterns of a…

Cryptography and Security · Computer Science 2026-03-03 Wenhao Wang , Guoxing Chen , Xiaorui Pan , Yinqian Zhang , XiaoFeng Wang , Vincent Bindschaedler , Haixu Tang , Carl A. Gunter

Computer systems often provide hardware support for isolation mechanisms like privilege levels, virtual memory, or enclaved execution. Over the past years, several successful software-based side-channel attacks have been developed that…

Cryptography and Security · Computer Science 2020-01-30 Matteo Busi , Job Noorman , Jo Van Bulck , Letterio Galletta , Pierpaolo Degano , Jan Tobias Mühlberg , Frank Piessens

Applications running in Trusted Execution Environments (TEEs) commonly use untrusted external services such as host File System. Adversaries may maliciously alter the normal service behavior to trigger subtle application bugs that would…

Cryptography and Security · Computer Science 2022-11-15 Meni Orenbach , Bar Raveh , Alon Berkenstadt , Yan Michalevsky , Shachar Itzhaky , Mark Silberstein

We present IPU Trusted Extensions (ITX), a set of experimental hardware extensions that enable trusted execution environments in Graphcore's AI accelerators. ITX enables the execution of AI workloads with strong confidentiality and…

‹ Prev 1 3 4 5 6 7 10 Next ›