English
Related papers

Related papers: Dynamic Binary Translation for SGX Enclaves

200 papers

Enclaves, such as those enabled by Intel SGX, offer a powerful hardware isolation primitive for application partitioning. To become universally usable on future commodity OSes, enclave designs should offer compatibility with existing…

Cryptography and Security · Computer Science 2020-09-03 Shweta Shinde , Jinhua Cui , Satyaki Sen , Pinghai Yuan , Prateek Saxena

Process-based confidential computing enclaves such as Intel SGX can be used to protect the confidentiality and integrity of workloads, without the overhead of virtualisation. However, they introduce a notable performance overhead,…

Cryptography and Security · Computer Science 2021-12-15 Jakob Svenningsson , Nicolae Paladi , Arash Vahidi

Hardware support for trusted execution in modern CPUs enables tenants to shield their data processing workloads in otherwise untrusted cloud environments. Runtime systems for the trusted execution must rely on an interface to the untrusted…

Operating Systems · Computer Science 2020-01-22 Christian Priebe , Divya Muthukumaran , Joshua Lind , Huanzhou Zhu , Shujie Cui , Vasily A. Sartakov , Peter Pietzuch

We explore the use of SGX enclaves as a means to improve the security of handling keys and data in storage systems. We study two main configurations for SGX computations, as they apply to performing data-at-rest encryption in a storage…

Cryptography and Security · Computer Science 2018-06-29 Danny Harnik , Eliad Tsfadia , Doron Chen , Ronen Kat

Trusted Execution Environments (TEEs), such as Intel's Software Guard Extensions (SGX), are increasingly being adopted to address trust and compliance issues in the public cloud. Intel SGX's second generation (SGXv2) addresses many…

Databases · Computer Science 2025-01-24 Adrian Lutsch , Muhammad El-Hindi , Matthias Heinrich , Daniel Ritter , Zsolt István , Carsten Binnig

Modern CPU architectures offer strong isolation guarantees towards user applications in the form of enclaves. For instance, Intel's threat model for SGX assumes fully trusted enclaves, yet there is an ongoing debate on whether this threat…

Cryptography and Security · Computer Science 2019-02-12 Michael Schwarz , Samuel Weiser , Daniel Gruss

Intel SGX is known to be vulnerable to a class of practical attacks exploiting memory access pattern side-channels, notably page-fault attacks and cache timing attacks. A promising hardening scheme is to wrap applications in hardware…

Cryptography and Security · Computer Science 2022-12-29 Yuzhe Tang , Kai Li , Yibo Wang , Jiaqi Chen , Cheng Xu

Enforcing integrity and confidentiality of users' application code and data is a challenging mission that any software developer working on an online production grade service is facing. Since cryptology is not a widely understood subject,…

Cryptography and Security · Computer Science 2018-04-04 Mohammad Hasanzadeh Mofrad , Adam Lee

The latest generation of Intel processors supports Software Guard Extensions (SGX), a set of instructions that implements a Trusted Execution Environment (TEE) right inside the CPU, by means of so-called enclaves. This paper presents…

Performance · Computer Science 2019-06-27 Sébastien Vaucher , Valerio Schiavoni , Pascal Felber

This paper presents SgxPectre Attacks that exploit the recently disclosed CPU bugs to subvert the confidentiality and integrity of SGX enclaves. Particularly, we show that when branch prediction of the enclave code can be influenced by…

Cryptography and Security · Computer Science 2019-09-12 Guoxing Chen , Sanchuan Chen , Yuan Xiao , Yinqian Zhang , Zhiqiang Lin , Ten H. Lai

Application security traditionally strongly relies upon security of the underlying operating system. However, operating systems often fall victim to software attacks, compromising security of applications as well. To overcome this…

Cryptography and Security · Computer Science 2017-01-05 Samuel Weiser , Mario Werner

Intel's software guard extensions (SGX) provide hardware enclaves to guarantee confidentiality and integrity for sensitive code and data. However, systems leveraging such security mechanisms must often pay high performance overheads. A…

Cryptography and Security · Computer Science 2023-07-10 Peterson Yuhala , Michael Paper , Timothée Zerbib , Pascal Felber , Valerio Schiavoni , Alain Tchana

Intel(R) Software Guard Extensions (Intel(R) SGX) is a promising technology to securely process information in otherwise untrusted environments. An important aspect of Intel SGX is the ability to perform remote attestation to assess the…

Cryptography and Security · Computer Science 2019-07-29 Thomas Knauth , Michael Steiner , Somnath Chakrabarti , Li Lei , Cedric Xing , Mona Vij

Exceptions are a commodity hardware functionality which is central to multi-tasking OSes as well as event-driven user applications. Normally, the OS assists the user application by lifting the semantics of exceptions received from hardware…

Cryptography and Security · Computer Science 2021-10-14 Jinhua Cui , Jason Zhijingcheng Yu , Shweta Shinde , Prateek Saxena , Zhiping Cai

Intel's Software Guard Extensions (SGX) introduced new instructions to switch the processor to enclave mode which protects it from introspection. While the enclave mode strongly protects the memory and the state of the processor, it cannot…

Cryptography and Security · Computer Science 2020-07-17 Tobias Cloosters , Michael Rodler , Lucas Davi

Since its debut, SGX has been used in many applications, e.g., secure data processing. However, previous systems usually assume a trusted enclave and ignore the security issues caused by an untrusted enclave. For instance, a vulnerable (or…

Cryptography and Security · Computer Science 2020-10-26 Yuan Chen , Jiaqi Li , Guorui Xu , Yajin Zhou , Zhi Wang , Cong Wang , Kui Ren

Intel SGX Guard eXtensions (SGX), a hardware-supported trusted execution environment (TEE), is designed to protect security-sensitive applications. However, since enclave applications are developed with memory unsafe languages such as…

Cryptography and Security · Computer Science 2020-05-14 Huibo Wang , Mingshen Sun , Qian Feng , Pei Wang , Tongxin Li , Yu Ding

Integrity is critical for maintaining system security, as it ensures that only genuine software is loaded onto a machine. Although confidential virtual machines (CVMs) function within isolated environments separate from the host, it is…

Cryptography and Security · Computer Science 2024-10-25 Wenhao Wang , Linke Song , Benshan Mei , Shuang Liu , Shijun Zhao , Shoumeng Yan , XiaoFeng Wang , Dan Meng , Rui Hou

Intel(R) Software Guard eXtensions (SGX) is a hardware-based technology for ensuring security of sensitive data from disclosure or modification that enables user-level applications to allocate protected areas of memory called enclaves. Such…

Cryptography and Security · Computer Science 2017-11-01 Rodolfo Silva , Pedro Barbosa , Andrey Brito

Writing a platform for reactive applications which enforces operational constraints is difficult, and has been approached in various ways. In this experience report, we detail an approach using an embedded DSL which can be used to specify…

Software Engineering · Computer Science 2015-04-09 Paul van der Walt
‹ Prev 1 2 3 10 Next ›