2020
DOI: 10.48550/arxiv.2006.13598
|View full text |Cite
Preprint
|
Sign up to set email alerts
|

A Survey of Published Attacks on Intel SGX

Alexander Nilsson,
Pegah Nikbakht Bideh,
Joakim Brorsson

Abstract: Intel Software Guard Extensions (SGX) provides a trusted execution environment (TEE) to run code and operate sensitive data. SGX provides runtime hardware protection where both code and data are protected even if other code components are malicious. However, recently many attacks targeting SGX have been identified and introduced that can thwart the hardware defence provided by SGX. In this paper we present a survey of all attacks specifically targeting Intel SGX that are known to the authors, to date. We categ… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
6
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
3
2
1

Relationship

0
6

Authors

Journals

citations
Cited by 6 publications
(6 citation statements)
references
References 39 publications
0
6
0
Order By: Relevance
“…• Defense mechanisms for SGX Alexander et al [28] summarized the available defense mechanisms for attacks on SGX at four levels: microcode patching, system design, compiler and SDK, and application layer design. CPU vendors can fix many security vulnerabilities through microcode patching.…”
Section: Defense Mechanisms For Teesmentioning
confidence: 99%
“…• Defense mechanisms for SGX Alexander et al [28] summarized the available defense mechanisms for attacks on SGX at four levels: microcode patching, system design, compiler and SDK, and application layer design. CPU vendors can fix many security vulnerabilities through microcode patching.…”
Section: Defense Mechanisms For Teesmentioning
confidence: 99%
“…In our current prototype implementation, we use Intel SGX enclaves as a TEE implementation target. SGX is vulnerable to a wide category of attacks reviewed in [24]. Chuchotage can be vulnerable to any attacks applicable to SGX.…”
Section: Security Evaluationmentioning
confidence: 99%
“…A TEE leverages a root of trust from the hardware to shield the execution of sensitive computation and its data from the rest of the node, including higher privileged software layers. While TEEs have been proposed to make ML computation trustworthy [42,65,79,80], past TEE implementations have been shown to exhibit exploitable security vulnerabilities [12,78,84,111].…”
Section: Establishing Trustworthinessmentioning
confidence: 99%
“…Slalom [109] and Privado [42] use trusted execution environment (TEEs) [22] to produce trustworthy inference. They rely on the security of TEEs, which have suffered from successful attacks [12,78,84,111]. These solutions are restricted to CPU-based inference, which increases latencies by several orders of magnitude compared to GPUs.…”
Section: Related Workmentioning
confidence: 99%