Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security 2017
DOI: 10.1145/3133956.3134038
|View full text |Cite
|
Sign up to set email alerts
|

Leaky Cauldron on the Dark Land

Abstract: Side-channel risks of Intel SGX have recently attracted great attention. Under the spotlight is the newly discovered page-fault attack, in which an OS-level adversary induces page faults to observe the page-level access patterns of a protected process running in an SGX enclave. With almost all proposed defense focusing on this attack, little is known about whether such efforts indeed raise the bar for the adversary, whether a simple variation of the attack renders all protection ineffective, not to mention an … Show more

Help me understand this report
View preprint versions

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
24
0

Year Published

2018
2018
2021
2021

Publication Types

Select...
5
2
1

Relationship

0
8

Authors

Journals

citations
Cited by 209 publications
(24 citation statements)
references
References 27 publications
0
24
0
Order By: Relevance
“…Despite the security mechanisms employed by the Intel SGX technology, it does not cover side-channel attacks. Wang et al [60] presented four sidechannel attack vectors that SGX offers no protection: power statistics, cache miss statistics, branch timing, and page accesses via page tables. Data access patterns and physical attacks against the CPU, such as fault injection or reprogramming of machine code functionalities, are also not covered by the SGX threat model [9,13].…”
Section: Intel Sgx Security Assessmentmentioning
confidence: 99%
“…Despite the security mechanisms employed by the Intel SGX technology, it does not cover side-channel attacks. Wang et al [60] presented four sidechannel attack vectors that SGX offers no protection: power statistics, cache miss statistics, branch timing, and page accesses via page tables. Data access patterns and physical attacks against the CPU, such as fault injection or reprogramming of machine code functionalities, are also not covered by the SGX threat model [9,13].…”
Section: Intel Sgx Security Assessmentmentioning
confidence: 99%
“…We do not consider side-channel attacks in this paper. Side-channel attacks have been shown to be a real threat, especially to Intel SGX [22,25,58]. This field is moving fast: new attacks have been kept being proposed, so have new defenses [45,51].…”
Section: Threat Model and Security Goalsmentioning
confidence: 99%
“…Moghimi, Irazoqui, and Eisenbarth [MIE17] introduced the CacheZoom attack, showing how the libgcrypt AES implementation leaks when running inside an Intel SGX enclave. On the other hand, Van Bulck et al [VB+17] and Wang et al [Wan+17] tested the side-channel resistance of the libgcrypt EdDSA implementation hardened with Intel SGX.…”
Section: Side-channel Attack On Libgcrypt Beeamentioning
confidence: 99%
“…For instance, the controlled-channels attack proposed by Xu, Cui, and Peinado [XCP15] provides access to the sequence of memory pages executed by the victim enclave, providing a leakage source of 4 KB granularity that can be used to track the enclave execution [Wan+17,Shi+16,VB+17,WSB18]. This attack relies on Intel SGX which leaves control of its memory pages to the untrusted OS.…”
Section: Side-channel Attack On Libgcrypt Beeamentioning
confidence: 99%