Plundervolt: Software-based Fault Injection Attacks against Intel SGX

Murdock, Kit; Oswald, David; Garcia, Flavio D.; Bulck, Jo Van; Gruss, Daniel; Piessens, Frank

doi:10.1109/sp40000.2020.00057

Cited by 229 publications

(127 citation statements)

References 47 publications

(58 reference statements)

Supporting

Mentioning

126

Contrasting

Order By: Relevance

“…There are other side-channels such as speculative execution [12], [17], [50], communication patterns [55], power analysis [54] and others [34], [41]. We note that these attacks can be mitigated by some complementary works [8], [16], [20], [56].…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

OblivSketch: Oblivious Network Measurement as a Cloud Service

Lai

Yuan

Liu

et al. 2021

Proceedings 2021 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Network function virtualisation enables versatile network functions as cloud services with reduced cost. Specifically, network measurement tasks such as heavy-hitter detection and flow distribution estimation serve many core network functions for improved performance and security of enterprise networks. However, deploying network measurement services in third-party multi-tenant cloud service providers raises critical privacy and security concerns. Recent studies demonstrate that leaking and abusing flow statistics can lead to severe network attacks such as DDoS, network topology manipulation and poisoning, etc. In this paper, we propose OblivSketch, an oblivious network measurement service using Intel SGX. It employs hardware enclave for secure network statistics generation and queries. The statistics are maintained in newly designed oblivious data structures inside the SGX enclave and queried by data-oblivious algorithms to prevent data leakage caused by access patterns to the memory of SGX. To demonstrate the practicality, we implement OblivSketch as a full-fledge service integrated with the off-the-shelf SDN framework. The evaluations demonstrate that OblivSketch consumes a constant and small memory space (6MB) to track a massive amount of flows (from 30k to 1.45m), and it takes no more than 15ms to respond six widely adopted measurement queries for a 5s-trace with 70k flows.

show abstract

Section: Related Workmentioning

confidence: 99%

“…There exist some other side-channel attacks against TEEs. Particularly, those attacks are based on speculative execution [12], [17], [50], communication patterns [55], denialof-service [34], power analysis [54] and vulnerabilities in implementations [41]. Those attacks are out of the scope of OblivSketch.…”

Section: B Threat Modelmentioning

confidence: 99%

OblivSketch: Oblivious Network Measurement as a Cloud Service

Lai

Yuan

Liu

et al. 2021

Proceedings 2021 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

show abstract

“…However, security researchers have shown that many of these isolation mechanisms can be attacked by means of software-exploitable side-channels. Such side-channels have been shown to violate integrity of victim programs [3], [4], [5], as well as their confidentiality on both high-end processors [6], [7], [8], [9] and on small microprocessors [10]. In fact, over the past two years, many major isolation mechanisms have been successfully attacked: Meltdown [7] has broken user/kernel isolation, Spectre [8] has broken process isolation and software defined isolation, and Foreshadow [9] has broken enclaved execution on Intel processors.…”

Section: Introductionmentioning

confidence: 99%

Provably Secure Isolation for Interruptible Enclaved Execution on Small Microprocessors

Busi

Noorman

Bulck

et al. 2020

2020 IEEE 33rd Computer Security Foundations Symposium (CSF)

Self Cite

View full text Add to dashboard Cite

Computer systems often provide hardware support for isolation mechanisms like privilege levels, virtual memory, or enclaved execution. Over the past years, several successful software-based side-channel attacks have been developed that break, or at least significantly weaken the isolation that these mechanisms offer. Extending a processor with new architectural or micro-architectural features, brings a risk of introducing new such side-channel attacks. This paper studies the problem of extending a processor with new features without weakening the security of the isolation mechanisms that the processor offers. We propose to use full abstraction as a formal criterion for the security of a processor extension, and we instantiate that criterion to the concrete case of extending a microprocessor that supports enclaved execution with secure interruptibility of these enclaves. This is a very relevant instantiation as several recent papers have shown that interruptibility of enclaves leads to a variety of software-based side-channel attacks. We propose a design for interruptible enclaves, and prove that it satisfies our security criterion. We also implement the design on an open-source enclave-enabled microprocessor, and evaluate the cost of our design in terms of performance and hardware size. This is the extended version of the paper [1] that includes both the original paper as well as the technical appendix with the proofs.

show abstract

“…This technique essentially targets security critical embedded systems, using physical disturbances (e.g., laser rays, or electro-magnetic fields) to inject faults. However, it may now also concern much larger software classes when considering recent hardware weaknesses like the so-called Rowhammer attack [1], [2], or by exploiting some weaknesses in the power management modules [3], [4], [5], [6].…”

Section: Introductionmentioning

confidence: 99%

Countermeasures Optimization in Multiple Fault-Injection Context

Boespflug

Ene

Mounier

et al. 2020

2020 Workshop on Fault Detection and Tolerance in Cryptography (FDTC)

View full text Add to dashboard Cite

Fault attacks consist in changing the program behavior by injecting faults at run-time, either at hardware or at software level. Their goal is to change the correct progress of the algorithm and hence, either to allow gaining some privilege access or to allow retrieving some secret information based on an analysis of the deviation of the corrupted behavior with respect to the original one. Countermeasures have been proposed to protect embedded systems by adding spatial, temporal or information redundancy at hardware or software level. First we define Countermeasures Check Point (CCP) and CCPs-based countermeasures as an important subclass of countermeasures. Then we propose a methodology to generate an optimal protection scheme for CCPs-based countermeasure. Finally we evaluate our work on a benchmark of code examples with respect to several Control Flow Integrity (CFI) oriented existing protection schemes.

show abstract

Plundervolt: Software-based Fault Injection Attacks against Intel SGX

Cited by 229 publications

References 47 publications

OblivSketch: Oblivious Network Measurement as a Cloud Service

OblivSketch: Oblivious Network Measurement as a Cloud Service

Provably Secure Isolation for Interruptible Enclaved Execution on Small Microprocessors

Countermeasures Optimization in Multiple Fault-Injection Context

Contact Info

Product

Resources

About