Software Grand Exposure: SGX Cache Attacks Are Practical

Ferdinand Brasser (1); Urs M\"uller (2); Alexandra Dmitrienko (2),; Kari Kostiainen (2); Srdjan Capkun (2); Ahmad-Reza Sadeghi (1) ((1) System; Security Lab; Technische Universit\"at Darmstadt; Germany; (2) Institute of; Information Security; ETH Zurich; Switzerland)

arXiv:1702.07521·cs.CR·February 27, 2017·242 cites

Software Grand Exposure: SGX Cache Attacks Are Practical

Ferdinand Brasser (1), Urs M\"uller (2), Alexandra Dmitrienko (2),, Kari Kostiainen (2), Srdjan Capkun (2), Ahmad-Reza Sadeghi (1) ((1) System, Security Lab, Technische Universit\"at Darmstadt, Germany, (2) Institute of, Information Security, ETH Zurich, Switzerland)

PDF

Open Access

TL;DR

This paper demonstrates that cache-based side-channel attacks on SGX enclaves are practical and can extract sensitive information like RSA keys and genome data, highlighting a significant security threat.

Contribution

The authors develop novel cache attack techniques that operate without interrupting enclave execution, proving the practicality and severity of cache side channels on SGX.

Findings

01

Successfully extracted RSA-2048 keys during decryption

02

Detected specific human genome sequences in genomic indexing

03

Attacks outperform previous cache side-channel methods

Abstract

Side-channel information leakage is a known limitation of SGX. Researchers have demonstrated that secret-dependent information can be extracted from enclave execution through page-fault access patterns. Consequently, various recent research efforts are actively seeking countermeasures to SGX side-channel attacks. It is widely assumed that SGX may be vulnerable to other side channels, such as cache access pattern monitoring, as well. However, prior to our work, the practicality and the extent of such information leakage was not studied. In this paper we demonstrate that cache-based attacks are indeed a serious threat to the confidentiality of SGX-protected programs. Our goal was to design an attack that is hard to mitigate using known defenses, and therefore we mount our attack without interrupting enclave execution. This approach has major technical challenges, since the existing…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsSecurity and Verification in Computing · Advanced Malware Detection Techniques · Cryptographic Implementations and Security