Open AccessProceedings Article
Inferring fine-grained control flow inside SGX enclaves with branch shadowing
Sangho Lee,Ming-Wei Shih,Prasun Gera,Taesoo Kim,Hyesoon Kim,Marcus Peinado +5 more
- pp 557-574
TLDR
A new, yet critical, side-channel attack, branch shadowing, that reveals fine-grained control flows (branch granularity) in an enclave and develops two novel exploitation techniques, a last branch record (LBR)-based history-inferring technique and an advanced programmable interrupt controller (APIC)-based technique to control the execution of an enclave in a finegrained manner.Abstract:
Intel has introduced a hardware-based trusted execution environment, Intel Software Guard Extensions (SGX), that provides a secure, isolated execution environment, or enclave, for a user program without trusting any underlying software (e.g., an operating system) or firmware. Researchers have demonstrated that SGX is vulnerable to a page-fault-based attack. However, the attack only reveals page-level memory accesses within an enclave.
In this paper, we explore a new, yet critical, side-channel attack, branch shadowing, that reveals fine-grained control flows (branch granularity) in an enclave. The root cause of this attack is that SGX does not clear branch history when switching from enclave to nonenclave mode, leaving fine-grained traces for the outside world to observe, which gives rise to a branch-prediction side channel. However, exploiting this channel in practice is challenging because 1) measuring branch execution time is too noisy for distinguishing fine-grained controlflow changes and 2) pausing an enclave right after it has executed the code block we target requires sophisticated control. To overcome these challenges, we develop two novel exploitation techniques: 1) a last branch record (LBR)-based history-inferring technique and 2) an advanced programmable interrupt controller (APIC)-based technique to control the execution of an enclave in a finegrained manner. An evaluation against RSA shows that our attack infers each private key bit with 99.8% accuracy. Finally, we thoroughly study the feasibility of hardware-based solutions (i.e., branch history flushing) and propose a software-based approach that mitigates the attack.read more
Citations
More filters
Proceedings ArticleDOI
Spectre Attacks: Exploiting Speculative Execution
Paul C. Kocher,Jann Horn,Anders Fogh,Daniel Genkin,Daniel Gruss,Werner Haas,Mike Hamburg,Moritz Lipp,Stefan Mangard,Thomas Prescher,Michael Schwarz,Yuval Yarom +11 more
TL;DR: Spectre as mentioned in this paper is a side channel attack that can leak the victim's confidential information via side channel to the adversary. And it can read arbitrary memory from a victim's process.
Proceedings Article
Foreshadow: extracting the keys to the intel SGX kingdom with transient out-of-order execution
Jo Van Bulck,Marina Minkin,Ofir Weisse,Daniel Genkin,Baris Kasikci,Frank Piessens,Mark Silberstein,Thomas F. Wenisch,Yuval Yarom,Raoul Strackx +9 more
TL;DR: This work presents Foreshadow, a practical software-only microarchitectural attack that decisively dismantles the security objectives of current SGX implementations and develops a novel exploitation methodology to reliably leak plaintext enclave secrets from the CPU cache.
Proceedings Article
Sanctum: Minimal Hardware Extensions for Strong Software Isolation
TL;DR: Sanctum offers the same promise as Intel’s Software Guard Extensions (SGX), namely strong provable isolation of software modules running concurrently and sharing resources, but protects against an important class of additional software attacks that infer private information from a program's memory access patterns.
Software grand exposure: SGX cache attacks are practical
Ferdinand Brasser,U.A. Muller,Alexandra Dmitrienko,Kari Kostiainen,Srdjan Capkun,Ahmad-Reza Sadeghi +5 more
TL;DR: In this article, the authors demonstrate the effectiveness of cache timing attacks against RSA and other cryptographic operations, such as genomic processing, and analyze countermeasures and show that none of the known defenses eliminates the attack.
Proceedings ArticleDOI
Prochlo: Strong Privacy for Analytics in the Crowd
Andrea Bittau,Úlfar Erlingsson,Petros Maniatis,Ilya Mironov,Ananth Raghunathan,David Lie,Mitch Rudominer,Usharsee Kode,Julien Tinnes,Bernhard Seefeld +9 more
TL;DR: Encode, Shuffle, Analyze (ESA) as discussed by the authors is a principled system architecture for performing large-scale monitoring of computer users' software activities with high utility while also protecting user privacy.
References
More filters
Book ChapterDOI
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
TL;DR: By carefully measuring the amount of time required to perform private key operalions, attackers may be able to find fixed Diffie-Hellman exponents, factor RSA keys, and break other cryptosystems.
Proceedings ArticleDOI
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
TL;DR: It is shown that it is possible to map the internal cloud infrastructure, identify where a particular target VM is likely to reside, and then instantiate new VMs until one is placed co-resident with the target, and how such placement can then be used to mount cross-VM side-channel attacks to extract information from a target VM on the same machine.
Proceedings ArticleDOI
Last-Level Cache Side-Channel Attacks are Practical
TL;DR: This work presents an effective implementation of the Prime+Probe side-channel attack against the last-level cache of GnuPG, and achieves a high attack resolution without relying on weaknesses in the OS or virtual machine monitor or on sharing memory between attacker and victim.
Journal ArticleDOI
Remote timing attacks are practical
David Brumley,Dan Boneh +1 more
TL;DR: In this paper, the authors present a timing attack against OpenSSL and demonstrate that timing attacks against network servers are practical and therefore security systems should defend against them, and they show that timing attack applies to general software systems.