Open AccessPosted Content
Intel SGX Explained.
Victor Costan,Srinivas Devadas +1 more
TLDR
In this article, the authors present a detailed and structured presentation of the publicly available information on SGX, a series of intelligent guesses about some important but undocumented aspects of SGX.Abstract:
Intel’s Software Guard Extensions (SGX) is a set of extensions to the Intel architecture that aims to provide integrity and confidentiality guarantees to securitysensitive computation performed on a computer where all the privileged software (kernel, hypervisor, etc) is potentially malicious. This paper analyzes Intel SGX, based on the 3 papers [14, 78, 137] that introduced it, on the Intel Software Developer’s Manual [100] (which supersedes the SGX manuals [94, 98]), on an ISCA 2015 tutorial [102], and on two patents [108, 136]. We use the papers, reference manuals, and tutorial as primary data sources, and only draw on the patents to fill in missing information. This paper’s contributions are a summary of the Intel-specific architectural and micro-architectural details needed to understand SGX, a detailed and structured presentation of the publicly available information on SGX, a series of intelligent guesses about some important but undocumented aspects of SGX, and an analysis of SGX’s security properties.read more
Citations
More filters
Posted Content
Advances and Open Problems in Federated Learning
Peter Kairouz,H. Brendan McMahan,Brendan Avent,Aurélien Bellet,Mehdi Bennis,Arjun Nitin Bhagoji,Kallista Bonawitz,Zachary Charles,Graham Cormode,Rachel Cummings,Rafael G. L. D'Oliveira,Hubert Eichner,Salim El Rouayheb,David Evans,Josh Gardner,Zachary Garrett,Adrià Gascón,Badih Ghazi,Phillip B. Gibbons,Marco Gruteser,Zaid Harchaoui,Chaoyang He,Lie He,Zhouyuan Huo,Ben Hutchinson,Justin Hsu,Martin Jaggi,Tara Javidi,Gauri Joshi,Mikhail Khodak,Jakub Konečný,Aleksandra Korolova,Farinaz Koushanfar,Sanmi Koyejo,Tancrède Lepoint,Yang Liu,Prateek Mittal,Mehryar Mohri,Richard Nock,Ayfer Ozgur,Rasmus Pagh,Mariana Raykova,Hang Qi,Daniel Ramage,Ramesh Raskar,Dawn Song,Weikang Song,Sebastian U. Stich,Ziteng Sun,Ananda Theertha Suresh,Florian Tramèr,Praneeth Vepakomma,Jianyu Wang,Li Xiong,Zheng Xu,Qiang Yang,Felix X. Yu,Han Yu,Sen Zhao +58 more
TL;DR: Motivated by the explosive growth in FL research, this paper discusses recent advances and presents an extensive collection of open problems and challenges.
Proceedings Article
Foreshadow: extracting the keys to the intel SGX kingdom with transient out-of-order execution
Jo Van Bulck,Marina Minkin,Ofir Weisse,Daniel Genkin,Baris Kasikci,Frank Piessens,Mark Silberstein,Thomas F. Wenisch,Yuval Yarom,Raoul Strackx +9 more
TL;DR: This work presents Foreshadow, a practical software-only microarchitectural attack that decisively dismantles the security objectives of current SGX implementations and develops a novel exploitation methodology to reliably leak plaintext enclave secrets from the CPU cache.
Proceedings ArticleDOI
SCONE: secure Linux containers with Intel SGX
Sergei Arnautov,Bohdan Trach,Franz Gregor,Thomas Knauth,Andre Martin,Christian Priebe,Joshua Lind,Divya Muthukumaran,Dan O'Keeffe,Mark Stillwell,David Goltzsche,David Eyers,Rüdiger Kapitza,Peter Pietzuch,Christof Fetzer +14 more
TL;DR: SCONE is a secure container mechanism for Docker that uses the SGX trusted execution support of Intel CPUs to protect container processes from outside attacks and offers a secure C standard library interface that transparently encrypts/decrypts I/O data.
Journal ArticleDOI
Applications of Blockchains in the Internet of Things: A Comprehensive Survey
Muhammad Salek Ali,Massimo Vecchio,Miguel Pincheira,Koustabh Dolui,Fabio Antonelli,Mubashir Husain Rehmani +5 more
TL;DR: This survey aims to shape a coherent and comprehensive picture of the current state-of-the-art efforts in this direction by starting with fundamental working principles of blockchains and how blockchain-based systems achieve the characteristics of decentralization, security, and auditability.
Proceedings ArticleDOI
Town Crier: An Authenticated Data Feed for Smart Contracts
TL;DR: TownCrier as discussed by the authors is an authenticated data feed system that acts as a bridge between smart contracts and existing web sites, which are already commonly trusted for non-blockchain applications, and combines a blockchain front end with a trusted hardware back end to scrape HTTPS-enabled websites and serve source-authenticated data to relying smart contracts.
References
More filters
Journal ArticleDOI
New Directions in Cryptography
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
Journal ArticleDOI
A method for obtaining digital signatures and public-key cryptosystems
TL;DR: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key.
Book
Computer Architecture: A Quantitative Approach
TL;DR: This best-selling title, considered for over a decade to be essential reading for every serious student and practitioner of computer design, has been updated throughout to address the most important trends facing computer designers today.
Book ChapterDOI
Differential Power Analysis
TL;DR: In this paper, the authors examine specific methods for analyzing power consumption measurements to find secret keys from tamper resistant devices. And they also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.
Journal ArticleDOI
Elliptic curve cryptosystems
TL;DR: The question of primitive points on an elliptic curve modulo p is discussed, and a theorem on nonsmoothness of the order of the cyclic subgroup generated by a global point is given.