Although Intel SGX technology claims to deliver various security promises, which we have gone through in previous sections, it is still vulnerable to certain types of attacks. Recent acadamic researches have discovered several such vulnerabilities and prove that Intel SGX is not as secure as we thought.
In this section, Prof. Taesoo Kim explaines known security concerns, including cache/branch side-channel attacks and memory safety issues, and corresponding defenses with various working demos.
SGX Security Issues (Taesoo Kim)
Slides are available here.
Demos
1. Branch Shadowing
This video shows how the branch shadowing attack can extract RSA private key bits
- Target code: Sliding window exponentiation of mbedTLS
- Attack code: We modified Linux SGX SDK to run our shadow code
- Kernel log: Our attack code prints the output of LBR via dmesg
2. Dark ROP
This video shows how the Dark ROP attack detects memcpy() and copy the entire memory contents of an enclave to the outside.
3. SGX page-table-based attack
This video presents the page-table-based attack, which is also known as the controlled-channel attack. By manipulating the page table and hooking the page fault handler, the attacker is able to observe precise page access patterns.
4. SGX-Shield
This video demonstrates the effectiveness of fine-grained ASLR support of SGX-Shield.
5. T-SGX
This video shows how T-SGX protect an SGX enclave from page-table-based attacks.
6. SGX-Bomb
This video shows how the SGX-Bomb attack locks down a victim machine.
7. SGX-Bleed
This video shows how the SGX-Bleed problem leaks uninitialized SGX memory via structure padding.