Top

Hint

Swipe to navigate through the chapters of this book

Published in:

Read chapter Read first chapter

2021 | OriginalPaper | Chapter

E-SGX: Effective Cache Side-Channel Protection for Intel SGX on Untrusted OS

Authors : Fan Lang, Huorong Li, Wei Wang, Jingqiang Lin, Fengwei Zhang, Wuqiong Pan, Qiongxiao Wang

Published in: Information Security and Cryptology

Publisher: Springer International Publishing

Abstract

Cache side-channels are among the major weaknesses of Intel SGX. We mitigate this weakness with E-SGX, an effective defensive approach against all known access-driven/trace-driven cache side-channel attacks from privileged code. The core idea of E-SGX is to monopolize the whole CPU during security-critical executions, breaking the concurrent execution condition of access-driven/trace-driven cache side-channel attacks. To achieve this, E-SGX employs several SGX threads within the same enclave: one application thread and a few dummy threads together hold all CPU cores. A key challenge is to ensure all those enclave threads are scheduled exclusively to occupy all CPU cores with an untrusted OS scheduler. E-SGX addresses this challenge by providing effective mechanisms to detect violations of exclusive scheduling: challenge-response check of dummy threads aliveness and detection of asynchronous enclave exits, both performed with a carefully selected period. Comparing to existing approaches, E-SGX is capable of defending against access-driven/trace-driven cache side-channel attacks not only from the sibling logical core but from across all physical cores.

To get access to this content you need the following product:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt 90 Tage mit der neuen Mini-Lizenz testen!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt 90 Tage mit der neuen Mini-Lizenz testen!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt 90 Tage mit der neuen Mini-Lizenz testen!

inform now

previous chapter Blockchain-Based Efficient Public Integrity Auditing for Cloud Storage Against Malicious Auditors

next chapter Public Verifiable Private Decision Tree Prediction

Available only for authorised users

cpufreqd. http://manpages.ubuntu.com/manpages/precise/man8/cpufreqd.8.html

CrossTalk. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0543

mbed TLS. https://tls.mbed.org

Nginx. http://nginx.org

SGX SDK. https://software.intel.com/en-us/sgx-sdk

Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for CPU based attestation and sealing. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, vol. 13 (2013)

Brasser, F., et al.: DR.SGX: hardening SGX enclaves against cache attacks with data location randomization. CoRR abs/1709.09917 (2017), http://arxiv.org/abs/1709.09917

Brasser, F., Müller, U., Dmitrienko, A., Kostiainen, K., Capkun, S., Sadeghi, A.R.: Software grand exposure: SGX cache attacks are practical. arXiv preprint arXiv:1702.07521, p. 33 (2017)

Bulck, J.V., et al.: Foreshadow: extracting the keys to the intel SGX kingdom with transient out-of-order execution. In: 27th USENIX Security Symposium, USENIX Security 2018, Baltimore, MD, USA, August 15–17, 2018, pp. 991–1008 (2018). https://www.usenix.org/conference/usenixsecurity18/presentation/bulck

10.

Canella, C., et al.: Fallout: leaking data on meltdown-resistant cpus. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, UK, November 11–15, 2019. pp. 769–784. ACM (2019). https://doi.org/10.1145/3319535.3363219

11.

Chen, G., et al.: Racing in hyperspace: closing hyper-threading side channels on SGX with contrived data races. In: 2018 IEEE Symposium on Security and Privacy (SP). IEEE Computer Society, Los Alamitos, CA, USA (2018). https://doi.org/10.1109/SP.2018.00024

12.

Chen, G., Chen, S., Xiao, Y., Zhang, Y., Lin, Z., Lai, T.H.: SGXPECTRE Attacks: Leaking Enclave Secrets via Speculative Execution. arXiv preprint arXiv:1802.09085 (2018)

13.

Chen, S., Zhang, X., Reiter, M.K., Zhang, Y.: Detecting privileged side-channel attacks in shielded execution with Déjá Vu. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pp. 7–18. ACM (2017)

14.

Costan, V., Devadas, S.: Intel SGX Explained. IACR Cryptology ePrint Archive 2016, 86 (2016)

15.

Crane, S., Homescu, A., Brunthaler, S., Larsen, P., Franz, M.: Thwarting cache side-channel attacks through dynamic software diversity. In: NDSS, pp. 8–11 (2015)

16.

Disselkoen, C., Kohlbrenner, D., Porter, L., Tullsen, D.M.: Prime+abort: A timer-free high-precision L3 cache attack using intel TSX. In: 26th USENIX Security Symposium, USENIX Security 2017, Vancouver, BC, Canada, August 16–18, 2017. pp. 51–67 (2017). https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/disselkoen

17.

Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious rams. J. ACM 43(3), 431–473 (1996). https://doi.org/10.1145/233551.233553

18.

Gruss, D., Lettner, J., Schuster, F., Ohrimenko, O., Haller, I., Costa, M.: Strong and efficient cache side-channel protection using hardware transactional memory. In: USENIX Security Symposium (2017)

19.

Gruss, D., Maurice, C., Wagner, K., Mangard, S.: Flush+flush: a fast and stealthy cache attack. In: Detection of Intrusions and Malware, and Vulnerability Assessment - 13th International Conference, DIMVA 2016, San Sebastián, Spain, July 7–8, 2016, Proceedings, pp. 279–299 (2016). https://doi.org/10.1007/978-3-319-40667-1_14

20.

Götzfried, J., Eckert, M., Schinzel, S., Müller, T.: Cache attacks on intel SGX (2017)

21.

Hoekstra, M., Lal, R., Pappachan, P., Phegade, V., Del Cuvillo, J.: Using innovative instructions to create trustworthy software solutions, p. 11 (2013)

22.

Intel: Intel Software Guard Extensions Programming Reference, October 2014, reference no. 329298–002US

23.

Koc, C.K., Acar, T.: Montgomery multiplication in GF (2k). Designs, Codes and Cryptography 14(1), 57–69 (1998) MathSciNetCrossRef

24.

Kocher, P., et al.: Spectre Attacks: Exploiting Speculative Execution. ArXiv e-prints (2018)

25.

Kuvaiskii, D., et al.: SGXBOUNDS: Memory safety for shielded execution. In: Proceedings of the Twelfth European Conference on Computer Systems, pp. 205–221. ACM (2017)

26.

Lipp, M., et al.: Meltdown. ArXiv e-prints (2018)

27.

Liu, F., Yarom, Y., Ge, Q., Heiser, G., Lee, R.B.: Last-level cache side-channel attacks are practical. In: 2015 IEEE Symposium on Security and Privacy (SP), pp. 605–622. IEEE Computer Society, Los Alamitos, CA, USA (may 2015). https://doi.org/10.1109/SP.2015.43, https://doi.ieeecomputersociety.org/10.1109/SP.2015.43

28.

Marshall, A., Howard, M.: Security best practices for developing windows azure applications (2010)

29.

McKeen, F., et al.: Innovative instructions and software model for isolated execution. HASP@ ISCA 10 (2013)

30.

Moghimi, A., Irazoqui, G., Eisenbarth, T.: Cachezoom: how SGX amplifies the power of cache attacks (2017)

31.

Oleksenko, O., Trach, B., Krahn, R., Silberstein, M., Fetzer, C.: Varys: protecting SGX enclaves from practical side-channel attacks. In: 2018 USENIX Annual Technical Conference, USENIX ATC 2018, Boston, MA, USA, July 11–13, 2018, pp. 227–240 (2018). https://www.usenix.org/conference/atc18/presentation/oleksenko

32.

Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and countermeasures: the case of AES. In: Topics in Cryptology - CT-RSA 2006, The Cryptographers’ Track at the RSA Conference 2006, San Jose, CA, USA, February 13–17, 2006, Proceedings. pp. 1–20 (2006). https://doi.org/10.1007/11605805_1

33.

Rajwar, R., Dixon, M.: Intel transactional synchronization extensions. In: Intel Developer Forum San Francisco, vol. 2012 (2012)

34.

Rane, A., Lin, C., Tiwari, M.: Raccoon: closing digital side-channels through obfuscated execution. In: 24th USENIX Security Symposium, USENIX Security 15, Washington, D.C., USA, August 12–14, 2015, pp. 431–446 (2015). https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/rane

35.

van Schaik, S., Kwong, A., Genkin, D., Yarom, Y.: Sgaxe: How sgx fails in practice (2020). http://cacheoutattack.com/files/SGAxe.pdf

36.

van Schaik, S., et al.: RIDL: rogue in-flight data load. In: 2019 IEEE Symposium on Security and Privacy, SP 2019, San Francisco, CA, USA, May 19–23, 2019, pp. 88–105. IEEE (2019). https://doi.org/10.1109/SP.2019.00087

37.

Schwarz, M., et al.: Zombieload: cross-privilege-boundary data sampling. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, UK, November 11–15, 2019, pp. 753–768. ACM (2019). https://doi.org/10.1145/3319535.3354252

38.

Schwarz, M., Weiser, S., Gruss, D., Maurice, C., Mangard, S.: Malware guard extension: using SGX to conceal cache attacks. In: Polychronakis, M., Meier, M. (eds.) DIMVA 2017. LNCS, vol. 10327, pp. 3–24. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-60876-1_1 CrossRef

39.

Seo, J., et al.: SGX-shield: enabling address space layout randomization for SGX programs. In: Proceedings of the 2017 Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA (2017)

40.

Shih, M.W., Lee, S., Kim, T., Peinado, M.: T-SGX: eradicating controlled-channel attacks against enclave programs. In: Proceedings of the 2017 Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA (2017)

41.

Tromer, E., Osvik, D.A., Shamir, A.: Efficient cache attacks on AES, and countermeasures. J. Cryptol. 23(1), 37–71 (2010) MathSciNetCrossRef

42.

Wang, W., Chen, G., Pan, X., Zhang, Y., Wang, X.: Leaky cauldron on the dark land: understanding memory side-channel hazards in SGX. In: the 2017 ACM SIGSAC Conference (2017)

43.

Yarom, Y., Falkner, K.: Flush+reload: a high resolution, low noise, l3 cache side-channel attack. In: Usenix Conference on Security Symposium (2014)

Title: E-SGX: Effective Cache Side-Channel Protection for Intel SGX on Untrusted OS
Authors: Fan Lang
Huorong Li
Wei Wang
Jingqiang Lin
Fengwei Zhang
Wuqiong Pan
Qiongxiao Wang
Publisher: Springer International Publishing
Book: Information Security and Cryptology
Print ISBN: 978-3-030-71851-0

Electronic ISBN: 978-3-030-71852-7

Copyright Year: 2021
DOI: https://doi.org/10.1007/978-3-030-71852-7_15

Disciplines

Events

Books

Journals

Start single access now

Request access for companies

Springer Professional

Hint

Swipe to navigate through the chapters of this book

E-SGX: Effective Cache Side-Channel Protection for Intel SGX on Untrusted OS

Abstract

To get access to this content you need the following product:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner

Disciplines Chevron down icon Chevron up icon

Events

Books

Journals

Start single access now

Request access for companies

Springer Professional

Hint

Swipe to navigate through the chapters of this book

Abstract

Please log in to get access to this content

To get access to this content you need the following product:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner

Disciplines