Skip to main content
Top

2021 | OriginalPaper | Chapter

E-SGX: Effective Cache Side-Channel Protection for Intel SGX on Untrusted OS

Authors : Fan Lang, Huorong Li, Wei Wang, Jingqiang Lin, Fengwei Zhang, Wuqiong Pan, Qiongxiao Wang

Published in: Information Security and Cryptology

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Cache side-channels are among the major weaknesses of Intel SGX. We mitigate this weakness with E-SGX, an effective defensive approach against all known access-driven/trace-driven cache side-channel attacks from privileged code. The core idea of E-SGX is to monopolize the whole CPU during security-critical executions, breaking the concurrent execution condition of access-driven/trace-driven cache side-channel attacks. To achieve this, E-SGX employs several SGX threads within the same enclave: one application thread and a few dummy threads together hold all CPU cores. A key challenge is to ensure all those enclave threads are scheduled exclusively to occupy all CPU cores with an untrusted OS scheduler. E-SGX addresses this challenge by providing effective mechanisms to detect violations of exclusive scheduling: challenge-response check of dummy threads aliveness and detection of asynchronous enclave exits, both performed with a carefully selected period. Comparing to existing approaches, E-SGX is capable of defending against access-driven/trace-driven cache side-channel attacks not only from the sibling logical core but from across all physical cores.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Appendix
Available only for authorised users
Literature
6.
go back to reference Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for CPU based attestation and sealing. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, vol. 13 (2013) Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for CPU based attestation and sealing. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, vol. 13 (2013)
8.
go back to reference Brasser, F., Müller, U., Dmitrienko, A., Kostiainen, K., Capkun, S., Sadeghi, A.R.: Software grand exposure: SGX cache attacks are practical. arXiv preprint arXiv:1702.07521, p. 33 (2017) Brasser, F., Müller, U., Dmitrienko, A., Kostiainen, K., Capkun, S., Sadeghi, A.R.: Software grand exposure: SGX cache attacks are practical. arXiv preprint arXiv:​1702.​07521, p. 33 (2017)
10.
go back to reference Canella, C., et al.: Fallout: leaking data on meltdown-resistant cpus. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, UK, November 11–15, 2019. pp. 769–784. ACM (2019). https://doi.org/10.1145/3319535.3363219 Canella, C., et al.: Fallout: leaking data on meltdown-resistant cpus. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, UK, November 11–15, 2019. pp. 769–784. ACM (2019). https://​doi.​org/​10.​1145/​3319535.​3363219
12.
go back to reference Chen, G., Chen, S., Xiao, Y., Zhang, Y., Lin, Z., Lai, T.H.: SGXPECTRE Attacks: Leaking Enclave Secrets via Speculative Execution. arXiv preprint arXiv:1802.09085 (2018) Chen, G., Chen, S., Xiao, Y., Zhang, Y., Lin, Z., Lai, T.H.: SGXPECTRE Attacks: Leaking Enclave Secrets via Speculative Execution. arXiv preprint arXiv:​1802.​09085 (2018)
13.
go back to reference Chen, S., Zhang, X., Reiter, M.K., Zhang, Y.: Detecting privileged side-channel attacks in shielded execution with Déjá Vu. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pp. 7–18. ACM (2017) Chen, S., Zhang, X., Reiter, M.K., Zhang, Y.: Detecting privileged side-channel attacks in shielded execution with Déjá Vu. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pp. 7–18. ACM (2017)
14.
go back to reference Costan, V., Devadas, S.: Intel SGX Explained. IACR Cryptology ePrint Archive 2016, 86 (2016) Costan, V., Devadas, S.: Intel SGX Explained. IACR Cryptology ePrint Archive 2016, 86 (2016)
15.
go back to reference Crane, S., Homescu, A., Brunthaler, S., Larsen, P., Franz, M.: Thwarting cache side-channel attacks through dynamic software diversity. In: NDSS, pp. 8–11 (2015) Crane, S., Homescu, A., Brunthaler, S., Larsen, P., Franz, M.: Thwarting cache side-channel attacks through dynamic software diversity. In: NDSS, pp. 8–11 (2015)
18.
go back to reference Gruss, D., Lettner, J., Schuster, F., Ohrimenko, O., Haller, I., Costa, M.: Strong and efficient cache side-channel protection using hardware transactional memory. In: USENIX Security Symposium (2017) Gruss, D., Lettner, J., Schuster, F., Ohrimenko, O., Haller, I., Costa, M.: Strong and efficient cache side-channel protection using hardware transactional memory. In: USENIX Security Symposium (2017)
19.
go back to reference Gruss, D., Maurice, C., Wagner, K., Mangard, S.: Flush+flush: a fast and stealthy cache attack. In: Detection of Intrusions and Malware, and Vulnerability Assessment - 13th International Conference, DIMVA 2016, San Sebastián, Spain, July 7–8, 2016, Proceedings, pp. 279–299 (2016). https://doi.org/10.1007/978-3-319-40667-1_14 Gruss, D., Maurice, C., Wagner, K., Mangard, S.: Flush+flush: a fast and stealthy cache attack. In: Detection of Intrusions and Malware, and Vulnerability Assessment - 13th International Conference, DIMVA 2016, San Sebastián, Spain, July 7–8, 2016, Proceedings, pp. 279–299 (2016). https://​doi.​org/​10.​1007/​978-3-319-40667-1_​14
20.
go back to reference Götzfried, J., Eckert, M., Schinzel, S., Müller, T.: Cache attacks on intel SGX (2017) Götzfried, J., Eckert, M., Schinzel, S., Müller, T.: Cache attacks on intel SGX (2017)
21.
go back to reference Hoekstra, M., Lal, R., Pappachan, P., Phegade, V., Del Cuvillo, J.: Using innovative instructions to create trustworthy software solutions, p. 11 (2013) Hoekstra, M., Lal, R., Pappachan, P., Phegade, V., Del Cuvillo, J.: Using innovative instructions to create trustworthy software solutions, p. 11 (2013)
22.
go back to reference Intel: Intel Software Guard Extensions Programming Reference, October 2014, reference no. 329298–002US Intel: Intel Software Guard Extensions Programming Reference, October 2014, reference no. 329298–002US
23.
24.
go back to reference Kocher, P., et al.: Spectre Attacks: Exploiting Speculative Execution. ArXiv e-prints (2018) Kocher, P., et al.: Spectre Attacks: Exploiting Speculative Execution. ArXiv e-prints (2018)
25.
go back to reference Kuvaiskii, D., et al.: SGXBOUNDS: Memory safety for shielded execution. In: Proceedings of the Twelfth European Conference on Computer Systems, pp. 205–221. ACM (2017) Kuvaiskii, D., et al.: SGXBOUNDS: Memory safety for shielded execution. In: Proceedings of the Twelfth European Conference on Computer Systems, pp. 205–221. ACM (2017)
26.
go back to reference Lipp, M., et al.: Meltdown. ArXiv e-prints (2018) Lipp, M., et al.: Meltdown. ArXiv e-prints (2018)
28.
go back to reference Marshall, A., Howard, M.: Security best practices for developing windows azure applications (2010) Marshall, A., Howard, M.: Security best practices for developing windows azure applications (2010)
29.
go back to reference McKeen, F., et al.: Innovative instructions and software model for isolated execution. HASP@ ISCA 10 (2013) McKeen, F., et al.: Innovative instructions and software model for isolated execution. HASP@ ISCA 10 (2013)
30.
go back to reference Moghimi, A., Irazoqui, G., Eisenbarth, T.: Cachezoom: how SGX amplifies the power of cache attacks (2017) Moghimi, A., Irazoqui, G., Eisenbarth, T.: Cachezoom: how SGX amplifies the power of cache attacks (2017)
32.
go back to reference Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and countermeasures: the case of AES. In: Topics in Cryptology - CT-RSA 2006, The Cryptographers’ Track at the RSA Conference 2006, San Jose, CA, USA, February 13–17, 2006, Proceedings. pp. 1–20 (2006). https://doi.org/10.1007/11605805_1 Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and countermeasures: the case of AES. In: Topics in Cryptology - CT-RSA 2006, The Cryptographers’ Track at the RSA Conference 2006, San Jose, CA, USA, February 13–17, 2006, Proceedings. pp. 1–20 (2006). https://​doi.​org/​10.​1007/​11605805_​1
33.
go back to reference Rajwar, R., Dixon, M.: Intel transactional synchronization extensions. In: Intel Developer Forum San Francisco, vol. 2012 (2012) Rajwar, R., Dixon, M.: Intel transactional synchronization extensions. In: Intel Developer Forum San Francisco, vol. 2012 (2012)
37.
go back to reference Schwarz, M., et al.: Zombieload: cross-privilege-boundary data sampling. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, UK, November 11–15, 2019, pp. 753–768. ACM (2019). https://doi.org/10.1145/3319535.3354252 Schwarz, M., et al.: Zombieload: cross-privilege-boundary data sampling. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, UK, November 11–15, 2019, pp. 753–768. ACM (2019). https://​doi.​org/​10.​1145/​3319535.​3354252
39.
go back to reference Seo, J., et al.: SGX-shield: enabling address space layout randomization for SGX programs. In: Proceedings of the 2017 Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA (2017) Seo, J., et al.: SGX-shield: enabling address space layout randomization for SGX programs. In: Proceedings of the 2017 Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA (2017)
40.
go back to reference Shih, M.W., Lee, S., Kim, T., Peinado, M.: T-SGX: eradicating controlled-channel attacks against enclave programs. In: Proceedings of the 2017 Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA (2017) Shih, M.W., Lee, S., Kim, T., Peinado, M.: T-SGX: eradicating controlled-channel attacks against enclave programs. In: Proceedings of the 2017 Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA (2017)
41.
go back to reference Tromer, E., Osvik, D.A., Shamir, A.: Efficient cache attacks on AES, and countermeasures. J. Cryptol. 23(1), 37–71 (2010)MathSciNetCrossRef Tromer, E., Osvik, D.A., Shamir, A.: Efficient cache attacks on AES, and countermeasures. J. Cryptol. 23(1), 37–71 (2010)MathSciNetCrossRef
42.
go back to reference Wang, W., Chen, G., Pan, X., Zhang, Y., Wang, X.: Leaky cauldron on the dark land: understanding memory side-channel hazards in SGX. In: the 2017 ACM SIGSAC Conference (2017) Wang, W., Chen, G., Pan, X., Zhang, Y., Wang, X.: Leaky cauldron on the dark land: understanding memory side-channel hazards in SGX. In: the 2017 ACM SIGSAC Conference (2017)
43.
go back to reference Yarom, Y., Falkner, K.: Flush+reload: a high resolution, low noise, l3 cache side-channel attack. In: Usenix Conference on Security Symposium (2014) Yarom, Y., Falkner, K.: Flush+reload: a high resolution, low noise, l3 cache side-channel attack. In: Usenix Conference on Security Symposium (2014)
Metadata
Title
E-SGX: Effective Cache Side-Channel Protection for Intel SGX on Untrusted OS
Authors
Fan Lang
Huorong Li
Wei Wang
Jingqiang Lin
Fengwei Zhang
Wuqiong Pan
Qiongxiao Wang
Copyright Year
2021
DOI
https://doi.org/10.1007/978-3-030-71852-7_15

Premium Partner