FORESHADOW: Extracting the keys to the intel SGX kingdom with transient out-of-order execution

Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, Raoul Strackx

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Trusted execution environments, and particularly the Software Guard eXtensions (SGX) included in recent Intel x86 processors, gained significant traction in recent years. A long track of research papers, and increasingly also real-world industry applications, take advantage of the strong hardware-enforced confidentiality and integrity guarantees provided by Intel SGX. Ultimately, enclaved execution holds the compelling potential of securely offloading sensitive computations to untrusted remote platforms. We present Foreshadow, a practical software-only microarchitectural attack that decisively dismantles the security objectives of current SGX implementations. Crucially, unlike previous SGX attacks, we do not make any assumptions on the victim enclave's code and do not necessarily require kernel-level access. At its core, Foreshadow abuses a speculative execution bug in modern Intel processors, on top of which we develop a novel exploitation methodology to reliably leak plaintext enclave secrets from the CPU cache. We demonstrate our attacks by extracting full cryptographic keys from Intel's vetted architectural enclaves, and validate their correctness by launching rogue production enclaves and forging arbitrary local and remote attestation responses. The extracted remote attestation keys affect millions of devices.

Original languageEnglish
Title of host publicationProceedings of the 27th USENIX Security Symposium
Pages991-1008
Number of pages18
ISBN (Electronic)9781939133045
StatePublished - 2018
Event27th USENIX Security Symposium - Baltimore, United States
Duration: 15 Aug 201817 Aug 2018

Publication series

NameProceedings of the 27th USENIX Security Symposium

Conference

Conference27th USENIX Security Symposium
Country/TerritoryUnited States
CityBaltimore
Period15/08/1817/08/18

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Information Systems
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'FORESHADOW: Extracting the keys to the intel SGX kingdom with transient out-of-order execution'. Together they form a unique fingerprint.

Cite this