TY - GEN
T1 - FORESHADOW
T2 - 27th USENIX Security Symposium
AU - Van Bulck, Jo
AU - Minkin, Marina
AU - Weisse, Ofir
AU - Genkin, Daniel
AU - Kasikci, Baris
AU - Piessens, Frank
AU - Silberstein, Mark
AU - Wenisch, Thomas F.
AU - Yarom, Yuval
AU - Strackx, Raoul
N1 - Publisher Copyright: © 2018 Proceedings of the 27th USENIX Security Symposium. All rights reserved.
PY - 2018
Y1 - 2018
N2 - Trusted execution environments, and particularly the Software Guard eXtensions (SGX) included in recent Intel x86 processors, gained significant traction in recent years. A long track of research papers, and increasingly also real-world industry applications, take advantage of the strong hardware-enforced confidentiality and integrity guarantees provided by Intel SGX. Ultimately, enclaved execution holds the compelling potential of securely offloading sensitive computations to untrusted remote platforms. We present Foreshadow, a practical software-only microarchitectural attack that decisively dismantles the security objectives of current SGX implementations. Crucially, unlike previous SGX attacks, we do not make any assumptions on the victim enclave's code and do not necessarily require kernel-level access. At its core, Foreshadow abuses a speculative execution bug in modern Intel processors, on top of which we develop a novel exploitation methodology to reliably leak plaintext enclave secrets from the CPU cache. We demonstrate our attacks by extracting full cryptographic keys from Intel's vetted architectural enclaves, and validate their correctness by launching rogue production enclaves and forging arbitrary local and remote attestation responses. The extracted remote attestation keys affect millions of devices.
AB - Trusted execution environments, and particularly the Software Guard eXtensions (SGX) included in recent Intel x86 processors, gained significant traction in recent years. A long track of research papers, and increasingly also real-world industry applications, take advantage of the strong hardware-enforced confidentiality and integrity guarantees provided by Intel SGX. Ultimately, enclaved execution holds the compelling potential of securely offloading sensitive computations to untrusted remote platforms. We present Foreshadow, a practical software-only microarchitectural attack that decisively dismantles the security objectives of current SGX implementations. Crucially, unlike previous SGX attacks, we do not make any assumptions on the victim enclave's code and do not necessarily require kernel-level access. At its core, Foreshadow abuses a speculative execution bug in modern Intel processors, on top of which we develop a novel exploitation methodology to reliably leak plaintext enclave secrets from the CPU cache. We demonstrate our attacks by extracting full cryptographic keys from Intel's vetted architectural enclaves, and validate their correctness by launching rogue production enclaves and forging arbitrary local and remote attestation responses. The extracted remote attestation keys affect millions of devices.
UR - http://www.scopus.com/inward/record.url?scp=85074447436&partnerID=8YFLogxK
M3 - منشور من مؤتمر
T3 - Proceedings of the 27th USENIX Security Symposium
SP - 991
EP - 1008
BT - Proceedings of the 27th USENIX Security Symposium
Y2 - 15 August 2018 through 17 August 2018
ER -