SGXlinger: A New Side-Channel Attack Vector Based on Interrupt Latency Against Enclave Execution
2018 IEEE 36th International Conference on Computer Design (ICCD)(2018)
摘要
Software Guard Extension (SGX) is a new security feature that has been released in recent Intel commodity processors. It is designed to provide a user program with a strongly shielded environment against other components in the system, including the OS, firmware and hardware peripherals. With SGX, developers can securely deploy critical applications on untrusted remote platforms without the concern of information leakage. However, researchers have found several attacks against SGX, suggesting blind reliance on SGX is inadvisable, and promoting the need for a comprehensive study on the security property of SGX. In this paper, we discover a new attack vector SGXlinger to disclose information inside the protected program. Our attack monitors the interrupt latency of the SGX-protected program, and it is the first time that the interrupt latency is leveraged as a side-channel. We develop a framework to repeatedly measure the interrupt latency of an enclave program, and the evaluation shows we can learn coarse-grained information inside the shielded environment. In an experimental setting, we measure that the information leakage rate of the proposed side-channel can reach up to 35 Kbps.
更多查看译文
关键词
Security,Enclave execution,Side-channel attack
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要