Ruhr-Uni-Bochum

SoK: SGX.Fail: How Stuff Gets eXposed

2024

Conference / Journal

Authors

Christina Garman Yuval Yarom Eyal Ronen Andrew Miller Daniel Genkin Bader AlBassam Adam Batori Thomas Yurek Alex Seto Stephan van Schaik

Research Hub

Research Hub B: Eingebettete Sicherheit
Research Hub C: Sichere Systeme

Research Challenges

RC 5: Physical-Layer Security
RC 7: Building Secure Systems

Abstract

Intel’s Software Guard Extensions (SGX) promises an isolated execution environment, protected from all software running on the machine. As such, numerous works have sought to leverage SGX to provide confidentiality and integrity guarantees for code running in adversarial environments. In the past few years however, SGX has come under heavy fire, threatened by numerous hardware attacks. With Intel repeatedly patching SGX to regain security while consistently launching new (micro)architectures, it is increasingly difficult to track the applicability of various attacks techniques across the SGX design landscape.
Thus, in this paper we set out to survey and categorize various SGX attacks, their applicability to different SGX architectures, as well as the information leaked by them. We then set out to explore the effectiveness of SGX’s update mechanisms in preventing attacks on real-world deployments. Here, we study two commercial SGX applications. First, we investigate the SECRET network, an SGX-backed blockchain aiming to provide privacy preserving smart contracts. Next, we also consider PowerDVD, a UHD Blu-Ray Digital Rights Management (DRM) software licensed to play discs on PCs. We show that in both cases vendors are unable to meet security goals originally envisioned for their products, presumably due to SGX’s long update timelines and the complexities of a manual update process. This in turn forces vendors into making difficult security/usability trade offs, resulting in security compromises.

Tags

Software Security
Real-world Attacks
Computer Architecture