This repository contains my solutions and explanations for the tutorial taught at the 8th International Conference on Security, Privacy, and Applied Cryptography Engineering (SPACE18), held 2018 December 15, Kanpur, India.
Please check the official repository https://github.com/jovanbulck/sgx-tutorial-space18 by Jo Van Bulck for more information.
I have implemented the solutions for the tutorials for better understanding (with the help of the original solutions, wherever needed) and added my results and explanations at the end of the respective README files (Solution and Explanation section).
All the experiments (with results listed in the section Solution and Explanation) are performed on the laptop with configuration:
Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz
You can also check the original solutions provided in the solutions branch of the official repository.
The inclusion of the Software Guard eXtensions (SGX) in recent Intel processors has been broadly acclaimed for bringing strong hardware-enforced trusted computing guarantees to mass consumer devices, and for protecting end user data in an untrusted cloud environment. While SGX assumes a very strong attacker model and indeed even safeguards enclave secrets against a compromised operating system, recent research has demonstrated that considerable private data (e.g., full text and images, complete cryptographic keys) may still be reconstructed by monitoring subtle side-effects of the enclaved execution.
We argue that a systematic understanding of such side-channel leakage sources is essential for writing intrinsically secure enclave applications, and will be instrumental to the success of this new trusted execution technology. This tutorial and write-up therefore aims to bring a better understanding of current state-of-the-art side-channel attacks and defenses on Intel SGX platforms. Participants will learn how to extract data from elementary example applications, thereby recognizing how to avoid common pitfalls and information leakage sources in enclave development.
Jo Van Bulck, Frank Piessens "Tutorial: Uncovering and mitigating side-channel leakage in Intel SGX enclaves", 8th International Conference on Security, Privacy, and Applied Cryptography Engineering (SPACE'18). December 2018.
This tutorial is aimed at a target audience of C programmers with an interest in security. The tutorial takes about three hours, with an equal split between lectures and practical exercises.
Note (SGX support). Since we do not assume that all participants have access to an SGX-capable Intel processor, plus linux-sgx toolchain, we made sure that all exercises have both an unprotected and enclaved version. For the SPACE2018 tutorial setting, we will provide SSH access to an SGX machine over the local network in order to test the enclaved version.
However, to keep pressure on the remote SSH SGX machine low, we strongly advise to first develop the unprotected attack scenario on your local x86 machine, before testing the enclaved version on the remote SGX machine via SSH. Once the unprotected version is working, it should be relatively straightforward to port the attack to an SGX setting.
| Program | SGX enclave version | Description |
|---|---|---|
| 001-pwd | 001-sgx-pwd | Basic timing side-channel attack. |
| 002-inc-secret | 002-sgx-inc-secret | Basic page fault side-channel attack. |
| 003-flush-and-reload | 003-sgx-flush-and-reload | Flush+Reload cache attack on unprotected memory. |
| 004-str | 004-sgx-str | More subtle page fault side-channel attack. |
| 005-rsa | 005-sgx-rsa | Page fault sequence side-channel attack. |
You are welcome to re-use all of the material in this repository for your own teaching (given appropriate credit). All exercise code is free software, licensed under GPLv3. Presentation material (slides) are released on a CC-BY basis.