Projekte pro Jahr
Abstract
In modern computer systems, user processes are isolated from each other by the operating system and the hardware. Additionally, in a cloud scenario it is crucial that the hypervisor isolates tenants from other tenants that are co-located on the same physical machine. However, the hypervisor does not protect tenants against the cloud provider and thus the supplied operating system and hardware. Intel SGX provides a mechanism that addresses this scenario. It aims at protecting user-level software from attacks from other processes, the operating system, and even physical attackers. In this paper, we demonstrate fine-grained software-based sidechannel attacks from a malicious SGX enclave targeting co-located enclaves. Our attack is the first malware running on real SGX hardware, abusing SGX protection features to conceal itself. Furthermore, we demonstrate our attack both in a native environment and across multiple Docker containers. We perform a Prime+Probe cache side-channel attack on a co-located SGX enclave running an up-to-date RSA implementation that uses a constant-time multiplication primitive. The attack works although in SGX enclaves there are no timers, no large pages, no physical addresses, and no shared memory. In a semi-synchronous attack, we extract 96% of an RSA private key from a single trace. We extract the full RSA private key in an automated attack from 11 traces.
Originalsprache | englisch |
---|---|
Titel | Detection of Intrusions and Malware, and Vulnerability Assessment - 14th International Conference, DIMVA 2017, 2017 |
Herausgeber (Verlag) | Springer-Verlag Italia |
Seiten | 3-24 |
Seitenumfang | 22 |
Band | 10327 LNCS |
ISBN (Print) | 9783319608754 |
DOIs | |
Publikationsstatus | Veröffentlicht - 2017 |
Veranstaltung | 14th International Conference on Detection of Intrusions and Malware, and Vulnerability Assess, DIMVA 2017 - Bonn, Deutschland Dauer: 6 Juli 2017 → 7 Juli 2017 |
Publikationsreihe
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Band | 10327 LNCS |
ISSN (Print) | 0302-9743 |
ISSN (elektronisch) | 1611-3349 |
Konferenz
Konferenz | 14th International Conference on Detection of Intrusions and Malware, and Vulnerability Assess, DIMVA 2017 |
---|---|
Land/Gebiet | Deutschland |
Ort | Bonn |
Zeitraum | 6/07/17 → 7/07/17 |
ASJC Scopus subject areas
- Theoretische Informatik
- Informatik (insg.)
Fingerprint
Untersuchen Sie die Forschungsthemen von „Malware guard extension: Using SGX to conceal cache attacks“. Zusammen bilden sie einen einzigartigen Fingerprint.Projekte
- 2 Abgeschlossen
-
EU - SOPHIA - Absicherung von Software gegen Physische Angriffe
1/09/16 → 31/08/21
Projekt: Forschungsprojekt
-
Verlaesslichkeit im Internet der Dinge
Boano, C. A., Kubin, G., Bloem, R., Horn, M., Pernkopf, F., Zakany, N., Mangard, S., Witrisal, K., Römer, K. U., Aichernig, B., Bösch, W., Baunach, M. C., Tappler, M., Malenko, M., Weiser, S., Eichlseder, M., Leitinger, E., Grosinger, J., Großwindhager, B., Ebrahimi, M., Alothman Alterkawi, A. B., Knoll, C., Teschl, R., Saukh, O., Rath, M., Steinberger, M., Steinbauer-Wagner, G. & Tranninger, M.
1/01/16 → 31/03/22
Projekt: Forschungsprojekt