Betriebssysteme · Institut für Systemarchitektur · Fakultät Informatik · TU Dresden



14. 06. 2019

When SGX fell victim to speculative execution bugs


Mark Silberstein

Technion, Haifa, Israel

Sondertermin: APB 3105, 10:30

I will describe the recipe of speculative execution attacks, and focus on the recent one called Foreshadow. The first variant of Foreshadow breaks the SGX confidentiality guarantees and enables us to circumvent the SGX remote attestation mechanism. Later, Intel's continued investigation revealed two other variants, with the most devastating one allowing a malicious Guest OS running in a virtual machine to access the host data. I will explain a few less known technical details and will discuss some of its non-technical implications.
Joint work with Jo Van Bulck, Frank Piessens, Raoul Strackx (imec-DistriNet, KU Leuven), Marina Minkin (Technion & University of Michigan), Ofir Weisse, Daniel Genkin, Baris Kasikci, Thomas F. Wenisch (University of Michigan), Yuval Yarom (University of Adelaide and CSIRO's Data61).
23. Oct 2019
· Copyright © 2001-2019 Operating Systems Group, TU Dresden | Impressum ·