DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization

@article{Brasser2017DRSGXHS,
  title={DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization},
  author={F. Brasser and S. Capkun and A. Dmitrienko and Tommaso Frassetto and Kari Kostiainen and Urs M{\"u}ller and A. Sadeghi},
  journal={ArXiv},
  year={2017},
  volume={abs/1709.09917}
}
Recent research has demonstrated that Intel's SGX is vulnerable to various software-based side-channel attacks. [...] Key Method We design and implement a compiler-based tool called DR.SGX that instruments enclave code such that data locations are permuted at the granularity of cache lines. We realize the permutation with the CPU's cryptographic hardware-acceleration units providing secure randomization.Expand
44 Citations
Varys: Protecting SGX Enclaves from Practical Side-Channel Attacks
  • 85
  • PDF
Klotski: Efficient Obfuscated Execution against Controlled-Channel Attacks
  • 2
  • PDF
Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution
  • 489
  • PDF
The Guard's Dilemma: Efficient Code-Reuse Attacks Against Intel SGX
  • 53
  • PDF
MPTEE: bringing flexible and efficient memory protection to Intel SGX
  • 6
  • PDF
PAC it up: Towards Pointer Integrity using ARM Pointer Authentication
  • 28
  • PDF
New Attacks and Defenses for Randomized Caches
  • 2
  • PDF
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 103 REFERENCES
SgxPectre: Stealing Intel Secrets from SGX Enclaves Via Speculative Execution
  • 81
  • PDF
Cache Attacks on Intel SGX
  • 217
  • Highly Influential
  • PDF
MemJam: A False Dependency Attack Against Constant-Time Crypto Implementations in SGX
  • 36
JITGuard: Hardening Just-in-time Compilers with SGX
  • 20
  • PDF
Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution
  • 489
  • PDF
Software Grand Exposure: SGX Cache Attacks Are Practical
  • 340
  • PDF
The Guard's Dilemma: Efficient Code-Reuse Attacks Against Intel SGX
  • 53
  • PDF
A compiler and verifier for page access oblivious computation
  • 20
  • PDF
Cache Attacks and Countermeasures: The Case of AES
  • 1,107
  • Highly Influential
  • PDF
...
1
2
3
4
5
...