Software Guard Extension (SGX) is a hardware-based trusted execution environment (TEE) implemented in recent Intel commodity processors. By isolating the memory of security-critical applications from untrusted software, this mechanism provides users with a strongly shielded environment called enclave for executing programs safely. However, recent studies have demonstrated that SGX enclaves are vulnerable to side-channel attacks. In order to deal with these attacks, several protection techniques have been studied and utilized.In this paper, we explore a new pattern history table (PHT) based side-channel attack against SGX named Bluethunder, which can bypass existing protection techniques and reveal the secret information inside an enclave. Comparing to existing PHT-based attacks (such as Branchscope [ERAG+18]), Bluethunder abuses the 2-level directional predictor in the branch prediction unit, on top of which we develop an exploitation methodology to disclose the input-dependent control flow in an enclave. Since the cost of training the 2-level predictor is pretty low, Bluethunder can achieve a high bandwidth during the attack. We evaluate our attacks on two case studies: extracting the format string information in the vfprintf function in the Intel SGX SDK and attacking the implementation of RSA decryption algorithm in mbed TLS. Both attacks show that Bluethunder can recover fine-grained information inside an enclave with low training overhead, which outperforms the latest PHT-based side channel attack (Branchscope) by 52×. Specifically, in the second attack, Bluethunder can recover the RSA private key with 96.76% accuracy in a single run.
Lake evaporation is an important link connecting the water cycle and the surface energy cycle and remains one of the most uncertain terms in the local catchment’s water balance. Quantifying lake evaporation and its variability is crucial to improve water resource management and understand the response of the lake system towards climate change. In this study, we evaluated the performances of nine evaporation methods at different timescales and calibrated them by using the continuous eddy covariance (EC) observation data during 2015–2018 over Erhai Lake, a highland open freshwater lake situated in the Dali valley, China. The nine evaporation methods could be classified into combination methods (Bowen-ratio energy budget, Penman, Priestley–Taylor, DeBruin–Keijman and Brutsaert–Stricker), solar radiation-based methods (Jensen–Haise and Makkink) and Dalton-based method (mass transfer and Ryan–Harleman) based on their parameterization schemes. The Dalton-based Ryan–Harleman method is most suitable for estimating evaporation at daily to weekly scales, while the combination methods and solar radiation-based method had good estimates at monthly timescale. After calibration, the biases of the Jensen–Haise and Ryan–Harleman method were slightly reduced, while the biases of the Makkink and mass transfer methods were reduced substantially. The calibrated Jensen–Haise method with small annual bias (−2.2~2.8%) and simple input variables was applied to estimate the long-term trend of evaporation during 1981–2018. The annual total evaporation showed an insignificant increasing trend of 0.30 mm year−1, mainly caused by the significant rising air temperature. This study showed the performance of evaporation methods over water bodies had large discrepancies on different time scales, which indicated the importance of the choice of evaporation methods and provided instruction for water resource management of this region under climate change.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.