AsyncShock: Exploiting Synchronisation Bugs in Intel SGX Enclaves

Weichbrodt, Nico; Kurmus, Anil; Pietzuch, Peter; Kapitza, Rüdiger

doi:10.1007/978-3-319-45744-4_22

Cited by 138 publications

(87 citation statements)

References 22 publications

(16 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…SGX is a novel technology under continuous development and intense security research scrutiny. [20] exposes vulnerability exploits synchronization bugs to circumvent the security guarantees of SGX and to hijack the control flow of the enclave code or even bypass access control mechanisms. In [21], Buhren et al described a so-called fault attack, allowing an attacker to change the contents of the RAM encrypted area.…”

Section: Related Workmentioning

confidence: 99%

Component integrity guarantees in software-defined networking infrastructure

Girtler

Paladi

2017

2017 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)

View full text Add to dashboard Cite

Abstract-Operating system level virtualization containers are commonly used to deploy virtual network functions (VNFs) which access the centralized network controller in software-defined networking (SDN) infrastructure. While this allows flexible network configuration, it also increases the attack surface, as sensitive information is transmitted between the controller and the virtual network functions. In this work we propose a mechanism for bootstrapping secure communication between the SDN controller and deployed network applications. The proposed mechanism relies on platform integrity evaluation and execution isolation mechanisms, such as Linux Integrity Measurement Architecture and Intel Software Guard Extensions. To validate the feasibility of the proposed approach, we have implemented a proof of concept which was further tested and evaluated to assess its performance. The prototype can be seen as the first step into providing users with security guarantees regarding the integrity of components in the SDN infrastructure.

show abstract

Section: Related Workmentioning

confidence: 99%

Component integrity guarantees in software-defined networking infrastructure

Girtler

Paladi

2017

2017 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)

View full text Add to dashboard Cite

show abstract

“…Furthermore, side-channel attacks [37,36] based on vulnerabilities of the application running inside the enclave are not of interest: We assume all enclave software to be free of security-relevant bugs. Finally, we assume the design and implementation of SGX itself, including all cryptographic operations is secure and does not contain any vulnerabilities.…”

Section: Sgx-aware Threat Modelmentioning

confidence: 99%

TrustJS

Goltzsche

Wulf

Muthukumaran

et al. 2017

Proceedings of the 10th European Workshop on Systems Security

Self Cite

View full text Add to dashboard Cite

Client-side JavaScript has become ubiquitous in web applications to improve user experience and reduce server load. However, since clients are untrusted, servers cannot rely on the confidentiality or integrity of client-side JavaScript code and the data that it operates on. For example, client-side input validation must be repeated at server side, and confidential business logic cannot be offloaded. In this paper, we present TRUSTJS, a framework that enables trustworthy execution of security-sensitive JavaScript inside commodity browsers. TRUSTJS leverages trusted hardware support provided by Intel SGX to protect the client-side execution of JavaScript, enabling a flexible partitioning of web application code. We present the design of TRUSTJS and provide initial evaluation results, showing that trustworthy JavaScript offloading can further improve user experience and conserve more server resources.

show abstract

“…We now turn to the exploitation of concurrency bugs for the purpose of violating enclave integrity as demonstrated by Weichbrodt et al [13]. The attack proceeded by widening the window of vulnerability during which race conditions Figure 4: use-after-free concurrency bug lead to wrong synchronization behavior.…”

Section: Concurrency Bugsmentioning

confidence: 99%

“…However, running critical sections under DP protection helps preventing the exploitation of these bugs. We illustrate this on the example of the use-after-free concurrency bug from [13], which we depict in Fig. 4.…”

Section: Concurrency Bugsmentioning

confidence: 99%

“…Unfortunately, the current version of SGX fails to implement this protection in a tamperproof manner as has been demonstrated in two recent publications: (i) Xu et al [14] managed to extract significant amounts of confidential data (whole images) from enclaves by carefully paging enclaves to observe their control flow; (ii) Weichbrodt et al [13] carefully controlled the scheduling of enclave threads to trigger concurrency bugs in enclave-protected applications. Both attacks come from the fact that SGX allows the management OS to preempt the execution of enclaves at arbitrary points in time.…”

mentioning

confidence: 99%

See 1 more Smart Citation

Avoiding Leakage and Synchronization Attacks through Enclave-Side Preemption Control

Völp

Lackorzyński

Decouchant

et al. 2016

Proceedings of the 1st Workshop on System Software for Trusted Execution

View full text Add to dashboard Cite

Intel SGX is the latest processor architecture promising secure code execution despite large, complex and hence potentially vulnerable legacy operating systems (OSs). However, two recent works identified vulnerabilities that allow an untrusted management OS to extract secret information from Intel SGX's enclaves, and to violate their integrity by exploiting concurrency bugs. In this work, we re-investigate delayed preemption (DP) in the context of Intel SGX. DP is a mechanism originally proposed for L4-family microkernels as disable-interrupt replacement. Recapitulating earlier results on language-based information-flow security, we illustrate the construction of leakage-free code for enclaves. However, as long as adversaries have fine-grained control over preemption timing, these solutions are impractical from a performance/complexity perspective. To overcome this, we resort to delayed preemption, and sketch a software implementation for hypervisors providing enclaves as well as a hardware extension for systems like SGX. Finally, we illustrate how static analyses for SGX may be extended to check confidentiality of preemption-delaying programs.

show abstract

AsyncShock: Exploiting Synchronisation Bugs in Intel SGX Enclaves

Cited by 138 publications

References 22 publications

Component integrity guarantees in software-defined networking infrastructure

Component integrity guarantees in software-defined networking infrastructure

TrustJS

Avoiding Leakage and Synchronization Attacks through Enclave-Side Preemption Control

Contact Info

Product

Resources

About