Privileged side-channel attacks for enclave adversaries

Add to your list(s) Download to your calendar using vCal

• Jo Van Bulck (KU Leuven)
• Thursday 20 February 2020, 11:00-12:00
• Computer Science, The Sloman Lounge (UG).

If you have a question about this talk, please contact Isra Ahmed.

In an increasingly connected world, hardware-based Trusted Execution Environments (TEEs) hold the compelling potential of securely offloading sensitive computations to untrusted remote platforms, even after they have been fully compromised by malware. With the advent of commercial solutions like Intel SGX and ARM TrustZone, hardware support for such “enclaved execution” is readily available in today’s processors. However, as demonstrated in recent research, state-of-the-art commercial TEEs focus solely on architectural isolation while leaving subtle-yet-dangerous microarchitectural leakage largely out-of-scope. This talk will overview how the strengthened TEE adversary model often leads to new and unexpected attack surfaces. This ranges from new kinds of software vulnerabilities, over innovative side-channel attack vectors that abuse traditionally privileged hardware-software interfaces (e.g., page tables or interrupts), to ultimately high-profile transient execution threats that may completely dismantle TEE security guarantees (e.g., as demonstrated by the recent Foreshadow and ZombieLoad attacks).

This talk is part of the Computer Security Seminars series.

This talk is included in these lists:

• Computer Science Departmental Series
• Computer Science Distinguished Seminars
• Computer Science, The Sloman Lounge (UG)
• Computer Security Seminars
• computer sience

Note that ex-directory lists are not shown.