-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsgx-side-channel.tex
44 lines (31 loc) · 1.99 KB
/
sgx-side-channel.tex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
\documentclass[sigconf]{acmart}
\usepackage{booktabs} % For formal tables
% Copyright
\setcopyright{none}
%\setcopyright{acmcopyright}
%\setcopyright{acmlicensed}
%\setcopyright{rightsretained}
%\setcopyright{usgov}
%\setcopyright{usgovmixed}
%\setcopyright{cagov}
%\setcopyright{cagovmixed}
\begin{document}
\title{Software Side-Channel Attacks Against Intel SGX Enclaves}
\subtitle{CS 658 Research Paper}
\author{Colin Howes}
\affiliation{%
\institution{University of Waterloo}
\streetaddress{200 University Ave. W}
\city{Waterloo}
\state{ON}
\postcode{N2L 3G1}
}
\email{chowes@uwaterloo.ca}
\begin{abstract}
Isolation and protection of user-level processes on shared machines has traditionally been the domain of the operating system or hypervisor. However, in a cloud computing environment, users cannot rely on system software to provide isolation, since the service provider responsible for maintaining privileged software may not be trusted. Intel Software Guard Extensions (SGX) is a hardware-backed security extension of the Intel architecture that allows user-level software to run securely in an environment where all other software on the host system is untrusted. SGX uses secure enclaves running in protected memory along with a software attestation scheme to provide confidentiality and integrity guarantees to users wishing to execute software on an untrusted remote system. SGX is vulnerable to a number of software side-channel attacks, which leverage performance measurements to determine memory access patterns and derive secrets from software executing in secure SGX enclaves. This survey paper provides an overview of SGX vulnerabilities to software side-channel attacks, as well as possible countermeasures that can be implemented in hardware for future iterations of the SGX platform, or as software-based extensions to help secure existing SGX programs.
\end{abstract}
\maketitle
\input{sgx-body}
\bibliographystyle{ACM-Reference-Format}
\bibliography{sgx-side-channel}
\end{document}