PhD Proposal by Ming-Wei Shih
Ph.D. Thesis Proposal Announcement
Title: Securing Intel SGX against Side-channel Attacks via Load-time Synthesis
School of Computer Science
Georgia Institute of Technology
Date: Sept 20 (Thursday)
Start Time: 2:00pm
Location: KACB 3126
Dr. Taesoo Kim (Advisor, School of Computer Science, Georgia Institute of Technology)
Dr. Wenke Lee(School of Computer Science, Georgia Institute of Technology)
Dr. Marcus Pienado (Microsoft Research)
One real-world technique that has the potential to ensure
the security of remote execution in an untrusted end-point is
Intel Software Guard Extensions (SGX). SGX allows an application
to run in a hardware-assisted isolated execution environment,
or an enclave, that excludes even privileged software such as
an operating system. Unfortunately, recent studies have shown
that such isolation is vulnerable to various types of side-channel
attacks. Given the strong threat model (i.e., an attacker controls
privileged software), the side-channel attacks are uniquely powerful.
More specifically, the attacker can learn accurate, high-resolution
side-channel information of the protected application, which
undermines the security guarantees that SGX intends to provide.
Although researchers have proposed several countermeasures
against the side-channel attacks on SGX, these countermeasures
focus only on a limited number of side-channel types. To achieve a
complete defense, one idea is to statically compose multiple countermeasures
and to enforce them on an application before deploying it to the end-point.
However, some of the countermeasures may not work as expected because
the statically enforced countermeasures cannot be adaptive to the hardware
specification at the end-point. For example, a TSX-based countermeasure
may provide no protection if the end-point does not support Intel TSX.
To address the limitation of static composition, we propose an alternative
approach, load-time synthesis, which adaptively composes multiple
countermeasures according to the hardware specification at the end-point.
More specifically, an enclave starts by executing a loader program.
The loader program then detects the hardware specification, selectively
enables the countermeasures, and finally produces an application binary
that runs with the possibly highest level of protection at the end-point.
- Workflow Status: Published
- Created By: Tatianna Richardson
- Created: 09/19/2018
- Modified By: Tatianna Richardson
- Modified: 09/19/2018