DeepAI AI Chat
Log In Sign Up

The Heisenberg Defense: Proactively Defending SGX Enclaves against Page-Table-Based Side-Channel Attacks

12/22/2017
by   Raoul Strackx, et al.
KU Leuven
0

Protected-module architectures (PMAs) have been proposed to provide strong isolation guarantees, even on top of a compromised system. Unfortunately, Intel SGX -- the only publicly available high-end PMA -- has been shown to only provide limited isolation. An attacker controlling the untrusted page tables, can learn enclave secrets by observing its page access patterns. Fortifying existing protected-module architectures in a real-world setting against side-channel attacks is an extremely difficult task as system software (hypervisor, operating system, ...) needs to remain in full control over the underlying hardware. Most state-of-the-art solutions propose a reactive defense that monitors for signs of an attack. Such approaches unfortunately cannot detect the most novel attacks, suffer from false-positives, and place an extraordinary heavy burden on enclave-developers when an attack is detected. We present Heisenberg, a proactive defense that provides complete protection against page table based side channels. We guarantee that any attack will either be prevented or detected automatically before any sensitive information leaks. Consequently, Heisenberg can always securely resume enclave execution -- even when the attacker is still present in the system. We present two implementations. Heisenberg-HW relies on very limited hardware features to defend against page-table-based attacks. We use the x86/SGX platform as an example, but the same approach can be applied when protected-module architectures are ported to different platforms as well. Heisenberg-SW avoids these hardware modifications and can readily be applied. Unfortunately, it's reliance on Intel Transactional Synchronization Extensions (TSX) may lead to significant performance overhead under real-life conditions.

READ FULL TEXT
02/20/2021

SoftTRR: Protect Page Tables Against RowHammer Attacks using Software-only Target Row Refresh

Rowhammer attacks that corrupt level-1 page tables to gain kernel privil...
06/24/2020

A Survey of Published Attacks on Intel SGX

Intel Software Guard Extensions (SGX) provides a trusted execution envir...
08/20/2018

Mitigating Branch-Shadowing Attacks on Intel SGX using Control Flow Randomization

Intel Software Guard Extensions (SGX) is a promising hardware-based tech...
11/21/2021

Domain Page-Table Isolation

Modern applications often consist of different security domains that req...
11/18/2018

libmpk: Software Abstraction for Intel Memory Protection Keys

Intel memory protection keys (MPK) is a new hardware feature to support ...
02/25/2021

Swivel: Hardening WebAssembly against Spectre

We describe Swivel, a new compiler framework for hardening WebAssembly (...
07/08/2019

FortuneTeller: Predicting Microarchitectural Attacks via Unsupervised Deep Learning

The growing security threat of microarchitectural attacks underlines the...