Skip to Main Content
Frequently Asked Questions
Submit an ETD
Global Search Box
Need Help?
Keyword Search
Participating Institutions
Advanced Search
School Logo
Files
File List
dissertation.pdf (1.73 MB)
ETD Abstract Container
Abstract Header
Exploitable Hardware Features and Vulnerabilities Enhanced Side-Channel Attacks on Intel SGX and Their Countermeasures
Author Info
Chen, Guoxing
Permalink:
http://rave.ohiolink.edu/etdc/view?acc_num=osu1554949268465917
Abstract Details
Year and Degree
2019, Doctor of Philosophy, Ohio State University, Computer Science and Engineering.
Abstract
Intel Software Guard eXtensions (SGX) provides software applications shielded execution environments to run private code and operate sensitive data, where both the code and data are isolated from the rest of the software systems. Despite of its security promises, today’s SGX design has been demonstrated to be vulnerable to various side-channel attacks, and countermeasures have been proposed to mitigate these attacks. However, current understanding of the attack vectors and the corresponding countermeasures is insufficient. This dissertation explores new attacks when the adversary could exploit hardware features, such as Hyper-Threading and speculative execution, and aims to design comprehensive defense mechanisms that could address existing threats. Specifically, we first demonstrate how to abuse Hyper-Threading to launch attacks that could bypass existing AEX-based mitigations. Then, we introduce SgxPectre Attacks, the SGX-variants of the recently disclosed Spectre attacks, that exploit speculative execution vulnerabilities to subvert the confidentiality of SGX enclaves. On the defense side, we first design and implement HyperRace, an LLVM-based tool for instrumenting SGX enclave programs to eradicate all side-channel threats due to Hyper-Threading. Then, to address the limitations of existing mitigations, we extend the idea of HyperRace and propose the concept of verifiable execution contracts, which request the privileged software to provide a benign execution environment for enclave within which launching attacks becomes infeasible.
Committee
Ten H. Lai (Advisor)
Yinqian Zhang (Advisor)
Radu Teodorescu (Committee Member)
Zhiqiang Lin (Committee Member)
Pages
162 p.
Subject Headings
Computer Engineering
;
Computer Science
Keywords
Intel SGX
;
computer engineering
;
hyper-threading
;
speculative execution
Recommended Citations
Refworks
EndNote
RIS
Mendeley
Citations
Chen, G. (2019).
Exploitable Hardware Features and Vulnerabilities Enhanced Side-Channel Attacks on Intel SGX and Their Countermeasures
[Doctoral dissertation, Ohio State University]. OhioLINK Electronic Theses and Dissertations Center. http://rave.ohiolink.edu/etdc/view?acc_num=osu1554949268465917
APA Style (7th edition)
Chen, Guoxing.
Exploitable Hardware Features and Vulnerabilities Enhanced Side-Channel Attacks on Intel SGX and Their Countermeasures.
2019. Ohio State University, Doctoral dissertation.
OhioLINK Electronic Theses and Dissertations Center
, http://rave.ohiolink.edu/etdc/view?acc_num=osu1554949268465917.
MLA Style (8th edition)
Chen, Guoxing. "Exploitable Hardware Features and Vulnerabilities Enhanced Side-Channel Attacks on Intel SGX and Their Countermeasures." Doctoral dissertation, Ohio State University, 2019. http://rave.ohiolink.edu/etdc/view?acc_num=osu1554949268465917
Chicago Manual of Style (17th edition)
Abstract Footer
Document number:
osu1554949268465917
Download Count:
592
Copyright Info
© 2019, all rights reserved.
This open access ETD is published by The Ohio State University and OhioLINK.