Foreshadow - Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution
Offered By: USENIX via YouTube
Course Description
Overview
Explore a groundbreaking 25-minute conference talk from USENIX Security '18 that unveils Foreshadow, a software-only microarchitectural attack dismantling the security of Intel SGX. Discover how this novel exploitation methodology leverages speculative execution bugs in modern Intel processors to reliably leak plaintext enclave secrets from the CPU cache. Learn about the attack's ability to extract full cryptographic keys from vetted architectural enclaves, launch rogue production enclaves, and forge local and remote attestation responses. Understand the far-reaching implications of this vulnerability, affecting millions of devices, and its potential impact on trusted execution environments and secure offloading of sensitive computations to untrusted remote platforms.
Syllabus
USENIX Security '18 - Foreshadow: Extracting the Keys to the Intel SGX Kingdom...
Taught by
USENIX
Related Courses
Rage Against The Machine ClearHack In The Box Security Conference via YouTube Secret Flaws of In-DRAM RowHammer Mitigations
Hack In The Box Security Conference via YouTube Grand Pwning Unit - Accelerating Microarchitectural Attacks with the GPU
IEEE via YouTube Page Cache Attacks - Microarchitectural Attacks on Flawless Hardware
Black Hat via YouTube A Security RISC - Microarchitectural Attacks on Hardware RISC-V CPUs
IEEE via YouTube