Recent developments on hardware-based trusted execution environments hold the compelling potential of securely offloading sensitive computations to untrusted remote platforms, even after they have been fully compromised by malware. With the advent of commercial solutions like Intel SGX, hardware support for such “enclaved execution” is readily available in today’s processors. However, this talk will overview our research on software-based microarchitectural attacks that nuance the protection offered by Intel SGX. Particularly, we will show how untrusted operating systems can leverage their control over traditionally privileged processor interfaces, such as page tables and interrupts, to exploit new kinds of enclave software vulnerabilities, extract enclave metadata through innovative side channels, and ultimately dismantle trust in the Intel SGX ecosystem via high-profile transient-execution attacks, such as Foreshadow, ZombieLoad, and LVI.
Please email for a
Jo Van Bulck works as a postdoctoral researcher in the imec-DistriNet research lab at KU Leuven, Belgium. His research explores micro architectural security limitations along the hardware-software boundary, with a particular attention for privileged side-channel attacks in trusted execution environments. He obtained his PhD entitled “Microarchitectural Side-Channel Attacks for Privileged Software Adversaries” at KU Leuven in September 2020.