Fix the leak: Side-Channel Protection for SGX using Data Location Randomization presented at CYSEC 2020

by Alexandra Dmitrienko,


Summary : Hardware-assisted security architectures, such as Intel SGX, promise protection to security-sensitive applications from malicious software executed on the same platform, and even from the compromised operating system. Recent research, however, has demonstrated that Intel’s SGX is vulnerable to software-based side-channel attacks, which can lead to a full compromise of SGX-protected secrets. In this talk, we revisit the problem of side-channel attacks on Intel SGX and present a pill -- Dr.SGX tool, that provides protection against cache-based side-channel attacks and attacks that rely on observation of induced page faults. Dr.SGX breaks the link between the memory observations by the adversary and the actual data accesses by the victim through data randomization and strikes the balance between side-channel protection and performance through continuous runtime enclave re-randomization and the re-randomization rate configurable through an adjustable security parameter. The tool is compiler-based and does not require any code annotations – thus, applicable by non-expert developers.