Technion researchers Assistant Professor Mark Silberstein of the Viterbi Faculty of Electrical Engineering, graduate student Marina Minkin from the Computer Science Department, and their colleagues abroad have broken through the Intel Software Guard Extension (SGX). SGX is Intel’s new, innovative security wall that protects the privacy and integrity of information and applications.
SGX is a revolutionary hardware technology that enables the creation of secure execution environments, called secure enclaves. Leading companies including Microsoft, IBM, and Google rely on SGX for a variety of applications. SGX is also available on all recent Intel processors and is broadly deployed in both personal computers and cloud computing services.
For instance, a company like Netflix might use SGX to ensure its customers watch movies only via Netflix’s video-streaming application to prevent illegal copies of streaming movies.
With SGX, Netflix servers can verify that the client application is invoked in a secure enclave that runs genuine Netflix software, and only then start transferring the movie. SGX will automatically encrypt all the information in the enclave’s memory with a unique hardware-protected key so it cannot be downloaded or manipulated in any other way.
But the attack developed by Technion researchers and their colleagues, dubbed Foreshadow, breaks these essential SGX security guarantees. Foreshadow exploits certain weaknesses in the existing mechanisms of Intel CPUs. This allows an attacker to expose private data and forge computations secured by SGX.
Researchers managed to read all information stored in the enclave — the information that the user assumes is confidential. Moreover, Foreshadow compromised the secure storage mechanisms, enabling the researchers to forge the programs running in the enclave.
The researchers reported Foreshadow to Intel. Further analysis into the causes of Foreshadow revealed that the same flaw enables a number of other devastating attacks that put the privacy of users at risk. Intel has already released patches to mitigate these risks.
Technion Researchers Hack into Ultra-Secure Controllers
Technion Researchers Discover “Severe” Bluetooth Communication Breach