Mitigating Branch-Shadowing Attacks on Intel SGX using Control Flow Randomization

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

Researchers

Research units

  • University of Turku

Abstract

Intel Software Guard Extensions (SGX) is a promising hardware-based technology for protecting sensitive computation from potentially compromised system software. However, recent research has shown that SGX is vulnerable to branch-shadowing -- a side channel attack that leaks the fine-grained (branch granularity) control flow of an enclave (SGX protected code), potentially revealing sensitive data to the attacker. The previously-proposed defense mechanism, called Zigzagger, attempted to hide the control flow, but has been shown to be ineffective if the attacker can single-step through the enclave using the recent SGX-Step framework. Taking into account these stronger attacker capabilities, we propose a new defense against branch-shadowing, based on control flow randomization. Our scheme is inspired by Zigzagger, but provides quantifiable security guarantees with respect to a tunable security parameter. Specifically, we eliminate conditional branches and hide the targets of unconditional branches using a combination of compile-time modifications and run-time code randomization. We evaluated the performance of our approach using ten benchmarks from SGX-Nbench. Although we considered the worst-case scenario (whole program instrumentation), our results show that, on average, our approach results in less than 18% performance loss and less than 1.2 times code size increase.

Details

Original languageEnglish
Title of host publicationSysTEX '18
Subtitle of host publicationProceedings of the 3rd Workshop on System Software for Trusted Execution
Publication statusPublished - 15 Oct 2018
MoE publication typeA4 Article in a conference publication
EventWorkshop on System Software for Trusted Execution - Toronto, Canada
Duration: 15 Oct 201815 Oct 2018
Conference number: 3
https://www.sigsac.org/ccs/CCS2018/systex/

Workshop

WorkshopWorkshop on System Software for Trusted Execution
CountryCanada
CityToronto
Period15/10/201815/10/2018
Internet address

ID: 29117757