Security Vulnerabilities of SGX and Countermeasures: A Survey
Loading...
Access rights
openAccess
URL
Journal Title
Journal ISSN
Volume Title
A1 Alkuperäisartikkeli tieteellisessä aikakauslehdessä
This publication is imported from Aalto University research portal.
View publication in the Research portal (opens in new window)
View/Open full text file from the Research portal (opens in new window)
Other link related to publication (opens in new window)
View publication in the Research portal (opens in new window)
View/Open full text file from the Research portal (opens in new window)
Other link related to publication (opens in new window)
Date
2021-07-13
Department
Department of Communications and Networking
Major/Subject
Mcode
Degree programme
Language
en
Pages
36
Series
ACM COMPUTING SURVEYS, Volume 54, issue 6
Abstract
Trusted Execution Environments (TEEs) have been widely used in many security-critical applications. The popularity of TEEs derives from its high security and trustworthiness supported by secure hardware. Intel Software Guard Extensions (SGX) is one of the most representative TEEs that creates an isolated environment on an untrusted operating system, thus providing run-time protection for the execution of security-critical code and data. However, Intel SGX is far from the acme of perfection. It has become a target of various attacks due to its security vulnerabilities. Researchers and practitioners have paid attention to the security vulnerabilities of SGX and investigated optimization solutions in real applications. Unfortunately, existing literature lacks a thorough review of security vulnerabilities of SGX and their countermeasures. In this article, we fill this gap. Specifically, we propose two sets of criteria for estimating security risks of existing attacks and evaluating defense effects brought by attack countermeasures. Furthermore, we propose a taxonomy of SGX security vulnerabilities and shed light on corresponding attack vectors. After that, we review published attacks and existing countermeasures, as well as evaluate them by employing our proposed criteria. At last, on the strength of our survey, we propose some open challenges and future directions in the research of SGX security.Description
Funding Information: This work was supported in part by the National Natural Science Foundation of China under Grant 62072351 and Grant 61802293; in part by the National Postdoctoral Program for Innovative Talents under Grant BX20180238; in part by the Project funded by China Postdoctoral Science Foundation under Grant 2018M633461; in part by the Academy of Finland under Grant 308087 and Grant 335262; in part by the Shaanxi Innovation Team Project under Grant 2018TD-007; and in part by the 111 Project under Grant B16037. Authors’ addresses: S. F. Fei, W. X. Ding, and H. M. Xie, The State Key Lab of ISN, School of Cyber Engineering, Xidian University, 266 Xinglong Section of Xifeng Road, Xi’an, Shaanxi 710126, China; emails: shufanfei@gmail.com, wxding@xidian.edu.cn, 752099702@qq.com; Z. Yan (corresponding author), The State Key Lab of ISN, School of Cyber Engineering, Xidian University, Xi’an, Shaanxi, China and Department of Communications and Networking, School of Electrical Engineering, Aalto University, Konemiehentie 2, P.O.Box 15400, Espoo 02150, Finland; emails: zyan@xidian.edu.cn, zheng.yan@aalto.fi. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from permissions@acm.org. © 2021 Association for Computing Machinery. 0360-0300/2021/07-ART126 $15.00 https://doi.org/10.1145/3456631 Publisher Copyright: © 2021 ACM.
Keywords
security, side-channel attacks, Trusted execution environment, trustworthiness
Other note
Citation
Fei, S, Yan, Z, Ding, W & Xie, H 2021, ' Security Vulnerabilities of SGX and Countermeasures: A Survey ', ACM Computing Surveys, vol. 54, no. 6, 126 . https://doi.org/10.1145/3456631