- Jul 22, 2014
- 2,525
In a research paper published at the end of February, a team of five scientists from the Graz University of Technology has described a novel method of leaking data from SGX enclaves, a secure environment created by Intel CPUs for storing sensitive information for each process, such as encryption keys, passwords, and other.
Starting with the Skylake line, Intel introduced a new hardware extension called SGX (Software Guard Extensions) that isolates the CPU memory at the hardware level, creating safe spaces where applications can store information that only they can write or read.
Attack targets Intel SGX enclaves
These isolated memory fields are called enclaves and are used by both regular computers and by cloud servers.
On regular PCs, enclaves store sensitive information from each process, separating the data from the operating system's reach. On cloud servers, where multiple customers share the same machine, enclaves are crucial elements used by hypervisors, the software that creates and runs the different virtual machines for each customer.
Because of this memory separation and because the data stored in enclaves is also encrypted to safeguard from hardware-level attackers, right after its introduction, Intel has recommended that software developers store encryption keys in SGX enclaves, as there's no safer place to store such information.
Researchers create enclave malware
......
Starting with the Skylake line, Intel introduced a new hardware extension called SGX (Software Guard Extensions) that isolates the CPU memory at the hardware level, creating safe spaces where applications can store information that only they can write or read.
Attack targets Intel SGX enclaves
These isolated memory fields are called enclaves and are used by both regular computers and by cloud servers.
On regular PCs, enclaves store sensitive information from each process, separating the data from the operating system's reach. On cloud servers, where multiple customers share the same machine, enclaves are crucial elements used by hypervisors, the software that creates and runs the different virtual machines for each customer.
Because of this memory separation and because the data stored in enclaves is also encrypted to safeguard from hardware-level attackers, right after its introduction, Intel has recommended that software developers store encryption keys in SGX enclaves, as there's no safer place to store such information.
Researchers create enclave malware
......
