论文信息 - Breaking Virtual Memory Protection and the SGX Ecosystem with Foreshadow

Breaking Virtual Memory Protection and the SGX Ecosystem with Foreshadow

Foreshadow is a speculative execution attack that allows adversaries to subvert the security guarantees of Intel's Software Guard eXtensions (SGX). Foreshadow allows access to data across process boundaries, and allows virtual machines (VMs) to read the physical memory belonging to other VMs or the hypervisor.

[1] Thomas F. Wenisch,et al. Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution , 2018, USENIX Security Symposium.

[2] Marcus Peinado,et al. Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems , 2015, 2015 IEEE Symposium on Security and Privacy.

[3] Shay Gueron,et al. Memory Encryption for General-Purpose Processors , 2016, IEEE Security & Privacy.

[4] Thomas F. Wenisch,et al. Foreshadow-NG: Breaking the virtual memory abstraction with transient out-of-order execution , 2018 .

[5] Carlos V. Rozas,et al. Innovative instructions and software model for isolated execution , 2013, HASP '13.

[6] Yuval Yarom,et al. FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack , 2014, USENIX Security Symposium.

[7] Michael Hamburg,et al. Spectre Attacks: Exploiting Speculative Execution , 2018, 2019 IEEE Symposium on Security and Privacy (SP).

[8] Michael Hamburg,et al. Meltdown: Reading Kernel Memory from User Space , 2018, USENIX Security Symposium.