AsyncShock: Exploiting Synchronisation Bugs in Intel SGX Enclaves

Intel’s Software Guard Extensions (SGX) provide a new hardware-based trusted execution environment on Intel CPUs using secure enclaves that are resilient to accesses by privileged code and physical attackers. Originally designed for securing small services, SGX bears promise to protect complex, possibly cloud-hosted, legacy applications. In this paper, we show that previously considered harmless synchronisation bugs can turn into severe security vulnerabilities when using SGX. By exploiting use-after-free and time-of-check-to-time-of-use (TOCTTOU) bugs in enclave code, an attacker can hijack its control flow or bypass access control. We present AsyncShock, a tool for exploiting synchronisation bugs of multithreaded code running under SGX. AsyncShock achieves this by only manipulating the scheduling of threads that are used to execute enclave code. It allows an attacker to interrupt threads by forcing segmentation faults on enclave pages. Our evaluation using two types of Intel Skylake CPUs shows that AsyncShock can reliably exploit use-after-free and TOCTTOU bugs

Modern Family: A Revocable Hybrid Encryption Scheme Based on Attribute-Based Encryption, Symmetric Searchable Encryption and SGX

Secure cloud storage is considered as one of the most important issues that both businesses and end-users take into account before moving their private data to the cloud. Lately, we have seen some interesting approaches that are based either on the promising concept of Symmetric Searchable Encryption (SSE) or on the well-studied field of Attribute-Based Encryption (ABE). In the first case, researchers are trying to design protocols where users' data will be protected from both internal and external attacks without paying the necessary attention to the problem of user revocation. In the second case, existing approaches address the problem of revocation. However, the overall efficiency of these systems is compromised since the proposed protocols are solely based on ABE schemes and the size of the produced ciphertexts and the time required to decrypt grows with the complexity of the access formula. In this paper, we propose a hybrid encryption scheme that combines both SSE and ABE by utilizing the advantages of both these techniques. In contrast to many approaches, we design a revocation mechanism that is completely separated from the ABE scheme and solely based on the functionality offered by SGX

CacheZoom: How SGX Amplifies The Power of Cache Attacks

In modern computing environments, hardware resources are commonly shared, and parallel computation is widely used. Parallel tasks can cause privacy and security problems if proper isolation is not enforced. Intel proposed SGX to create a trusted execution environment within the processor. SGX relies on the hardware, and claims runtime protection even if the OS and other software components are malicious. However, SGX disregards side-channel attacks. We introduce a powerful cache side-channel attack that provides system adversaries a high resolution channel. Our attack tool named CacheZoom is able to virtually track all memory accesses of SGX enclaves with high spatial and temporal precision. As proof of concept, we demonstrate AES key recovery attacks on commonly used implementations including those that were believed to be resistant in previous scenarios. Our results show that SGX cannot protect critical data sensitive computations, and efficient AES key recovery is possible in a practical environment. In contrast to previous works which require hundreds of measurements, this is the first cache side-channel attack on a real system that can recover AES keys with a minimal number of measurements. We can successfully recover AES keys from T-Table based implementations with as few as ten measurements.Comment: Accepted at Conference on Cryptographic Hardware and Embedded Systems (CHES '17

SecureKeeper: confidential zooKeeper using intel SGX

Cloud computing, while ubiquitous, still suffers from trust issues, especially for applications managing sensitive data. Third-party coordination services such as ZooKeeper and Consul are fundamental building blocks for cloud applications, but are exposed to potentially sensitive application data. Recently, hardware trust mechanisms such as Intel's Software Guard Extensions (SGX) offer trusted execution environments to shield application data from untrusted software, including the privileged Operating System (OS) and hypervisors. Such hardware support suggests new options for securing third-party coordination services. We describe SecureKeeper, an enhanced version of the ZooKeeper coordination service that uses SGX to preserve the confidentiality and basic integrity of ZooKeeper-managed data. SecureKeeper uses multiple small enclaves to ensure that (i) user-provided data in ZooKeeper is always kept encrypted while not residing inside an enclave, and (ii) essential processing steps that demand plaintext access can still be performed securely. SecureKeeper limits the required changes to the ZooKeeper code base and relies on Java's native code support for accessing enclaves. With an overhead of 11%, the performance of SecureKeeper with SGX is comparable to ZooKeeper with secure communication, while providing much stronger security guarantees with a minimal trusted code base of a few thousand lines of code

Data Oblivious Genome Variants Search on Intel SGX

We show how to build a practical, private data oblivious genome variants search using Intel SGX. More precisely, we consider the problem posed in Track 2 of the iDash Privacy and Security Workshop 2017 competition, which was to search for variants with high $\chi^{2}$ statistic among certain genetic data over two populations. The winning solution of this iDash competition (developed by Carpov and Tortech) is extremely efficient, but not memory oblivious, which potentially made it vulnerable to a whole host of memory- and cache-based side channel attacks on SGX. In this paper, we adapt a framework in which we can exactly quantify this leakage. We provide a memory oblivious implementation with reasonable information leakage at the cost of some efficiency. Our solution is roughly an order of magnitude slower than the non-memory oblivious implementation, but still practical and much more efficient than naive memory-oblivious solutions--it solves the iDash problem in approximately 5 minutes. In order to do this, we develop novel definitions and models for oblivious dictionary merging, which may be of independent theoretical interest

A tale of two worlds:assessing the vulnerability of enclave shielding runtimes

status: publishe

Gastrointestinal decontamination in the acutely poisoned patient

ObjectiveTo define the role of gastrointestinal (GI) decontamination of the poisoned patient.Data sourcesA computer-based PubMed/MEDLINE search of the literature on GI decontamination in the poisoned patient with cross referencing of sources.Study selection and data extractionClinical, animal and in vitro studies were reviewed for clinical relevance to GI decontamination of the poisoned patient.Data synthesisThe literature suggests that previously, widely used, aggressive approaches including the use of ipecac syrup, gastric lavage, and cathartics are now rarely recommended. Whole bowel irrigation is still often recommended for slow-release drugs, metals, and patients who "pack" or "stuff" foreign bodies filled with drugs of abuse, but with little quality data to support it. Activated charcoal (AC), single or multiple doses, was also a previous mainstay of GI decontamination, but the utility of AC is now recognized to be limited and more time dependent than previously practiced. These recommendations have resulted in several treatment guidelines that are mostly based on retrospective analysis, animal studies or small case series, and rarely based on randomized clinical trials.ConclusionsThe current literature supports limited use of GI decontamination of the poisoned patient

Dynamics of glucose metabolism after Kkdney transplantation.

Background/Aims: Posttransplantation diabetes mellitus (PTDM) impacts patient and allograft survival after kidney transplantation. Prediabetes, which is an independent risk factor for PTDM, is modifiable also in a post-transplant setting. Understanding the risks and dynamics of impaired glucose metabolism after transplantation is a key component for targeted intervention. Methods: A retrospective chart analysis of all adult non-diabetic renal allograft recipients (n=251, 2007-2014) was performed. Longitudinal follow-up included fasting plasma glucose and HbA1c, as well as data on allograft function and immunosuppression at consecutive time points (months 3-6 to >5 years post transplantation). Results: Throughout follow-up, median prevalence of prediabetes and PTDM was 53.3 [52.4-55.7]% and 15.4 [15.0-16.5]%, respectively. Continuously high fluxes between states of glucose metabolism, with individual patients' state deteriorating or improving over time, resulted in a high number of incident patients even long after transplantation. The greatest number of patients shifted between normal glucose tolerance and prediabetes, followed by those between prediabetes and PTDM. Conclusion: Prediabetes and PTDM are highly prevalent after kidney transplantation and incidences remain relevant throughout follow-up. Patient fluxes into and out of the prediabetic state show that glucose metabolism is highly dynamic after transplantation. This provides a continuous opportunity for intervention in an aim to reduce diabetes-associated complications