back

Ramming Enclave Gates: A Systematic Vulnerability Assessment of TEE Shielding Runtimes

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
00:45:33
Language
English
Abstract
This talk presents an extensive security analysis of trusted-execution environment shielding runtimes, covering over two years of continuing research and leading to 7 CVE designations in industry-grade Intel SGX enclave SDKs.

For the first time, we develop a systematic way of reasoning about enclave shielding responsibilities categorized across 11 distinct classes across the ABI and API tiers. Our analysis revealed over 40 new interface sanitization vulnerabilities, and we developed innovative techniques to aid practically exploitation through among others CPU register poisoning, timer-based single-stepping, rogue CPU exception handlers, and side-channel-based cryptanalysis. We finally analyze tendencies across the landscape and find that developers continue to make the same mistakes, calling for improved vulnerability detection and mitigation techniques.

This talk overviews the security and state of practice of today's Trusted Execution Environment (TEE) shielding runtimes from both industry and research. Our systematic analysis uncovered over 40 re-occurring enclave interface sanitization vulnerabilities in 8 major open-source shielding frameworks for Intel SGX, RISC-V, and Sancus TEEs. The resulting vulnerability landscape enables attackers to poison victim programs through both low-level CPU state, including previously overlooked attack vectors through the x86 status flags and floating-point co-processor, as well as through higher-level programming constructs such as untrusted pointer arguments passed into the shared address
space.

We develop new and improved technique to practically exploit these vulnerabilities in several attack scenarios that leak full cryptographic keys from the enclave or enable arbitrary remote code reuse. Following extended responsible disclosure embargoes, our findings were assigned 7 designated CVE records and led to numerous security patches in the vulnerable open-source projects, including the Intel SGX-SDK, Microsoft's Open Enclave, Google's Asylo, and the Rust compiler.

Our findings highlight that emerging TEE technologies, such as Intel SGX, are _not_ a silver-bullet solution and continue to be misunderstood in both industry and academia. While promising, we explain that TEEs require extra scrutiny from the enclave developer and we set out to identify common pitfalls and constructive recommendations for best practices for enclave interface sanitization. Throughout the talk, we overview shielding responsibilities and argue that proper enclave hygiene will be instrumental to the success of the emerging Intel SGX ecosystem. Additionally, we point to several subtle properties of the Intel x86 complex instruction set considerably increase the attack surface for enclave attackers and require the end developer to be aware of their respective shielding runtime or apply additional sanitizations at the application level itself.

Talk ID
11366
Event:
rc3
Day
3
Room
rC1
Start
1 p.m.
Duration
00:40:00
Track
IT-Security
Type of
lecture
Speaker
Jo Van Bulck
Fritz Alder
Talk Slug & media link
rc3-11366-ramming_enclave_gates_a_systematic_vulnerability_assessment_of_tee_shielding_runtimes

Talk & Speaker speed statistics

Very rough underestimation:
152.4 wpm
830.8 spm
48.5% Checking done48.5%
51.5% Syncing done51.5%
0.0% Transcribing done0.0%
0.0% Nothing done yet0.0%
  
100.0% Checking done100.0%
0.0% Nothing done yet0.0%
  

Work on this video on Amara!

English: Quality control done until

Last revision: 4 weeks ago

Talk & Speaker speed statistics with word clouds

Whole talk:
152.4 wpm
830.8 spm