Memory Corruption Attacks Against Intel SGX - Invited Talk

Davi, Lucas
Name der Veranstaltung:
DC-Area Anonymity, Privacy, and Security Seminar
Washington D.C., USA


The Intel Software Guard Extensions (SGX) technology allows an application developer to isolate security-critical code and data inside a protected memory area called enclave. While most research has studied side-channel attacks against SGX this talk will investigate memory corruption attacks such as return-oriented programming in the context of SGX. We will demonstrate how an attacker can exploit the Intel SDK libraries to compromise enclaves and steal secret information. In addition we will investigate the host-to-enclave boundary and its susceptibility to memory corruption attacks.

Seminar Homepage: