SoK: SGX. Fail: How stuff gets eXposed
S Van Schaik, A Seto, T Yurek, A Batori… - … IEEE Symposium on …, 2024 - ieeexplore.ieee.org
Intel's Software Guard Extensions (SGX) promises an isolated execution environment,
protected from all software running on the machine. As such, numerous works have sought …
protected from all software running on the machine. As such, numerous works have sought …
Downfall: Exploiting speculative data gathering
D Moghimi - 32nd USENIX Security Symposium (USENIX Security …, 2023 - usenix.org
We introduce Downfall attacks, new transient execution attacks that undermine the security
of computers running everywhere across the internet. We exploit the gather instruction on …
of computers running everywhere across the internet. We exploit the gather instruction on …
{AEX-Notify}: Thwarting Precise {Single-Stepping} Attacks through Interrupt Awareness for Intel {SGX} Enclaves
Intel® Software Guard Extensions (Intel® SGX) supports the creation of shielded enclaves
within unprivileged processes. While enclaves are architecturally protected against …
within unprivileged processes. While enclaves are architecturally protected against …
Privacy-Enhancing Technologies in Biomedical Data Science
The rapidly growing scale and variety of biomedical data repositories raise important privacy
concerns. Conventional frameworks for collecting and sharing human subject data offer …
concerns. Conventional frameworks for collecting and sharing human subject data offer …
[HTML][HTML] Evaluating the applicability of hardware trust anchors for automotive applications
C Plappert, D Lorych, M Eckel, L Jäger, A Fuchs… - Computers & …, 2023 - Elsevier
The automotive trend towards autonomous driving and advanced connected services
increases both complexity of the vehicle internal network and the connections to its …
increases both complexity of the vehicle internal network and the connections to its …
SGXonerate: Finding (and Partially Fixing) Privacy Flaws in TEE-based Smart Contract Platforms Without Breaking the TEE
TEE-based smart contracts are an emerging blockchain architecture, offering fully
programmable privacy with better performance than alternatives like secure multiparty …
programmable privacy with better performance than alternatives like secure multiparty …
SWiSSSE: System-wide security for searchable symmetric encryption
This paper initiates a new direction in the design and analysis of searchable symmetric
encryption (SSE) schemes. We provide the first comprehensive security model and definition …
encryption (SSE) schemes. We provide the first comprehensive security model and definition …
Scaling mobile private contact discovery to billions of users
Mobile contact discovery is a convenience feature of messengers such as WhatsApp or
Telegram that helps users to identify which of their existing contacts are registered with the …
Telegram that helps users to identify which of their existing contacts are registered with the …
{MorFuzz}: Fuzzing processor via runtime instruction morphing enhanced synchronizable co-simulation
Modern processors are too complex to be bug free. Recently, a few hardware fuzzing
techniques have shown promising results in verifying processor designs. However, due to …
techniques have shown promising results in verifying processor designs. However, due to …
Confidential Consortium Framework: Secure multiparty applications with confidentiality, integrity, and high availability
Confidentiality, integrity protection, and high availability, abbreviated to CIA, are essential
properties for trustworthy data systems. The rise of cloud computing and the growing …
properties for trustworthy data systems. The rise of cloud computing and the growing …