Shirt a Phobia

Intel SGX is a set of new instructions from Intel that allows user-level code to allocate private regions of memory, called enclaves, that unlike normal process memory is also protected from processes running at higher privilege levels.^[1]

Support for SGX in the CPU is indicated in CPUID “Structured Extended feature Leaf”, EBX bit 02,^[2] but its availability to applications requires BIOS support and opt-in enabling which is not reflected in CPUID bits. This complicates the feature detection logic for applications.^[3]

Emulation of SGX was added to experimental version of the QEMU system emulator in 2014.^[4] In 2015, researchers at the Georgia Institute of Technology released an open-source simulator known as OpenSGX.^[5]

It was introduced in 2015 with the sixth generation Intel Core microprocessors based on the Skylake microarchitecture.

The introduction of SGX has a large impact on the security industry.^{[citation needed]} It shifts how security is being achieved and lowers the attack surface area of projects. One example of SGX used in security was a demo application from wolfSSL ^[6] using it for cryptography algorithms. One example of a secure service built using SGX is Fortanix‘s key management service.^[7] This entire cloud based service is built using SGX servers and designed to provide privacy from cloud provider. An additional example is Numecent using SGX to protect the DRM that is used to authorize application execution with their Cloudpaging application delivery products.^[8]

Flaws

Prime+Probe attack

On 27 March 2017 researches at Austria’s Graz University of Technology developed a proof-of-concept that can grab RSA keys from SGX enclaves running on the same system within five minutes by using certain CPU instructions in lieu of a fine-grained timer to exploit cache DRAM side-channels.^[9]^[10]

References

^ “Intel® SGX for Dummies (Intel® SGX Design Objectives)”. intel.com. 2013-09-26.
^ Intel Architecture Instruction Set Extensions Programming Reference, Intel, AUGUST 2015, page 36 “Structured Extended feature Leaf EAX=07h, EBX Bit 02: SGX”
^ “Properly Detecting Intel® Software Guard Extensions in Your Applications”. intel.com. 2016-05-13.
^ https://tc.gtisc.gatech.edu/bss/2014/l/final/pjain43.pdf
^ “sslab-gatech/opensgx”. GitHub. Retrieved 2016-08-15.
^ “wolfSSL At IDF”. wolfssl. 2016-08-11.
^ “Fortanix Intel SGX Based Key Management”. 2017-02-26.
^ “Numecent Cloudpaging at Intel IDF”. numecent.com. 2016-08-16.
^ Chirgwin, Richard (March 7, 2017). “Boffins show Intel’s SGX can leak crypto keys”. The Register. Retrieved 1 May 2017.
^ Schwarz, Michael; Weiser, Samuel; Gruss, Daniel; Maurice, Clémentine; Mangard, Stefan (March 1, 2017). “Malware Guard Extension: Using SGX to Conceal Cache Attacks”. Graz University of Technology. Retrieved 1 May 2017.

External links

Intel Software Guard Extensions (Intel SGX) / ISA Extensions, Intel
- Intel Software Guard Extensions (Intel SGX) Programming Reference, Intel, October 2014
- IDF 2015 – Tech Chat: A Primer on Intel® Software Guard Extensions, Intel (poster)
- ISCA 2015 tutorial slides for Intel SGX, Intel, June 2015
McKeen, Frank, et al. (Intel), Innovative Instructions and Software Model for Isolated Execution // Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy. ACM, 2013.
Joanna Rutkowska, Thoughts on Intel’s upcoming Software Guard Extensions (Part 1), August 2013
SGX: the good, the bad and the downright ugly / Shaun Davenport, Richard Ford (Florida Institute of Technology) / Virus Bulletin, 2014-01-07
Victor Costan and Srinivas Devadas, Intel SGX Explained, January 2016.
wolfSSL, October 2016.

Intel

Subsidiaries	3Dlabs Altera Comneon Intel Security Mobileye Recon Instruments Virtutech Wind River Systems 4Group Holdings (50% owned by Technicolor SA)

Products	Intel AZ210 3D XPoint Accounts & SSO Amplify Tablet Advanced Programmable Interrupt Controller Cache Acceleration Software Client Initiated Remote Access Direct Media Interface Flexible Display Interface Hella Zippy Intel 1103 Intel Display Power Saving Technology Intel Modular Server System Intel Reader Intel SPSH4 Intel System Development Kit Intel Upgrade Service Intel740 InTru3D IXP1200 OFono Performance acceleration technology Shooting Star Smart Cache Stable Image Platform Virtual 8086 mode WiDi X25-M X86 Intel Clear Video Intel Quick Sync Video

Litigation	Advanced Micro Devices, Inc. v. Intel Corp. High-Tech Employee Antitrust Litigation Intel Corp. v. Advanced Micro Devices, Inc. Intel Corp. v. Hamidi Intel Corporation Inc. v CPM United Kingdom Ltd Silvaco Data Systems v. Intel Corp.

People	Gordon Moore Robert Noyce

Related	Intel Foundation Achievement Award Apple’s transition to Intel processors Intel Architecture Labs ASCI Red BiiN Classmate PC Convera Corporation Copy Exactly! Cornell Cup USA Intel Developer Forum Dynamic video memory technology Intel Extreme Masters List of Intel microprocessors List of Intel graphics processing units (2013 or earlier) I/O Acceleration Technology IA-32 Execution Layer IM Flash Technologies The Innovators Inside Inside Films Intel ADX Intel Capital Intel Cluster Ready Intel Compute Stick Intel Ireland Intel Mobile Communications Intel Outstanding Researcher Award Intel SHA extensions Intel Teach List of semiconductor fabrication plants List of Intel manufacturing sites Intel Museum OnCue Intel PRO/Wireless Intel International Science and Engineering Fair Regeneron Science Talent Search Simple Firmware Interface Single-chip Cloud Computer Software Guard Extensions Supervisor Mode Access Prevention Tarari Intel Technology Journal Intel Tera-Scale Timeline of Intel Xircom

CPU technologies

Architecture	Turing machine Post–Turing machine Universal Turing machine Quantum Turing machine Belt machine Stack machine Register machine Counter machine Pointer machine Random access machine Random access stored program machine Finite-state machine Queue automaton Von Neumann Harvard (Modified) Dataflow TTA Cellular Artificial neural network Machine learning Deep learning Convolutional neural network Load/store architecture Register memory architecture Register register architecture Endianness FIFO Zero-copy NUMA HUMA HSA Heterogeneous computing Parallel computing Amorphous computing Reconfigurable computing Cognitive computing DNA computing Peptide computing Chemical computing Organic computing Wetware computer Quantum computing Optical computing Reversible computing Unconventional computing Hypercomputation Ternary computer Symmetric multiprocessing (SMP) Asymmetric multiprocessing (AMP) Cache hierarchy Memory hierarchy

Instruction set	ASIP CISC RISC EDGE (TRIPS) VLIW (EPIC) MISC OISC NISC ZISC Comparison

Instruction Set Architecture (ISA)	x86 z/Architecture ARM MIPS Power Architecture (PowerPC) SPARC VISC Mill Itanium (IA-64) Alpha Prism SuperH Clipper VAX Unicore PA-RISC MicroBlaze

Word size	1-bit 4-bit 8-bit 9-bit 10-bit 12-bit 15-bit 16-bit 18-bit 22-bit 24-bit 25-bit 26-bit 27-bit 31-bit 32-bit 33-bit 34-bit 36-bit 39-bit 40-bit 48-bit 50-bit 60-bit 64-bit 128-bit 256-bit 512-bit Variable

Execution	Instruction pipelining Bubble Operand forwarding Out-of-order execution Register renaming Speculative execution Branch predictor Memory dependence prediction Hazards

Parallel level	Bit Bit-serial Word Instruction Pipelining Scalar Superscalar Task Thread Process Data Vector Memory

Multithreading	Temporal Simultaneous (SMT) (Hyper-threading) Speculative (SpMT) Preemptive Cooperative Clustered Multi-Thread (CMT) Hardware scout

Flynn’s taxonomy	SISD SIMD(SWAR) SIMT MISD MIMD SPMD Addressing mode

CPU performance	Instructions per second (IPS) Instructions per clock (IPC) Cycles per instruction (CPI) Floating-point operations per second (FLOPS) Transactions per second (TPS) SUPS Performance per watt Orders of magnitude (computing) Cache performance measurement and metric

Core count	Single-core processor Multi-core processor Manycore processor

Types	Central processing unit (CPU) GPGPU AI accelerator Vision processing unit (VPU) Vector processor Barrel processor Stream processor Digital signal processor (DSP) I/O processor/DMA controller Network processor Baseband processor Physics processing unit (PPU) Coprocessor Secure cryptoprocessor ASIC FPGA FPOA CPLD Microcontroller Microprocessor Mobile processor Notebook processor Ultra-low-voltage processor Multi-core processor Manycore processor Tile processor Multi-chip module (MCM) Chip stack multi-chip modules System on a chip (SoC) Network on a chip (NoC) Multiprocessor system-on-chip (MPSoC) Programmable System-on-Chip (PSoC)

Components	Execution unit (EU) Arithmetic logic unit (ALU) Address generation unit (AGU) Floating-point unit (FPU) Load-store unit (LSU) Fixed-point unit (FXU) Vector unit (VU) Branch predictor Branch execution unit (BEU) Instruction Decoder Instruction Scheduler Instruction Fetch Unit Instruction Dispatch Unit Instruction Sequencing Unit Unified Reservation Station Barrel shifter Uncore Sum addressed decoder (SAD) Front-side bus Back-side bus Northbridge (computing) Southbridge (computing) Adder (electronics) Binary multiplier Binary decoder Address decoder Multiplexer Demultiplexer Registers Cache Memory management unit (MMU) Input–output memory management unit (IOMMU) Integrated Memory Controller (IMC) Power Management Unit (PMU) Translation lookaside buffer (TLB) Stack engine Register file Processor register Hardware register Memory buffer register (MBR) Program counter Microcode ROM Datapath Control unit Instruction unit Re-order buffer Data buffer Write buffer Coprocessor Electronic switch Electronic circuit Integrated circuit Three-dimensional integrated circuit Boolean circuit Digital circuit Analog circuit Mixed-signal integrated circuit Power management integrated circuit Quantum circuit Logic gate Combinational logic Sequential logic Emitter-coupled logic (ECL) Transistor–transistor logic (TTL) Glue logic Quantum gate Gate array Counter (digital) Bus (computing) Semiconductor device Clock rate CPU multiplier

Power management	APM ACPI Dynamic frequency scaling Dynamic voltage scaling Clock gating

Hardware security	Non-executable memory (NX bit) Bounds checking (Intel MPX) Intel Secure Key Hardware restriction (firmware) Software Guard Extensions (Intel SGX) Trusted Execution Technology OmniShield Trusted Platform Module (TPM) Secure cryptoprocessor Hardware security module Hengzhi chip

Instruction set extensions

SIMD (RISC)	DEC Alpha MVI ARM NEON MIPS MDMX MIPS-3D MXU MIPS SIMD PA-RISC MAX Power Architecture AltiVec SPARC VIS

SIMD (x86)	MMX (1996) 3DNow! (1998) SSE (1999) SSE2 (2001) SSE3 (2004) SSSE3 (2006) SSE4 (2006) SSE5 ~~(2007)~~ AVX (2008) F16C (2009) XOP (2009) FMA (FMA4: 2011, FMA3: 2012) AVX2 (2013) AVX-512 (2015)

Bit manipulation	BMI (ABM: 2007, BMI1: 2012, BMI2: 2013, TBM: 2012) ADX (2014)

Code density	Thumb MIPS16e ASE

Security and Cryptography	AES-NI (2008); 32- and 64-bit ARMv8 also has AES instructions CLMUL (2010) RdRand (2012) SHA (2013) MPX (2015) SGX (2015)

Transactional memory	TSX (2013) ASF

Virtualization	VT-x (2005) AMD-V (2006)

Suspended extensions’ dates have been ~~struck through~~.

Sample Page

Flaws

Prime+Probe attack

References

External links