The Real Menace of Cloning Attacks on SGX Applications
By: Annika Wilde , Samira Briongos , Claudio Soriente and more
Potential Business Impact:
Protects secret computer code from being copied.
Trusted Execution Environments (TEEs) are gaining popularity as an effective means to provide confidentiality in the cloud. TEEs, such as Intel SGX, suffer from so-called rollback and cloning attacks (often referred to as forking attacks). Rollback attacks are enabled by the lack of freshness guarantees for sealed data; cloning attacks stem from the inability to determine if other instances of an enclave are running on the same platform. While rollback attacks have been extensively studied by the community, cloning attacks have been, unfortunately, less investigated. To address this gap, we extensively study and thoroughly analyze the susceptibility of 72 SGX-based proposals to cloning attacks. Our results show that roughly 20% of the analyzed proposals are insecure against cloning attacks-including those applications that rely on monotonic counters and are, therefore, secure against rollback attacks.
Similar Papers
Confidential Computing for Cloud Security: Exploring Hardware based Encryption Using Trusted Execution Environments
Cryptography and Security
Keeps your private computer information safe.
What You Trust Is Insecure: Demystifying How Developers (Mis)Use Trusted Execution Environments in Practice
Software Engineering
Makes secret computer code safer from hackers.
What You Trust Is Insecure: Demystifying How Developers (Mis)Use Trusted Execution Environments in Practice
Software Engineering
Makes computer code safer from hackers.