{"id":13642047,"url":"https://github.com/lsds/spectre-attack-sgx","last_synced_at":"2025-04-02T20:18:02.694Z","repository":{"id":68536541,"uuid":"116539722","full_name":"lsds/spectre-attack-sgx","owner":"lsds","description":"Spectre attack against SGX enclave","archived":false,"fork":false,"pushed_at":"2018-01-14T19:47:10.000Z","size":18,"stargazers_count":230,"open_issues_count":1,"forks_count":47,"subscribers_count":26,"default_branch":"master","last_synced_at":"2024-11-09T13:36:47.225Z","etag":null,"topics":["attack","enclave","sgx","spectre","speculative-execution"],"latest_commit_sha":null,"homepage":null,"language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lsds.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2018-01-07T05:18:28.000Z","updated_at":"2024-10-24T04:00:59.000Z","dependencies_parsed_at":"2023-07-27T10:15:09.095Z","dependency_job_id":null,"html_url":"https://github.com/lsds/spectre-attack-sgx","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lsds%2Fspectre-attack-sgx","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lsds%2Fspectre-attack-sgx/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lsds%2Fspectre-attack-sgx/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lsds%2Fspectre-attack-sgx/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lsds","download_url":"https://codeload.github.com/lsds/spectre-attack-sgx/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246884767,"owners_count":20849554,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["attack","enclave","sgx","spectre","speculative-execution"],"created_at":"2024-08-02T01:01:26.818Z","updated_at":"2025-04-02T20:18:02.669Z","avatar_url":"https://github.com/lsds.png","language":"C","funding_links":[],"categories":["Attacks","Security"],"sub_categories":["Memory Protection"],"readme":"# spectre-attack-sgx\nSample code demonstrating a Spectre-like attack against an Intel SGX enclave.\n\n## Overview \nGiven our [ongoing research](https://lsds.doc.ic.ac.uk/projects/sereca) on\nIntel SGX here in the LSDS group at Imperial College London, a question that\noccurred to us immediately on first hearing of the recent Meltdown and Spectre\nattacks is *what are the security implications of speculative execution side\nchannels for Intel SGX enclaves*?\n\nThis repository contains a proof-of-concept attack (`SGXSpectre`) showing it is\nindeed possible to use a speculative execution side-channel to leak data from\nan Intel SGX enclave.   \n\n## Attack Outline\nThe attack is similar conceptually to the conditional branch misprediction\n[Spectre attack](https://spectreattack.com/spectre.pdf) of Kocher et al. The main\ndifference is that we move the secret data (`secret`) and the victim function\n(`victim_function`) and overflow array (`array1`) inside [the\nenclave](SGXSpectre/enclave/enclave_attack.c). The\n[attacker](SGXSpectre/main/main.c) executes `victim_function` using an ecall,\npassing it the index `x` used to index into `array1`. \n\n## Code Layout\n* `SGXSpectre/main/main.c`: Contains the untrusted code to create the enclave and\nmount the SGXSpectre attack.\n* `SGXSpectre/enclave/enclave_attack.c`: Contains the enclave secret data\nand victim function. \n\n## Caveats\n* The attack requires that the `array1_size` variable (used to verify that `x` \nis within the bounds of `array1`) must *not* be cached. For simplicity our\nproof-of-concept currently stores `array1_size` outside the enclave, allowing\nthe attacker to flush it with a `clflush` instruction before each invocation of\nthe victim function. In reality this would be unsafe, since the bounds check\nshould not rely on a value stored in untrusted memory. However the attack could\nbe adapted to keep `array1_size` inside the enclave by using an alternative\nmechanism to flush it before each invocation (e.g. load other data whose\naddress coincides in the cache).\n\n* For simplicity we keep the `array2` array whose entries are probed by the \nattacker outside the enclave. As mentioned in the [Spectre\npaper](https://spectreattack.com/spectre.pdf), a prime+probe attack could\nbe used to infer the accesses to `array2` if it is not accessible to the attacker \n(e.g. if it is moved inside the enclave).\n \n## How to run the code\n1. Install Intel(R) SGX SDK for Linux* OS\n2. Build the SGXSpectre project with the prepared Makefile:\n    * Hardware Mode:\n        $ make \n    * Simulation Mode:\n        $ make SGX_MODE=SIM\n3. Execute the binary directly:\n    $ ./sgxspectre\n4. Remember to \"make clean\" before switching build mode\n\n## Credits\nSGXSpectre is brought to you by Dan O'Keeffe, Divya Muthukumaran, Pierre-Louis\nAublin, Florian Kelbert, Christian Priebe, Josh Lind, Huanzhou Zhu and Peter Pietzuch.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flsds%2Fspectre-attack-sgx","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flsds%2Fspectre-attack-sgx","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flsds%2Fspectre-attack-sgx/lists"}