https://github.com/sslab-gatech/sgx-bomb

https://github.com/sslab-gatech/sgx-bomb

Last synced: 5 days ago
JSON representation

• Host: GitHub
• URL: https://github.com/sslab-gatech/sgx-bomb
• Owner: sslab-gatech
• Created: 2018-09-01T06:44:31.000Z (over 6 years ago)
• Default Branch: master
• Last Pushed: 2018-09-01T07:30:39.000Z (over 6 years ago)
• Last Synced: 2025-02-15T10:45:51.920Z (about 2 months ago)
• Language: Makefile
• Size: 52.7 KB
• Stars: 16
• Watchers: 18
• Forks: 4
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

• Awesome-SGX-Open-Source - https://github.com/sslab-gatech/sgx-bomb

README

        
# The SGX-Bomb attack

*SGX-Bomb* launches the Rowhammer attack 

against enclave memory to trigger the processor lockdown. 

If arbitrary bit flips have occurred inside the

enclave because of the Rowhammer attack, any read attempts to

the enclave memory results in a failure of integrity check so that

the processor will be locked, and the system should be rebooted.

This repository contains proof-of-concept code snippets 

of the SGX-bomb attack, including

 1. A kernel module to retrieve physical addresses of the enclave pages

 2. An enclave program to launch SGX-bomb attack 

# Evaluation

We evaluated the effectiveness of the SGX-Bomb attack 

in a real environment with DDR4 DRAM;

it takes 283 s to hang the entire system 

with the default DRAM refresh rate, 64 ms.

*Kernel version*: 4.15.0-33-generic

*Intel SGX-SDK* : [SGX-2.2 ](https://github.com/intel/linux-sgx/commit/b0cc03a8184949cac76880449190d56dfb717cba)

 

## More details

* Paper (**SysTEX 2017**):

  https://taesoo.kim/pubs/2017/jang:sgx-bomb.pdf 

* Slides: https://taesoo.kim/pubs/2017/jang:sgx-bomb-slides.pdf

## Contributors

* [Yeongjin Jang]

* Jaehyuk Lee

* [Sangho Lee]

* [Taesoo Kim]

[Yeongjin Jang]: 

[Sangho Lee]: 

[Taesoo Kim]: