Proceedings of the
The Nineteenth International Conference on Computational Intelligence and Security (CIS 2023)
December 1 – 4, 2023, Haikou, China
Recover Secrets from an SGX Enclave with Horizontal Power Analysis
Security Lab, Central Research Institute, Shanghai Fudan Microelectronics Group Co., Ltd, China.
ABSTRACT
Specter and Meltdown, microarchitectural side-channel attack methods, are currently prominent areas of academic research. These methods have also been employed to extract sensitive information from trusted execution environments like SGX. We introduce an attack method that effectively recovers the RSA signing private key executed within an SGX enclave by maliciously exploiting the Intel RAPL mechanism. This process leverages the SGX-Step attack framework and the Horizontal Power consumption analysis method to recover a 1024-bit RSA private key. Experimental results demonstrate the effectiveness of this attack method, even against software implementations with protections like exponent randomization and modulus randomization.
Keywords: SGX, RSA, Intel RAPL, Power analysis, Speculative execution, Horizontal attack.
Download PDF
Security Lab, Central Research Institute, Shanghai Fudan Microelectronics Group Co., Ltd, China.
ABSTRACT
Specter and Meltdown, microarchitectural side-channel attack methods, are currently prominent areas of academic research. These methods have also been employed to extract sensitive information from trusted execution environments like SGX. We introduce an attack method that effectively recovers the RSA signing private key executed within an SGX enclave by maliciously exploiting the Intel RAPL mechanism. This process leverages the SGX-Step attack framework and the Horizontal Power consumption analysis method to recover a 1024-bit RSA private key. Experimental results demonstrate the effectiveness of this attack method, even against software implementations with protections like exponent randomization and modulus randomization.
Keywords: SGX, RSA, Intel RAPL, Power analysis, Speculative execution, Horizontal attack.
Download PDF