Tutorial: Uncovering and Mitigating Side-Channel Leakage in Intel SGX Enclaves

The inclusion of the Software Guard eXtensions (SGX) in recent Intel processors has been broadly acclaimed for bringing strong hardware-enforced trusted computing guarantees to mass consumer devices, and for protecting end user data in an untrusted cloud environment. While SGX assumes a very strong attacker model and indeed even safeguards enclave secrets against a compromised operating system, recent research has demonstrated that considerable private data (e.g., full text and images, complete cryptographic keys) may still be reconstructed by monitoring subtle side-effects of the enclaved execution. We argue that a systematic understanding of such side-channel leakage sources is essential for writing intrinsically secure enclave applications, and will be instrumental to the success of this new trusted execution technology. This tutorial and write-up therefore aims to bring a better understanding of current state-of-the-art side-channel attacks and defenses on Intel SGX platforms. Participants will learn how to extract data from elementary example applications, thereby recognizing how to avoid common pitfalls and information leakage sources in enclave development.