Frontal Attack: Leaking Control-Flow in SGX via the CPU Frontend

Thu 18Nov2021

Ivan Puddu, ETH Zürich

From 12.30 until 14.00

At CNB/F/110 (Lunch) + CAB G 52 (Seminar), ETH Zurich

CNB/F/110 (Lunch) + CAB G 52 (Seminar), ETH Zurich


In this talk I’ll present the Frontal attack, a new timing side-channel attack on Intel CPU processors. Our attack exploits timing differences that arise from how the CPU frontend fetches and processes instructions while being interrupted. In particular, we observe that in modern Intel CPUs, some instructions’ execution times will depend on which operations precede and succeed them, and on their virtual addresses. Unlike previous attacks that could only profile branches if they contained different code or had known branch targets, the Frontal attack allows the adversary to distinguish between instruction-wise identical branches. As the attack requires OS capabilities to set the interrupts, we use it to exploit SGX enclaves.
Our attack further demonstrates that secret-dependent branches should not be used even alongside defenses to current controlled-channel attacks. We show that the adversary can use the Frontal attack to extract a secret from an SGX enclave if that secret was used as a branching condition for two instruction-wise identical branches. We successfully tested the attack on all the available Intel CPUs with SGX (until 10th gen) and used it to leak information from two commonly used cryptographic libraries.

Join us in CNB/F/110 (Lunch) + CAB G 52 (Seminar). Don't forget to bring Covid certificates + ID! 

Download Event to Calendar