{AEX-Notify}: Thwarting Precise {Single-Stepping} Attacks through Interrupt Awareness for Intel {SGX} Enclaves
… : enclaves can register a trusted handler to be run after an … instructions from malicious
singlestepping or zero-stepping (eg, … C-States and SpeedStep technology, we conclude that privi…
singlestepping or zero-stepping (eg, … C-States and SpeedStep technology, we conclude that privi…
TDXdown: Single-Stepping and Instruction Counting Attacks against Intel TDX
L Wilke, F Sieck, T Eisenbarth - Proceedings of the 2024 on ACM …, 2024 - dl.acm.org
… for solving the data privacy and trust issues introduced by cloud … of zero-stepping attack
primitives on TDX out of scope. … tentially malicious interrupt pattern (4 and 5), the single-stepping …
primitives on TDX out of scope. … tentially malicious interrupt pattern (4 and 5), the single-stepping …
[PDF][PDF] SGX-Step: An Open-Source Framework for Precise Dissection and Practical Exploitation of Intel SGX Enclaves
J Van Bulck, F Piessens - 39th Annual Computer Security …, 2023 - lirias.kuleuven.be
… that now properly account for single-stepping adversaries. Highlighting its continued …
Techniques and technologies to address malicious single-stepping and zerostepping of trusted …
Techniques and technologies to address malicious single-stepping and zerostepping of trusted …
How trusted execution environments fuel research on microarchitectural attacks
… set is determined by the physical address, a malicious OS can easily monitor a cache set for
… (single stepping) or even transiently execute one instruction arbitrarily often (zero stepping).…
… (single stepping) or even transiently execute one instruction arbitrarily often (zero stepping).…
Powspectre: Powering up speculation attacks with tsx-based replay
… , integrating hardware-based trusted execution environments (… in all successful zero-stepping
samples. Conversely, failed … this feature can be maliciously manipulated to construct highly …
samples. Conversely, failed … this feature can be maliciously manipulated to construct highly …
Foreshadow: Extracting the keys to the intel {SGX} kingdom with transient {Out-of-Order} execution
… Figure 3 shows how our malicious kernel driver establishes an … We abuse such zero-stepping
as an unlimited prefetch … to the single-stepping or eldu prefetching root-only techniques of …
as an unlimited prefetch … to the single-stepping or eldu prefetching root-only techniques of …
[PDF][PDF] CacheWarp: Software-based fault injection using selective state reset
… Even without single stepping, we achieve a success rate of … a privileged attacker, ie, a
malicious hypervisor for AMD SEV. … We introduced a robust single- and zero-stepping framework …
malicious hypervisor for AMD SEV. … We introduced a robust single- and zero-stepping framework …
PLATYPUS: Software-based power side-channel attacks on x86
… may be compromised and behave maliciously. An application using … single-stepping
as described above and then sample the instruction an arbitrary number of times with zero-stepping. …
as described above and then sample the instruction an arbitrary number of times with zero-stepping. …
TeeJam: Sub-Cache-Line Leakages Strike Back
… The malicious OS scenario has enabled the development of … Many workloads today are
executed in trusted execution … excessive zero-stepping or very high single-stepping times …
executed in trusted execution … excessive zero-stepping or very high single-stepping times …
Avoiding, Preventing, and Mitigating CPU-Based Side Channel Attacks: A Best Practice Guide
TP Harris - 2022 - search.proquest.com
… predictors, preventing malicious code from affecting the branch … is a competent IT/technology
specialist who is capable of … run, before the single-stepping adversary configures the APIC …
specialist who is capable of … run, before the single-stepping adversary configures the APIC …