Sok: Sgx. fail: How stuff gets exposed
S Van Schaik, A Seto, T Yurek, A Batori… - … IEEE Symposium on …, 2024 - ieeexplore.ieee.org
Intel's Software Guard Extensions (SGX) promises an isolated execution environment,
protected from all software running on the machine. As such, numerous works have sought …
protected from all software running on the machine. As such, numerous works have sought …
{AEX-Notify}: Thwarting Precise {Single-Step**} Attacks through Interrupt Awareness for Intel {SGX} Enclaves
Intel® Software Guard Extensions (Intel® SGX) supports the creation of shielded enclaves
within unprivileged processes. While enclaves are architecturally protected against …
within unprivileged processes. While enclaves are architecturally protected against …
{CIPHERLEAKS}: Breaking Constant-time Cryptography on {AMD}{SEV} via the Ciphertext Side Channel
AMD's Secure Encrypted Virtualization (SEV) is a hardware extension available in AMD's
EPYC server processors to support confidential cloud computing. While various prior studies …
EPYC server processors to support confidential cloud computing. While various prior studies …
One glitch to rule them all: Fault injection attacks against amd's secure encrypted virtualization
R Buhren, HN Jacob, T Krachenfels… - Proceedings of the 2021 …, 2021 - dl.acm.org
AMD Secure Encrypted Virtualization (SEV) offers protection mechanisms for virtual
machines in untrusted environments through memory and register encryption. To separate …
machines in untrusted environments through memory and register encryption. To separate …
A systematic look at ciphertext side channels on AMD SEV-SNP
Hardware-assisted memory encryption offers strong confidentiality guarantees for trusted
execution environments like Intel SGX and AMD SEV. However, a recent study by Li et al …
execution environments like Intel SGX and AMD SEV. However, a recent study by Li et al …
Sevurity: No security without integrity: Breaking integrity-free memory encryption with minimal assumptions
One reason for not adopting cloud services is the required trust in the cloud provider: As they
control the hypervisor, any data processed in the system is accessible to them. Full memory …
control the hypervisor, any data processed in the system is accessible to them. Full memory …
Intellectual property exposure: subverting and securing intellectual property encapsulation in texas instruments microcontrollers
In contrast to high-end computing platforms, specialized memory protection features in low-
end embedded devices remain relatively unexplored despite the ubiquity of these devices …
end embedded devices remain relatively unexplored despite the ubiquity of these devices …
vSGX: virtualizing SGX enclaves on AMD SEV
The growing need of trusted execution environment (TEE) has boomed the development of
hardware enclaves. However, current TEEs and their applications are tightly bound to the …
hardware enclaves. However, current TEEs and their applications are tightly bound to the …
Gramine-tdx: A lightweight os kernel for confidential vms
While Confidential Virtual Machines (CVMs) have emerged as a prominent way for
hardware-assisted confidential computing, their primary usage is not suitable for small …
hardware-assisted confidential computing, their primary usage is not suitable for small …
Crossline: Breaking" security-by-crash" based memory isolation in amd sev
AMD's Secure Encrypted Virtualization (SEV) is an emerging security feature of modern
AMD processors that allows virtual machines to run with encrypted memory and perform …
AMD processors that allows virtual machines to run with encrypted memory and perform …