CISPA
Browse
cispa_all_3575.pdf (275.18 kB)

Minefield: A Software-only Protection for SGX Enclaves against DVFS Attacks

Download (275.18 kB)
conference contribution
posted on 2023-11-29, 18:19 authored by Andreas Kogler, Daniel Gruss, Michael SchwarzMichael Schwarz
Modern CPUs adapt clock frequencies and voltage levels to workloads to reduce energy consumption and heat dissipation. This mechanism, dynamic voltage and frequency scaling (DVFS), is controlled from privileged software but affects all execution modes, including SGX. Prior work showed that manipulating voltage or frequency can fault instructions and thereby subvert SGX enclaves. Consequently, Intel disabled the overclocking mailbox (OCM) required for software undervolting, also preventing benign use for energy saving. In this paper, we propose Minefield, the first software-level defense against DVFS attacks. The idea of Minefield is not to prevent DVFS faults but to deflect faults to trap instructions and handle them before they lead to harmful behavior. As groundwork for Minefield, we systematically analyze DVFS attacks and observe a timing gap of at least 57.8 us between every OCM transition, leading to random faults over at least 57000 cycles. Minefield places highly fault-susceptible trap instructions in the victim code during compilation. Like redundancy countermeasures, Minefield is scalable and enables enclave developers to choose a security parameter between 0% and almost 100%, yielding a fine-grained security-performance trade-off. Our evaluation shows a density of 0.75, i.e., one trap after every 1-2 instruction, mitigates all known DVFS attacks in 99% on Intel SGX, incurring an overhead of 148.4% on protected enclaves. However, Minefield has no performance effect on the remaining system. Thus, Minefield is a better solution than hardware- or microcode-based patches disabling the OCM interface.

History

Preferred Citation

Andreas Kogler, Daniel Gruss and Michael Schwarz. Minefield: A Software-only Protection for SGX Enclaves against DVFS Attacks. In: Usenix Security Symposium (USENIX-Security). 2022.

Primary Research Area

  • Threat Detection and Defenses

Name of Conference

Usenix Security Symposium (USENIX-Security)

Legacy Posted Date

2022-02-23

Open Access Type

  • Green

BibTeX

@inproceedings{cispa_all_3575, title = "Minefield: A Software-only Protection for SGX Enclaves against DVFS Attacks", author = "Kogler, Andreas and Gruss, Daniel and Schwarz, Michael", booktitle="{Usenix Security Symposium (USENIX-Security)}", year="2022", }

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC