Researchers bypass Intel's Software Guard Extensions to access RSA keys

equifax hack
Dmitry Tishchenko/123RF
Intended to help users keep their systems safe and secure, Intel Software Guard Extensions is a set of CPU instructions that can make particular portions of code and data private. However, a new paper suggests that SGX could in fact be used to facilitate a malicious attack.

Samuel Weiser and four collaborators from the Graz University of Technology in Austria have published research that demonstrates how SGX can be used to conceal a piece of malware. Within minutes, this technique was used to gain access to RSA keys hidden in SGX enclaves, according to a report from The Register.

The researchers developed a method of monitoring vulnerable cache sets that allowed them to spot the telltale signature of an RSA key calculation. “Key recovery comes in three steps,” reads the paper. “First, traces are preprocessed. Second, a partial key is extracted from each trace. Third, the partial keys are merged to recover the private key.”

Tests were run on an SGX-capable Lenovo ThinkPad T460S, which was running Ubuntu version 16.10. The team found that a single cache trace offered access to 96 percent of a 4,096-bit RSA key, and it only took eleven traces for the complete key to be assembled. The process took less than five minutes.

The authors of the paper said it’s possible to block the type of attack that they’ve demonstrated. However, the responsibility of addressing the vulnerability falls to Intel, as changes made to operating systems could end up causing further damage to the SGX model.

This isn’t the first time that Weiser has gone public with evidence that SGX is vulnerable. In January 2017, he was part of a group of researchers that published a paper that demonstrated how its input-output protections could be abused to gain access to private user data.

Digital Trends was given the following statement by Intel:

There have been many academic articles looking at the security of SGX, including side-channel attacks. In general these papers do not demonstrate anything new or unexpected about the Intel SGX architecture.

Preventing side channel attacks is a matter for the enclave developer. Intel makes this clear In the security objectives for SGX, which are well documented. The types of side-channel attacks identified on the RSA implementation used in the Graz paper were well-known for some time and are addressed by other crypto libraries available to developers (e.g. OpenSSL).

Updated on 03-17-2017 by Brad Jones: Added statement from Intel.

Emerging Tech

Awesome Tech You Can’t Buy Yet: Grow veggies indoors and shower more efficiently

Check out our roundup of the best new crowdfunding projects and product announcements that hit the web this week. You may not be able to buy this stuff yet, but it sure is fun to gawk!
Computing

Chrome is a fantastic browser, but is is still the best among new competitors?

Choosing a web browser for surfing the web can be tough with all the great options available. Here we pit the latest versions of Chrome, Opera, Firefox, Edge, and Vivaldi against one another to find the best browsers for most users.
Home Theater

The best movies on Netflix in December, from 'Buster Scruggs’ to 'Roma'

Save yourself from hours wasted scrolling through Netflix's massive library by checking out our picks for the streamer's best movies available right now, whether you're into explosive action, witty humor, or anything else.
Movies & TV

The best shows on Netflix, from 'Haunting of Hill House’ to ‘Norsemen’

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.
Computing

Ryzen 3000 chips will be powerful, and they might be launched as early as July

AMD's upcoming Ryzen 3000 generation of CPUs could be the most powerful processors we've ever seen, with higher core counts, greater clock speeds, and competitive pricing. Here's what we know so far, based on both leaks and the recent…
Computing

With no plans for merging operating systems, Apple opts to combine apps instead

Apple is working on combining all of the the apps it offers to iPhone, iPad, and Mac users by 2021. App developers will soon be able to build and submit one version of their apps to be used by Apple product users.
Product Review

Razer just made our favorite gaming laptop even more powerful than before

The Razer Blade, our favorite gaming laptop, is now more powerful than ever before. That’s thanks to the new Nvidia RTX graphics cards inside. Do they help Razer retain its edge over the competition?
Gaming

These are the coolest games you can play on your Google Chrome browser right now

Not only is Google Chrome a fantastic web browser, it's also a versatile gaming platform that you can access from just about anywhere. Here are a few of our favorite titles for the platform.
Computing

Amazon takes $200 off Apple’s latest 13-inch MacBook Air with retina display

Amazon is taking $200 off Apple's latest MacBook Air. This MacBook Air has 13-inch retina display, a built-in FaceTime HD camera, and that classic lightweight wedge shape the Air is loved and known for.
Deals

Samsung drops a solid $100 discount on the Chromebook Pro

If you're in the market for a new laptop, but can't afford to drop $1,000 on one of the best models out there, Chromebooks are an excellent option. Right now, Samsung is offering $100 off the Samsung Chromebook Pro.
Computing

Lost your router? Here's how to find its IP address to help track it down

Changing the login information for your router isn't always easy, that's why so many have that little card on the back. But in order to use it, you need to know where to go. Here's how to find the IP address of your router.
Computing

Between Intel and AMD, these are the best gaming CPUs at every price

What are the best processors for gaming you can buy? You don't need to spend a fortune to get an amazing gaming CPU and now that AMD is competitive again, there are more choices than ever.
Computing

Our favorite Chrome themes add some much-needed pizzazz to your boring browser

Sometimes you just want Chrome to show a little personality and ditch the grayscale for something a little more lively. Lucky for you, we've sorted through the Chrome Web Store to find best Chrome themes available.
Computing

Here's our guide to how to charge your laptop using a USB-C cable

Charging via USB-C is a great way to power up your laptop. It only takes one cable and you can use the same one for data as well as power -- perfect for new devices with limited port options.