Skip to main content

Researchers bypass Intel's Software Guard Extensions to access RSA keys

Close-up of hands on a laptop keyboard in a dark room.
Dmitry Tishchenko/123RF
Intended to help users keep their systems safe and secure, Intel Software Guard Extensions is a set of CPU instructions that can make particular portions of code and data private. However, a new paper suggests that SGX could in fact be used to facilitate a malicious attack.

Samuel Weiser and four collaborators from the Graz University of Technology in Austria have published research that demonstrates how SGX can be used to conceal a piece of malware. Within minutes, this technique was used to gain access to RSA keys hidden in SGX enclaves, according to a report from The Register.

Recommended Videos

The researchers developed a method of monitoring vulnerable cache sets that allowed them to spot the telltale signature of an RSA key calculation. “Key recovery comes in three steps,” reads the paper. “First, traces are preprocessed. Second, a partial key is extracted from each trace. Third, the partial keys are merged to recover the private key.”

Please enable Javascript to view this content

Tests were run on an SGX-capable Lenovo ThinkPad T460S, which was running Ubuntu version 16.10. The team found that a single cache trace offered access to 96 percent of a 4,096-bit RSA key, and it only took eleven traces for the complete key to be assembled. The process took less than five minutes.

The authors of the paper said it’s possible to block the type of attack that they’ve demonstrated. However, the responsibility of addressing the vulnerability falls to Intel, as changes made to operating systems could end up causing further damage to the SGX model.

This isn’t the first time that Weiser has gone public with evidence that SGX is vulnerable. In January 2017, he was part of a group of researchers that published a paper that demonstrated how its input-output protections could be abused to gain access to private user data.

Digital Trends was given the following statement by Intel:

There have been many academic articles looking at the security of SGX, including side-channel attacks. In general these papers do not demonstrate anything new or unexpected about the Intel SGX architecture.

Preventing side channel attacks is a matter for the enclave developer. Intel makes this clear In the security objectives for SGX, which are well documented. The types of side-channel attacks identified on the RSA implementation used in the Graz paper were well-known for some time and are addressed by other crypto libraries available to developers (e.g. OpenSSL).

Updated on 03-17-2017 by Brad Jones: Added statement from Intel.
Brad Jones
Former Digital Trends Contributor
Brad is an English-born writer currently splitting his time between Edinburgh and Pennsylvania. You can find him on Twitter…
This breakthrough holographic display could make AR glasses a reality in 2026
A simulated view of Swave-powered AR glasses.

Consumer AR glasses could soon become a reality thanks to a breakthrough holographic chip from Swave. Lightweight, low-power, affordable AR glasses have thus far been a distant dream.

The best smart glasses can display massive virtual screens but require a phone or other device for video and power. The buzz around AR glasses has been growing, spurred by an impressive Meta Orion prototype demonstration and the powerful new Snap Spectacles update. However, we’re still waiting for comfortable, affordable glasses that display bright, crisp images over a wide field of view.
Swave’s HXR display
Swave's laser-powered holographic display engine is compact and lightweight Swave

Read more
This HP ProBook laptop is normally $1,876 — today it’s $769
The HP ProBook 445 laptop on a white background.

If you're on the lookout for laptop deals because you need a device for a work-from-home job or to run a small business, you should check out this offer for the HP ProBook 445. Originally sold for $1,876, this dependable machine is down to just $769, for savings of $1,107. We're not sure how long stocks will last though, as a 59% discount for a powerful laptop will surely attract a lot of attention. If you don't want to miss out on this bargain, you'll need to complete your purchase as soon as possible.

Why you should buy the HP ProBook 445 laptop
HP is firmly in our list of the best laptop brands, and the HP ProBook 445 showcases its reputation for reliable devices with modern designs. The device is powered by the AMD Ryzen 5 7535U processor and AMD Radeon 660M Graphics, along with 16GB of RAM that's only found in top-tier machines, according to our guide on how much RAM do you need. You won't have any trouble in carrying out your daily workload with these specifications, especially with the advanced features that you can access with Windows 11 Pro that's pre-installed in this laptop's 512GB SSD. Don't worry -- you'll still have enough storage space for your apps and files.

Read more
Thomson Reuters lands copyright win against AI company. What’s next?
Thomson Reuters website as seen on an iPhone 16 Pro.

The first landmark win in an AI copyright case is here. A Delaware court has ruled that a tech startup used copyright-protected material to build a competing AI-based legal product, which is against the law, handing over a remarkable win to Thomson Reuters.

This is the first major victory for a plaintiff fighting against an AI company over what constitutes “fair use” of material owned by another entity. The parent company of the Reuters news agency has been tangled in a lengthy legal case against Ross Intelligence, an AI company that lifted material from Thomson Reuters’s Westlaw platform.

Read more