Skip to main content
  1. Home
  2. Computing
  3. News

Researchers bypass Intel's Software Guard Extensions to access RSA keys

Brad Jones
By

Close-up of hands on a laptop keyboard in a dark room.
Dmitry Tishchenko/123RF
Intended to help users keep their systems safe and secure, Intel Software Guard Extensions is a set of CPU instructions that can make particular portions of code and data private. However, a new paper suggests that SGX could in fact be used to facilitate a malicious attack.

Samuel Weiser and four collaborators from the Graz University of Technology in Austria have published research that demonstrates how SGX can be used to conceal a piece of malware. Within minutes, this technique was used to gain access to RSA keys hidden in SGX enclaves, according to a report from The Register.

The researchers developed a method of monitoring vulnerable cache sets that allowed them to spot the telltale signature of an RSA key calculation. “Key recovery comes in three steps,” reads the paper. “First, traces are preprocessed. Second, a partial key is extracted from each trace. Third, the partial keys are merged to recover the private key.”

Tests were run on an SGX-capable Lenovo ThinkPad T460S, which was running Ubuntu version 16.10. The team found that a single cache trace offered access to 96 percent of a 4,096-bit RSA key, and it only took eleven traces for the complete key to be assembled. The process took less than five minutes.

The authors of the paper said it’s possible to block the type of attack that they’ve demonstrated. However, the responsibility of addressing the vulnerability falls to Intel, as changes made to operating systems could end up causing further damage to the SGX model.

This isn’t the first time that Weiser has gone public with evidence that SGX is vulnerable. In January 2017, he was part of a group of researchers that published a paper that demonstrated how its input-output protections could be abused to gain access to private user data.

Digital Trends was given the following statement by Intel:

There have been many academic articles looking at the security of SGX, including side-channel attacks. In general these papers do not demonstrate anything new or unexpected about the Intel SGX architecture.

Preventing side channel attacks is a matter for the enclave developer. Intel makes this clear In the security objectives for SGX, which are well documented. The types of side-channel attacks identified on the RSA implementation used in the Graz paper were well-known for some time and are addressed by other crypto libraries available to developers (e.g. OpenSSL).

Updated on 03-17-2017 by Brad Jones: Added statement from Intel.

Editors' Recommendations

Why it’s hard recommending AMD Ryzen 7000 after Intel’s Raptor Lake launch
The Ryzen 9 7950X socketed into a motherboard.
Intel Innovation 2022: 13th-gen chips, slidable displays, and everything else
The stage at Intel Innovation keynote.
Intel CEO on high GPU prices: ‘You should be frustrated’
Intel CEO Pat Gelsinger presenting Arc Alchemist GPUs.
Intel Core i9-13900K vs. Core i9-12900K: Will it be worth the upgrade?
Intel Core i9-12900K in a motherboard.
Google’s new privacy tool lets you know if your personal info was leaked
A Google presenter announcing alerts for personal info.
Nullmixer is a nasty, new Windows malware dropper
Windows shows a malware warning on a Dell laptop.
How to leave a team on Microsoft Teams
Microsoft Teams in Together mode on a laptop.
Nvidia addresses the rumors about the RTX 40 GPUs’ power consumption
The RTX 4090 among green stripes.
Intel says Moore’s Law is alive and well. Nvidia says it’s dead. Which is right?
Intel CEO and Nvidia CEO, side by side.
Best Microsoft Surface Pro deals for October 2022
Logitech’s new Mac accessories are customizable, functional, and undeniably pretty
Logitech MX Mechanical Mini Keyboard for Mac.
Adobe adds AI magic to Photoshop and Premiere Elements
Adobe Photoshop Elements can add animation to pictures.
DLSS 3 could boost your gaming performance by up to 5x
The RTX 4090 among green stripes.