Intel SGX Explained [article]

Victor Costan, Srinivas Devadas
2016 IACR Cryptology ePrint Archive  
Intel's Software Guard Extensions (SGX) is a set of extensions to the Intel architecture that aims to provide integrity and confidentiality guarantees to securitysensitive computation performed on a computer where all the privileged software (kernel, hypervisor, etc) is potentially malicious. This paper analyzes Intel SGX, based on the 3 papers [14, 79, 139 ] that introduced it, on the Intel Software Developer's Manual [101] (which supersedes the SGX manuals [95, 99] ), on an ISCA 2015 tutorial
more » ... [103], and on two patents [110, 138] . We use the papers, reference manuals, and tutorial as primary data sources, and only draw on the patents to fill in missing information. This paper does not reflect the information available in two papers [74, 109] that were published after the first version of this paper. This paper's contributions are a summary of the Intel-specific architectural and micro-architectural details needed to understand SGX, a detailed and structured presentation of the publicly available information on SGX, a series of intelligent guesses about some important but undocumented aspects of SGX, and an analysis of SGX's security properties. Receive Encrypted Results
dblp:journals/iacr/CostanD16 fatcat:vzg7uthif5fqfbx5pdz3ocs7va