Secure enclaves are supposed to be just what the name implies, the most secure parts of a chip — the region that a computer’s operating system isn’t supposed to be able to interact with. You’d think sensitive data would be extra safe there, and yet here we go again: Researchers from five different academic institutions have uncovered a vulnerability that gets around the defenses of Intel’s Software Guard Extensions (also known as SGX), which allows programs to set up secure enclaves on Intel processors.
The vulnerability they found sounds really bad, and they also found more than one version of it that they’ve taken to calling “Foreshadow.”
“Foreshadow,” according to the researchers as recounted in a website they set up here, “is a speculative execution attack on Intel processors which allows an attacker to steal sensitive information stored inside personal computers or third party clouds. Foreshadow has two versions, the original attack designed to extract data from Software Guard Extensions (SGX) enclaves and a Next-Generation version which affects Virtual Machines (VMs), hypervisors (VMM), operating system (OS) kernel memory, and System Management Mode (SMM) memory.”
Intel says it’s in the process of releasing a fix for the vulnerability via updates starting today. In a company blog post, Intel executive vice president of product assurance and security Leslie Culbertson wrote that the company is not aware that any of the methods have been used in real-world exploits yet but encourages users to keep their systems up-to-date and take steps to prevent malware.
The researchers’ findings, according to a report from Wired, “speak to longstanding questions and concerns about reliance on SGX — and whether for all its benefits it also has the downside of becoming a single point of failure for everyone’s most sensitive software and data.”
What’s more, “though not every user relies on SGX, more and more secure services are exploring the possibility of using it in their consumer products — like the password manager 1Password and the end-to-end encrypted messaging app Signal.”
Yuval Yarom is a microarchitecture security researcher and a member of the team of researchers that will present its findings about Foreshadow at a conference in Baltimore on Wednesday. Underscoring the seriousness of Foreshadow, Yuval told Wired that what it represents “it not an attack on a particular user, it’s an attack on infrastructure.”
The website the researchers set up, at https://foreshadowattack.eu, explains why they’ve called the vulnerability Foreshadow: “In literature, ‘foreshadowing’ is used to indicate a trick where a writer provides a subtle hint of what is to come later in the story. Analogous to how a good story teller tries to keep the outcome of the story (mostly) secret, the speculative execution mechanisms found in modern processors, do not directly leak secrets. In the storytelling analogy, the Foreshadow attack shows, however, that clever adversaries can abuse subtle hints in the present to reconstruct secrets from future instructions.”