Close

Presentation

HoBBy: Hardening Unbalanced Branches against Control Flow Attacks on Intel SGX and AMD SEV
SessionBreaking & Securing the Future: Advances in System & Hardware Security
DescriptionThis paper introduces HoBBy, a compiler-based tool that hardens unbalanced branches at the instruction level, making parallel control flows indistinguishable to state-of-the-art attacks that bypass the source-code level balancing. To achieve this, we propose a single-step analysis method to identify unbalanced instructions in secret-dependent branches, and implement instruction shadowing, cogging, and spiraling techniques to protect them. We evaluate HoBBy by hardening secret-dependent branches in four real-world applications and validating its resilience against three state-of-the-art attacks targeting Intel SGX and AMD SEV. HoBBy achieves a runtime overhead of 2.8% for cryptographic libraries and a binary size overhead of 0.6%.
Authors
Chang Liu
Tsinghua University
Shuaihu Feng
Zhongguancun Laboratory
Yuan Li
Zhongguancun Laboratory
Dongsheng Wang
Tsinghua University
Trevor Carlson
National University of Singapore
Event Type
Research Manuscript
TimeTuesday, June 2410:45am - 11:00am PDT
Location3008, Level 3
Topics
Security
Tracks
SEC4: Embedded and Cross-Layer Security
Next PresentationNext Presentation
CMFuzz: Parallel Fuzzing of IoT Protocols by Configuration Model Identification and Scheduling
Similar Presentations
IntraFuzz: Coverage-Guided Intra-Enclave Fuzzing for Intel SGX Applications
ZenLeak: Practical Last-Level Cache Side-Channel Attacks on AMD Zen Processors*
"OOPS!": Out-Of-Band Remote Power Side-Channel Attacks on Intel SGX and TDX