SGX is a security technology, which is designed to hide secrets from the very platform they are stored on. While this sounds sweet in case one is worried about leaving secrets lying around unguarded in memory, it is a terrifying proposal for someone who hunts threats. As a blind spot by definition, SGX provides worrisome capabilities to potential intruders. But just how much of a blind spot is an SGX enclave, what can it hide and what not, what can an attacker actually achieve leveraging this technology? Malware hidden within secure enclaves has been a topic of security research quicker than legitimate customers could implement their crypto containers, but what we are still missing today is a holistic, no wait, realistic threat model. The extent of malicious activities attackers can hide within home-grown enclaves, the risk posed by benign but vulnerable enclaves, and the horrifying outlook for DFIR specialists facing SGX protected threats are the major focus of this presentation. The presented research sheds light on capabilities and limitations of malicious enclaves, and shows what attackers can gain from compromising benign enclaves. A legitimate but vulnerable Linux pet enclave gone rogue will serve as demonstration, and also be a base for discussion of SGX monitoring approaches.
This is ongoing research to help the community and also Intel engineers understand real and imaginative risks around the SGX technology.