Mettez-vous hors ligne avec l'application Player FM !
Intel SGX - with Jo Van Bulck
Manage episode 374024855 series 3501962
Show Notes and Links
Flo and Julian invited Jo Van Bulck to the Syslog Podcast. Jo is probably best known for discovering the Foreshadow vulnerability in Intel CPUs, but his research is into the broader security of Trusted Execution Environments (TEEs). In this episode, we’ve picked the most high-profile TEE technology: Jo guides us through the confusing and impressive thing that is the Intel Software Guard Extensions.
- Discuss the episode in Matrix room #ukvly:matrix.org or on Freenode IRC #ukvly.
- Send feedback to podcast@ukvly.org or via Twitter.
Resources
- Intel SGX Whitepaper
- SGX 101
- Foreshadow
- Foreshadow Scientific Paper
- Plundervolt
- Load Value Injection
- Zombieload
- Overview of Transient Execution Attacks
- SGX-Step
- SGX-Step Tutorial
- Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary CPU Interrupt Logic
- A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding Runtimes
- Sancus
Chapitres
1. What is SGX? (00:04:39)
2. How does SGX work? (00:08:44)
3. Use Cases for SGX (00:15:57)
4. How does the OS bootstrap SGX? (00:23:10)
5. Entry Points (00:26:47)
6. Remote Attestation (00:29:23)
7. Is it Secure? (00:34:30)
8. Concrete Problems with SGX (00:42:37)
9. SGX and Side-Channels (00:50:53)
10. Security Research enabled by SGX (00:58:07)
11. The Future of SGX (01:00:58)
12. The Sancus Project (01:12:09)
13. Outro (01:13:07)
11 episodes
Manage episode 374024855 series 3501962
Show Notes and Links
Flo and Julian invited Jo Van Bulck to the Syslog Podcast. Jo is probably best known for discovering the Foreshadow vulnerability in Intel CPUs, but his research is into the broader security of Trusted Execution Environments (TEEs). In this episode, we’ve picked the most high-profile TEE technology: Jo guides us through the confusing and impressive thing that is the Intel Software Guard Extensions.
- Discuss the episode in Matrix room #ukvly:matrix.org or on Freenode IRC #ukvly.
- Send feedback to podcast@ukvly.org or via Twitter.
Resources
- Intel SGX Whitepaper
- SGX 101
- Foreshadow
- Foreshadow Scientific Paper
- Plundervolt
- Load Value Injection
- Zombieload
- Overview of Transient Execution Attacks
- SGX-Step
- SGX-Step Tutorial
- Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary CPU Interrupt Logic
- A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding Runtimes
- Sancus
Chapitres
1. What is SGX? (00:04:39)
2. How does SGX work? (00:08:44)
3. Use Cases for SGX (00:15:57)
4. How does the OS bootstrap SGX? (00:23:10)
5. Entry Points (00:26:47)
6. Remote Attestation (00:29:23)
7. Is it Secure? (00:34:30)
8. Concrete Problems with SGX (00:42:37)
9. SGX and Side-Channels (00:50:53)
10. Security Research enabled by SGX (00:58:07)
11. The Future of SGX (01:00:58)
12. The Sancus Project (01:12:09)
13. Outro (01:13:07)
11 episodes
Tous les épisodes
×Bienvenue sur Lecteur FM!
Lecteur FM recherche sur Internet des podcasts de haute qualité que vous pourrez apprécier dès maintenant. C'est la meilleure application de podcast et fonctionne sur Android, iPhone et le Web. Inscrivez-vous pour synchroniser les abonnements sur tous les appareils.