Key Generator Application Memory Attack¶
Introduction¶
This application is generating keys in memory and implemented based on the Intel SGX SDK.
It will use the same source code to compile SGX applications and non-SGX applications, and perform memory attacks on them to verify the confidentiality of SGX runtime memory.
Application Deployment¶
Install Intel(R) Software Guard Extensions (Intel(R) SGX) SDK for Linux* OS.
Make sure your environment is set:
source ${sgx-sdk-install-path}/environment
Build application:
Without Intel SGX Memory Protection
make clean make SGX_MODE=SIM SGX_DEBUG=0
With Intel SGX Memory Protection
make clean make SGX_DEBUG=0
Execute the binary directly:
./app
Hacker Memory Attack¶
Dump app’s memory via gdb:
rm -rf core.* gdb -ex "generate-core-file" -ex "quit" -p `pgrep -f app`
Parse and find key in dumped file:
strings ./core.* | grep -n Secret_Key
Corresponding output:
Without Intel SGX Memory Protection
1233:Secret_Key:uLhtfhrxoxTPwQdquZTtKhJcigdJTrHzJTaKBewwwiGhGuEXqNnjuRTfnapTMTAwWJsKMIveISmIVmllxCxHsjPHldjadgqIrreXAwkxMHRCwcOLchYpjKrRlyZIVDAp
Intel SGX Memory Protection
None output.