CCS'17 Tutorial

During CCS 2017, Taesoo Kim (Georgia Tech), Zhiqiang Lin (UT Dallas) and Chia-Che Tsai (Stony Brook University / UC Berkeley) together gave an overall tutorial on Intel SGX technology. The tutorial's contents are well organized and presented by SGX experts in the academia. We believe that this tutorial serves as a perfect entry point to understand the background of SGX technology.

This tutorial consists of three parts, including:

1. SGX 101: introduction, performance, and applications

2. SGX shielding framework and development tools

3. SGX Security Issues

Presentation slides and demo videos are available here.

In this tutorial, Zhiqiang Lin first introduced the basic concepts of Intel SGX, its development workflows, potential applications and performance characteristics. Then, Chia-Che Tsai introduced various ways to quickly start writing SGX applications, specifically by utilizing library OSes or thin shielding layers; he explained the pros and cons of each approach in terms of security and usability. Last but not least, Taesoo Kim explained known security concerns, including cache/branch side-channel attacks and memory safety issues, and corresponding defenses with various working demos.

SGX 101: introduction, performance, and applications (Zhiqiang Lin)

SGX shielding framework and development tools (Chia-Che Tsai)

SGX Security Issues (Taesoo Kim)

Demo Videos

02-demo-libos:

ELEOS_memcached_native_sgx

ELEOS_memcached_rpc

ELEOS_memcached_suvm

Graphene_Container_DEMO

Graphene_EDMM_DEMO

Graphene_GCC_DEMO

SCONE_DEMO_helloworld

03-demo-security:

branch-shadowing

darkrop

sgx-pagetable-attack

sgx-shield

sgxbleed

sgxbomb

tsgx