Branch Shadowing
Last updated
Last updated
Another unique class of side-channel attacks in the SGX settings is branch-prediction-based attacks. By exploiting the branch predictor, the attacks infer the states (taken or non-taken) of branches executed by an enclave. This section demonstrates the attack.
This video shows how the branch shadowing attack can extract RSA private key bits
Target code: Sliding window exponentiation of mbedTLS
Attack code: We modified Linux SGX SDK to run our shadow code
Kernel log: Our attack code prints the output of LBR via dmesg