Branch Shadowing


Another unique class of side-channel attacks in the SGX settings is branch-prediction-based attacks. By exploiting the branch predictor, the attacks infer the states (taken or non-taken) of branches executed by an enclave. This section demonstrates the attack.

Branch Shadowing

This video shows how the branch shadowing attack can extract RSA private key bits

  • Target code: Sliding window exponentiation of mbedTLS

  • Attack code: We modified Linux SGX SDK to run our shadow code

  • Kernel log: Our attack code prints the output of LBR via dmesg

Last updated