Modern security technology in Intel
processors not watertight
August 15, 2018
Technology giant Intel has been including an innovative security method
in its processors for a number of years. This method works as a vault
for your personal data. However, KU Leuven researchers (Belgium) have
shown that the system can, in fact, be hacked using the Foreshadow
attack. What's more, information processed in cloud systems also seems
to be vulnerable to this kind of attack. Intel will be releasing patches
and updates to resolve the flaw in millions of processors.
Computer systems are made up of different layers, making them very
complex. Every layer also contains millions of lines of computer code.
As this code is still written manually, the risk for errors is
significant. If such an error occurs, the entire computer system is left
vulnerable to attacks. You can compare it to a skyscraper: if one of the
floors becomes damaged the entire building might collapse.
Viruses exploit such errors to gain access to sensitive or personal
information on the computer, from holiday pictures and passwords to
business secrets. In order to protect their processors against these
kind of intrusions, IT company Intel introduced an innovative technology
in 2015: Intel Software Guard eXtensions (Intel SGX). This technology
creates isolated environments in the computer's memory, so-called
enclaves, where data and programmes can be used securely.
"If you look at a computer system as a skyscraper, the enclaves form a
vault", explains researcher Jo Van Bulck of the Informatics Section (KU
Leuven). "Even when the building collapses the vault should still guard
"You can put personal information, such as passwords or medical data, in
this vault, but there are other possibilities as well. Streaming
services such as Netflix, for example, can use enclaves for copyright
protection: customers may look at films, but they cannot extract the
data that would enable them to make an illegal copy of these films."
Until now, this technology seemed watertight, but KU Leuven researchers
have discovered a breach. The attack they launched together with
Technion - Israel Institute of Technology, University of Michigan and
The University of Adelaide, called Foreshadow, shows that the content of
the enclaves can be uncovered anyway.
attack uses speculative execution", says researcher Raoul Strackx. "To
be able to work quickly, a processor will make certain calculations in
advance. If it becomes clear that the calculations retrieve information
from an enclave in an unauthorised way, they are discarded. But this is
where Intel SGX makes a mistake. Not all traces of the calculations are
discarded, which allowed us to enter the enclave."
The computer scientists already notified Intel of this security risk in
January, ensuring the technology company had enough time to resolve the
breach. An analysis performed by Intel itself also revealed that the
impact of Foreshadow is even greater than expected. Not only can this
kind of attack enter the enclaves, it also compromises the security of
cloud platforms, which play a crucial role in our IT infrastructure. On
14 August, Intel will release an update to repair the flaw in millions
"Over the past years, researchers of KU Leuven have uncovered several
important issues in our IT infrastructure", says Professor Frank
Piessens of the Department of Computer Science. "Our scientists
discovered a major breach in the WIFI security in October last year, for
instance. In other words, this new successful attack is more than just a
stroke of luck. That is why Intel Corporation has decided to support us
in the coming years to help them in their search for solutions for