Foreshadow: Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution

Lecture | October 10 | 5:30-6:30 p.m. | 202 South Hall

 Ofir Weisse

 Information, School of

Ofir Weisse explains how the Foreshadow attack dismantles Intel's SGX security â previously considered the most secure feature of Intel chips â and also bypasses virtual machine isolation between users in the cloud.

Foreshadow is a speculative execution attack on Intel processors which allows an attacker to steal sensitive information stored inside personal computers or third party clouds. Foreshadow has two versions, the original attack designed to extract data from SGX enclaves and a Next-Generation version which affects Virtual Machines (VMs), hypervisors (VMM), operating system (OS) kernel memory, and System Management Mode (SMM) memory.

Foreshadow-SGX: At a high level, SGX is a new feature in modern Intel CPUs which allows computers to protect usersâ data even if the entire system falls under the attackerâs control. While it was previously believed that SGX is resilient to speculative execution attacks (such as Meltdown and Spectre), Foreshadow demonstrates how speculative execution can be exploited for reading the contents of SGX-protected memory as well as extracting the machineâs private attestation key. Making things worse, due to SGXâs privacy features, an attestation report cannot be linked to the identity of its signer. Thus, it only takes a single compromised SGX machine to erode trust in the entire SGX ecosystem.

Foreshadow Next Generation: While investigating the vulnerability that causes Foreshadow, which Intel refers to as "L1 Terminal Fault", Intel identified two related attacks, which we call Foreshadow-NG. These attacks can potentially be used to read any information residing in the L1 cache, including information belonging to the System Management Mode (SMM), the Operating System's Kernel, or Hypervisor. Perhaps most devastating, Foreshadow-NG might also be used to read information stored in other virtual machines running on the same third-party cloud, presenting a risk to cloud infrastructure. Finally, in some cases, Foreshadow-NG might bypass previous mitigations against speculative execution attacks, including countermeasures to Meltdown and Spectre.