COMP5900 COMP4900 2024F: Reading list: Difference between revisions

← Older edit

Latest revision as of 00:40, 8 October 2024

You can only sign up for papers with an asterisk (*) at the end of their title.

If you are looking for more papers (from which you consider choosing to present):

Papers about/using Intel SGX

You can also check out these SGX Open Source Projects (with or without papers).

Introduction to the course and trusted computing
Trust
- Bootstrapping Trust in Commodity Computers
- Reflections on Trusting Trust (Turing Award lecture, 1984)
- SafeKeeper: Protecting Web Passwords using Trusted Execution Environments
Application of TC technologies
- SCONE: Secure Linux Containers with Intel SGX (*) Recommended
- SGX-Tor: A Secure and Practical Tor Anonymity Network with SGX Enclaves (*)
- EnclaveDB: A Secure Database using SGX (*)
- SGX-Log: Securing System Logs with SGX (*)
- OS integrity: Nighthawk: Transparent System Introspection from Ring -3 (*)
- Hypervisor integrity: HyperCheck: A Hardware-Assisted Integrity Monitor (*)
- Data protection: Pesos: Policy Enhanced Secure Object Store (*)
Making TC technologies more adoptable/usable
- Flicker: An Execution Infrastructure for TCB Minimization (*)
- Glamdring: Automatic Application Partitioning for Intel SGX (*)
- Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX (*) Recommended
- Occlum: Secure and Efficient Multitasking Inside a Single Enclave of Intel SGX (*)
- Civet: An Efficient Java Partitioning Framework for Hardware Enclaves (*)
- vTZ: Virtualizing ARM TrustZone (*)
- Towards Memory Safe Enclave Programming with Rust-SGX [Rust + SGX] (*)
- RusTEE: Developing Memory-Safe ARM TrustZone Applications [Rust + ARM] (*)
- SGXPy: Protecting integrity of Python applications with Intel SGX [Python + SGX] (*)
- Using ARM TrustZone to Build a Trusted Language Runtime for Mobile Applications [.NET + SGX] (*)
Side-channel attacks
Internal misbehavior: memory attacks
- SoK: Eternal War in Memory (*)
- Memory Errors: The Past, the Present, and the Future
- Defense: C-FLAT: Control-Flow Attestation for Embedded Systems Software (*)
- Defense: PTAuth: Temporal Memory Safety via Robust Points-to Authentication (*)
- Attacking the defense: PACMAN: Attacking ARM Pointer Authentication with Speculative Execution (*)
- Attacking the defense: TIKTAG: Breaking ARM’s Memory Tagging Extension with Speculative Execution (*)
Human authenticating machine
State continuity
Secure input/output
Proposed hardware improvements
- Fine-grained isolation: IMIX: In-Process Memory Isolation EXtension (*)
- Memory safety: HAFIX: Hardware-Assisted Flow Integrity Extension (*)
- Integrity monitoring: Co-processor-based Behavior Monitoring: Application to the Detection of Attacks Against the System Management Mode (*)
- Integrity monitoring: CPU Transparent Protection of OS Kernel and Hypervisor Integrity with Programmable DRAM (*)
Proposals based on existing (non-security) hardware support

@@ Line 47: / Line 47: @@
 **	Defense: [https://www.usenix.org/system/files/sec21summer_mirzazade.pdf PTAuth: Temporal Memory Safety via Robust Points-to Authentication] (*)
 **	Attacking the defense: [https://dl.acm.org/doi/abs/10.1145/3470496.3527429 PACMAN: Attacking ARM Pointer Authentication with Speculative Execution] (*)
+**	Attacking the defense: [https://arxiv.org/pdf/2406.08719 TIKTAG: Breaking ARM’s Memory Tagging Extension with Speculative Execution] (*)
 * Human authenticating machine
 **	[https://www.usenix.org/legacy/event/hotsec07/tech/full_papers/mccune/mccune.pdf Turtles All The Way Down: Research Challenges in User-Based Attestation]