Attacks
- A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP
- Controlled-Channel Attacks: Deterministic SideChannels for Untrusted Operating Systems
- Exploiting Unprotected I/O Operations in AMD’s Secure Encrypted Virtualization
- Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing
- Leaky DNN: Stealing Deep-learning Model Secret with GPU Context-switching Side-channel
- LM Side-channel
- Privado: Practical and Secure DNN Inference with Enclaves
- Software Grand Exposure: SGX Cache Attacks Are Practical
Defenses
- A Survey on Mix Networks and Their Secure Applications
- Constant-Time Foundations for the New Spectre Era
- PRIDWEN: Universally Hardening SGX Programs via Load-Time Synthesis
- Privado: Practical and Secure DNN Inference with Enclaves
- Varys: Protecting SGX Enclaves from Practical Side-Channel Attacks
SGX-related
- Controlled-Channel Attacks: Deterministic SideChannels for Untrusted Operating Systems
- Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing
- PRIDWEN: Universally Hardening SGX Programs via Load-Time Synthesis
- Privado: Practical and Secure DNN Inference with Enclaves
- Sealed-Glass Proofs: Using Transparent Enclaves to Prove and Sell Knowledge
- SGX Posts
- Software Grand Exposure: SGX Cache Attacks Are Practical
- Varys: Protecting SGX Enclaves from Practical Side-Channel Attacks