Why Should Crypto Care about Foreshadow?
A group of researchers has unveiled their discovery of an attack vector that poses serious threats to the integrity of data stored within machines that use Intel’s SGX. The attack vector is called Foreshadow.
What Is SGX?
SGX is an acronym for Software Guard eXtensions and is a Trusted Execution Environment (TEE). A TEE is also one of the most important and widely celebrated features included in recent Intel x86 processors.
Intel’s SGX allows developers to execute programs in untrusted environments albeit in a manner that they can trust is secure. SGX does this by creating a secure enclave. These are areas of memory that are protected from any type of modification. Additionally, the secure enclave protects the data contained therein from inspection, meaning it is inaccessible to view.
SGX is essential for many developers as it allows them to test new code with the surety that their programs will remain safe and secure. Moreover, SGX also includes a tool called the Remote Attestation Protocol, which allows other parties to verify the safety of the environment with which they are interacting:
“SGX also provides a remote attestation protocol that allows software to prove to a remote party that it is running on a genuine SGX-enabled Intel processor, as opposed to a (potentially malicious) simulator.”
This is an essential feature especially for those running virtual machines. SGX can be applied to create secure remote computer networks as well as virtual machines. It is also used to enable secure web browsing. Lastly, it is used to support digital rights management infrastructure due to its disclosure features. Users of the SGX software include:
“Open Whisper Systems relies on SGX for privacy-friendly contact discovery in its Signal network. Both Microsoft and IBM recently announced support for SGX in their cloud infrastructure. Various off-the-shelf Blu-ray players and initially also the 4K Netflix client furthermore use SGX to enforce Digital Rights Management (DRM) for high-resolution video streams.”
While Intel’s SGX is a widely-used tool, it has been proven to have many vulnerabilities. In 2017, researchers from Graz University in Austria discovered an exploit that allowed malicious actors to extract the information held in the enclaves.
Additionally, the malware manipulated the design of the enclave to provide further protection for its malicious activities. SGX was also proven to be vulnerable to two significant exploits namely, Spectre and Meltdown. Fortunately, Intel was able to provide updates that included patches to neutralize these exploits.
How Does Foreshadow Work?
Using the same processor vulnerability that was exploited in the Meltdown vector, Foreshadow allows malicious actors to access all the data held in the secure enclave. The processor vulnerability is a “delicate race condition in the CPU’s access control logic that allows an attacker to use the results of unauthorized memory accesses in transient out-of-order instructions before they are rolled back.”
Leveraging this speculative execution bug, Foreshadow allows the contexts of the secure enclave to be leaked in plaintext. Additionally, Foreshadow also allows the attacker to access the private key that is used to ascertain the security status of an enclave.
“Speculative execution can be exploited for reading the contents of SGX-protected memory as well as extracting the machine’s private attestation key. Making things worse, due to SGX’s privacy features, an attestation report cannot be linked to the identity of its signer. Thus, it only takes a single compromised SGX machine to erode trust in the entire SGX ecosystem,” the researchers state.
Moreover, because Foreshadow provides the attackers with access to a number of keys in the SGX architecture, long-term storage is also affected. Using the compromised sealing keys, malicious actors can access, then change and re-seal previously closed off data. Thus, once the system is compromised, it is impossible to verify the integrity of any of the information contained therein. Moreover, the attacker will be able to access the log files and delete all traces of this activity leaving SGX users none the wiser.
Foreshadow was discovered by two independent teams of researchers. The two groups, KU Leuven authors and those from Technion, University of Michigan, and the University of Adelaide followed proper procedure upon their discovery. They notified Intel in January, and the software giant proceeded to release patches for the vulnerability.
Why Should the Cryptocurrency Community Care?
Due to its security-preserving features, SGX is in use in many crypto-related projects.
For instance, in 2017, Paris-based wallet producer Ledger announced its partnership with Intel. Ledger planned to include SGX in its own proprietary BOLOS operating system to further enhance security to its customers. The discovery of the Foreshadow exploit is yet another security worry with which Ledger users will have to contend.
Additionally, privacy-centric crypto project MobileCoin also utilizes SGX within its infrastructure. The project, which raised $30 million in a funding round from Binance, is developing a secure wallet that is designed to be attached to instant messengers. MobileCoin aims to provide a level of ease to crypto users by developing infrastructure that supports privacy and security without the hassle of continually providing private keys. The project has major names attached to it such as Moxie Marlinspike, the founder of the encrypted messaging application Signal.
Enigma, the privacy-preserving smart contract and decentralized application platform, announced earlier this year that it would be partnering with Intel to utilize SGX in its quest to create the foundation of its “secret contracts.” The highly-anticipated project, which was originally conceived at MIT, aims to develop end-to-end private, scalable, decentralized applications. Speaking of the collaboration Guy Zyskind, CEO and co-founder of Enigma, said:
“We are excited to collaborate with Intel to advance privacy technology and protocols on public blockchains.”
SGX provides support to a vast array of crypto projects. As a result, Foreshadow poses a major threat for the theft of crypto private keys, as well as undermines the security of the projects using it. Both individuals and project developers need to stay vigilant and update their systems often to include patches.