Foreshadow - Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution

Explore a groundbreaking 25-minute conference talk from USENIX Security '18 that unveils Foreshadow, a software-only microarchitectural attack dismantling the security of Intel SGX. Discover how this novel exploitation methodology leverages speculative execution bugs in modern Intel processors to reliably leak plaintext enclave secrets from the CPU cache. Learn about the attack's ability to extract full cryptographic keys from vetted architectural enclaves, launch rogue production enclaves, and forge local and remote attestation responses. Understand the far-reaching implications of this vulnerability, affecting millions of devices, and its potential impact on trusted execution environments and secure offloading of sensitive computations to untrusted remote platforms.