{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,8]],"date-time":"2026-04-08T08:54:02Z","timestamp":1775638442438,"version":"3.50.1"},"publisher-location":"Cham","reference-count":51,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319608754","type":"print"},{"value":"9783319608761","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-60876-1_1","type":"book-chapter","created":{"date-parts":[[2017,6,3]],"date-time":"2017-06-03T12:00:34Z","timestamp":1496491234000},"page":"3-24","source":"Crossref","is-referenced-by-count":211,"title":["Malware Guard Extension: Using SGX to Conceal Cache Attacks"],"prefix":"10.1007","author":[{"given":"Michael","family":"Schwarz","sequence":"first","affiliation":[]},{"given":"Samuel","family":"Weiser","sequence":"additional","affiliation":[]},{"given":"Daniel","family":"Gruss","sequence":"additional","affiliation":[]},{"given":"Cl\u00e9mentine","family":"Maurice","sequence":"additional","affiliation":[]},{"given":"Stefan","family":"Mangard","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,6,4]]},"reference":[{"key":"1_CR1","unstructured":"Anati, I., McKeen, F., Gueron, S., Huang, H., Johnson, S., Leslie-Hurd, R., Patil, H., Rozas, C.V., Shafi, H.: Intel Software Guard Extensions (Intel SGX) (2015). Tutorial Slides presented at ICSA 2015"},{"key":"1_CR2","unstructured":"ARMmbed: Reduce mbed TLS memory and storage footprint, February 2016. https:\/\/tls.mbed.org\/kb\/how-to\/reduce-mbedtls-memory-and-storage-footprint . Accessed 24 Oct 2016"},{"key":"1_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1007\/978-3-642-36095-4_2","volume-title":"Topics in Cryptology \u2013 CT-RSA 2013","author":"C Arnaud","year":"2013","unstructured":"Arnaud, C., Fouque, P.-A.: Timing attack against protected RSA-CRT implementation used in PolarSSL. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 18\u201333. Springer, Heidelberg (2013). doi: 10.1007\/978-3-642-36095-4_2"},{"key":"1_CR4","unstructured":"Arnautov, S., Trach, B., Gregor, F., Knauth, T., Martin, A., Priebe, C., Lind, J., Muthukumaran, D., O\u2019Keeffe, D., Stillwell, M.L., et al.: SCONE: secure Linux containers with Intel SGX. In: 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2016) (2016)"},{"key":"1_CR5","doi-asserted-by":"crossref","unstructured":"Biham, E.: A fast new DES implementation in software. In: International Workshop on Fast Software Encryption, pp. 260\u2013272 (1997)","DOI":"10.1007\/BFb0052352"},{"key":"1_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1007\/978-3-540-45146-4_2","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"J Bl\u00f6mer","year":"2003","unstructured":"Bl\u00f6mer, J., May, A.: New partial key exposure attacks on RSA. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 27\u201343. Springer, Heidelberg (2003). doi: 10.1007\/978-3-540-45146-4_2"},{"key":"1_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1007\/3-540-49649-1_3","volume-title":"Advances in Cryptology \u2014 ASIACRYPT 1998","author":"D Boneh","year":"1998","unstructured":"Boneh, D., Durfee, G., Frankel, Y.: An attack on RSA given a small fraction of the private key bits. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 25\u201334. Springer, Heidelberg (1998). doi: 10.1007\/3-540-49649-1_3"},{"key":"1_CR8","unstructured":"Brasser, F., M\u00fcller, U., Dmitrienko, A., Kostiainen, K., Capkun, S., Sadeghi, A.: Software grand exposure: SGX cache attacks are practical (2017). http:\/\/arxiv.org\/abs\/1702.07521"},{"key":"1_CR9","doi-asserted-by":"crossref","unstructured":"Chiappetta, M., Savas, E., Yilmaz, C.: Real time detection of cache-based side-channel attacks using hardware performance counters. Cryptology ePrint Archive, Report 2015\/1034 (2015)","DOI":"10.1016\/j.asoc.2016.09.014"},{"key":"1_CR10","unstructured":"Costan, V., Devadas, S.: Intel SGX explained. Technical report, Cryptology ePrint Archive, Report 2016\/086 (2016)"},{"key":"1_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"337","DOI":"10.1007\/978-3-540-78800-3_24","volume-title":"Tools and Algorithms for the Construction and Analysis of Systems","author":"L Moura","year":"2008","unstructured":"Moura, L., Bj\u00f8rner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337\u2013340. Springer, Heidelberg (2008). doi: 10.1007\/978-3-540-78800-3_24"},{"issue":"3","key":"1_CR12","doi-asserted-by":"crossref","first-page":"559","DOI":"10.1145\/2508148.2485970","volume":"41","author":"J Demme","year":"2013","unstructured":"Demme, J., Maycock, M., Schmitz, J., Tang, A., Waksman, A., Sethumadhavan, S., Stolfo, S.: On the feasibility of online malware detection with performance counters. ACM SIGARCH Comput. Archit. News 41(3), 559\u2013570 (2013)","journal-title":"ACM SIGARCH Comput. Archit. News"},{"key":"1_CR13","unstructured":"Docker: Amazon web services - docker (2016). https:\/\/docs.docker.com\/machine\/drivers\/aws\/"},{"key":"1_CR14","doi-asserted-by":"crossref","unstructured":"Felter, W., Ferreira, A., Rajamony, R., Rubio, J.: An updated performance comparison of virtual machines and linux containers. In: 2015 IEEE International Symposium On Performance Analysis of Systems and Software (ISPASS) (2015)","DOI":"10.1109\/ISPASS.2015.7095802"},{"key":"1_CR15","doi-asserted-by":"crossref","unstructured":"Ge, Q., Yarom, Y., Cock, D., Heiser, G.: A survey of microarchitectural timing attacks and countermeasures on contemporary hardware. Technical report, Cryptology ePrint Archive, Report 2016\/613 (2016)","DOI":"10.1007\/s13389-016-0141-6"},{"issue":"4","key":"1_CR16","doi-asserted-by":"crossref","first-page":"395","DOI":"10.1109\/TCC.2014.2358236","volume":"2","author":"MM Godfrey","year":"2014","unstructured":"Godfrey, M.M., Zulkernine, M.: Preventing cache-based side-channel attacks in a cloud environment. IEEE Trans. Cloud Comput. 2(4), 395\u2013408 (2014)","journal-title":"IEEE Trans. Cloud Comput."},{"key":"1_CR17","doi-asserted-by":"crossref","unstructured":"G\u00f6tzfried, J., Eckert, M., Schinzel, S., M\u00fcller, T.: Cache attacks on Intel SGX. In: Proceedings of the 10th European Workshop on Systems Security (EuroSec 2017) (2017)","DOI":"10.1145\/3065913.3065915"},{"key":"1_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"300","DOI":"10.1007\/978-3-319-40667-1_15","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"D Gruss","year":"2016","unstructured":"Gruss, D., Maurice, C., Mangard, S.: Rowhammer.js: a remote software-induced fault attack in JavaScript. In: Caballero, J., Zurutuza, U., Rodr\u00edguez, R.J. (eds.) DIMVA 2016. LNCS, vol. 9721, pp. 300\u2013321. Springer, Cham (2016). doi: 10.1007\/978-3-319-40667-1_15"},{"key":"1_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"279","DOI":"10.1007\/978-3-319-40667-1_14","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"D Gruss","year":"2016","unstructured":"Gruss, D., Maurice, C., Wagner, K., Mangard, S.: Flush+Flush: a fast and stealthy cache attack. In: Caballero, J., Zurutuza, U., Rodr\u00edguez, R.J. (eds.) DIMVA 2016. LNCS, vol. 9721, pp. 279\u2013299. Springer, Cham (2016). doi: 10.1007\/978-3-319-40667-1_14"},{"key":"1_CR20","unstructured":"Gruss, D., Spreitzer, R., Mangard, S.: Cache template attacks: automating attacks on inclusive last-level caches. In: USENIX Security Symposium (2015)"},{"key":"1_CR21","unstructured":"Herath, N., Fogh, A.: These are not your grand Daddys CPU performance counters - CPU hardware performance counters for security. In: Black Hat USA (2015)"},{"key":"1_CR22","doi-asserted-by":"crossref","unstructured":"Hund, R., Willems, C., Holz, T.: Practical timing side channel attacks against kernel space ASLR. In: S&P 2013 (2013)","DOI":"10.1109\/SP.2013.23"},{"key":"1_CR23","unstructured":"Intel: Intel $$\\textregistered $$ 64 and IA-32 Architectures Optimization Reference Manual (2014)"},{"key":"1_CR24","unstructured":"Intel: Intel $$\\textregistered $$ 64 and IA-32 Architectures Software Developer\u2019s Manual, Volume 3 (3A, 3B & 3C): System Programming Guide 253665 (2014)"},{"key":"1_CR25","unstructured":"Intel Corporation: Hardening Password Managers with Intel Software Guard Extensions: White Paper (2016)"},{"key":"1_CR26","unstructured":"Intel Corporation: Intel SGX: Debug, Production, Pre-release what\u2019s the difference? https:\/\/software.intel.com\/en-us\/blogs\/2016\/01\/07\/intel-sgx-debug-production-prelease-whats-the-difference . Accessed 24 Oct 2016"},{"key":"1_CR27","unstructured":"Intel Corporation: Intel Software Guard Extensions (Intel SGX) (2016). https:\/\/software.intel.com\/en-us\/sgx . Accessed 7 Nov 2016"},{"key":"1_CR28","unstructured":"Intel Corporation: Intel(R) Software Guard Extensions for Linux* OS (2016). https:\/\/github.com\/01org\/linux-sgx-driver . Accessed 11 Nov 2016"},{"key":"1_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"299","DOI":"10.1007\/978-3-319-11379-1_15","volume-title":"Research in Attacks, Intrusions and Defenses","author":"G Irazoqui","year":"2014","unstructured":"Irazoqui, G., Inci, M.S., Eisenbarth, T., Sunar, B.: Wait a minute! a fast, cross-VM attack on AES. In: Stavrou, A., Bos, H., Portokalidis, G. (eds.) RAID 2014. LNCS, vol. 8688, pp. 299\u2013319. Springer, Cham (2014). doi: 10.1007\/978-3-319-11379-1_15"},{"key":"1_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"104","DOI":"10.1007\/3-540-68697-5_9","volume-title":"Advances in Cryptology \u2014 CRYPTO 1996","author":"PC Kocher","year":"1996","unstructured":"Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104\u2013113. Springer, Heidelberg (1996). doi: 10.1007\/3-540-68697-5_9"},{"key":"1_CR31","unstructured":"Lipp, M., Gruss, D., Spreitzer, R., Maurice, C., Mangard, S.: ARMageddon: cache attacks on mobile devices. In: USENIX Security Symposium (2016)"},{"key":"1_CR32","doi-asserted-by":"crossref","unstructured":"Liu, F., Ge, Q., Yarom, Y., Mckeen, F., Rozas, C., Heiser, G., Lee, R.B.: Catalyst: defeating last-level cache side channel attacks in cloud computing. In: IEEE International Symposium on High Performance Computer Architecture (HPCA 2016) (2016)","DOI":"10.1109\/HPCA.2016.7446082"},{"key":"1_CR33","doi-asserted-by":"crossref","unstructured":"Liu, F., Yarom, Y., Ge, Q., Heiser, G., Lee, R.B.: Last-level cache side-channel attacks are practical. In: S&P 2015 (2015)","DOI":"10.1109\/SP.2015.43"},{"key":"1_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"48","DOI":"10.1007\/978-3-319-26362-5_3","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"C Maurice","year":"2015","unstructured":"Maurice, C., Scouarnec, N., Neumann, C., Heen, O., Francillon, A.: Reverse engineering intel last-level cache complex addressing using performance counters. In: Bos, H., Monrose, F., Blanc, G. (eds.) RAID 2015. LNCS, vol. 9404, pp. 48\u201365. Springer, Cham (2015). doi: 10.1007\/978-3-319-26362-5_3"},{"key":"1_CR35","doi-asserted-by":"crossref","unstructured":"Maurice, C., Weber, M., Schwarz, M., Giner, L., Gruss, D., Boano, C.A., Mangard, S., R\u00f6mer, K.: Hello from the other side: SSH over robust cache covert channels in the cloud. In: NDSS 2017 (2017)","DOI":"10.14722\/ndss.2017.23294"},{"key":"1_CR36","unstructured":"Microsoft: Create a Docker environment in azure using the docker VM extension, October 2016. https:\/\/azure.microsoft.com\/en-us\/documentation\/articles\/virtual-machines-linux-dockerextension\/"},{"key":"1_CR37","doi-asserted-by":"crossref","unstructured":"Moghimi, A., Irazoqui, G., Eisenbarth, T.: CacheZoom: how SGX amplifies the power of cache attacks. arXiv preprint arXiv:1703.06986 (2017)","DOI":"10.1007\/978-3-319-66787-4_4"},{"key":"1_CR38","doi-asserted-by":"crossref","unstructured":"Oren, Y., Kemerlis, V.P., Sethumadhavan, S., Keromytis, A.D.: The spy in the sandbox: practical cache attacks in JavaScript and their implications. In: CCS 2015 (2015)","DOI":"10.1145\/2810103.2813708"},{"key":"1_CR39","doi-asserted-by":"crossref","unstructured":"Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and countermeasures: the case of AES. In: CT-RSA 2006 (2006)","DOI":"10.1007\/11605805_1"},{"key":"1_CR40","doi-asserted-by":"crossref","unstructured":"Payer, M.: HexPADS: a platform to detect \u201cstealth\u201d attacks. In: ESSoS 2016 (2016)","DOI":"10.1007\/978-3-319-30806-7_9"},{"key":"1_CR41","doi-asserted-by":"crossref","unstructured":"Pereida Garc\u00eda, C., Brumley, B.B., Yarom, Y.: Make sure DSA signing exponentiations really are constant-time. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (2016)","DOI":"10.1145\/2976749.2978420"},{"key":"1_CR42","unstructured":"Pessl, P., Gruss, D., Maurice, C., Schwarz, M., Mangard, S.: DRAMA: exploiting DRAM addressing for Cross-CPU attacks. In: USENIX Security Symposium (2016)"},{"key":"1_CR43","doi-asserted-by":"crossref","unstructured":"Raj, H., Nathuji, R., Singh, A., England, P.: Resource management for isolation enhanced cloud services. In: Proceedings of the 1st ACM Cloud Computing Security Workshop (CCSW 2009), pp. 77\u201384 (2009)","DOI":"10.1145\/1655008.1655019"},{"key":"1_CR44","unstructured":"Rutkowska, J.: Thoughts on Intel\u2019s upcoming Software Guard Extensions (Part 2) (2013). http:\/\/theinvisiblethings.blogspot.co.at\/2013\/09\/thoughts-on-intels-upcoming-software.html . Accessed 20 Oct 2016"},{"key":"1_CR45","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"229","DOI":"10.1007\/978-3-662-48324-4_12","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2015","author":"W Schindler","year":"2015","unstructured":"Schindler, W.: Exclusive exponent blinding may not suffice to prevent timing attacks on RSA. In: G\u00fcneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 229\u2013247. Springer, Heidelberg (2015). doi: 10.1007\/978-3-662-48324-4_12"},{"key":"1_CR46","doi-asserted-by":"crossref","unstructured":"Schuster, F., Costa, M., Fournet, C., Gkantsidis, C., Peinado, M., Mainar-Ruiz, G., Russinovich, M.: VC3: trustworthy data analytics in the cloud using SGX (2015)","DOI":"10.1109\/SP.2015.10"},{"key":"1_CR47","doi-asserted-by":"crossref","unstructured":"Sudhakar, M., Kamala, R.V., Srinivas, M.: A bit-sliced, scalable and unified montgomery multiplier architecture for RSA and ECC. In: 2007 IFIP International Conference on Very Large Scale Integration, pp. 252\u2013257 (2007)","DOI":"10.1109\/VLSISOC.2007.4402507"},{"key":"1_CR48","series-title":"Lecture Notes in Computer Science","volume-title":"Selected Areas in Cryptography","year":"2004","unstructured":"Matsui, M., Zuccherato, R.J. (eds.): SAC 2003. LNCS, vol. 3006. Springer, Heidelberg (2004)"},{"issue":"3\u20134","key":"1_CR49","doi-asserted-by":"crossref","first-page":"219","DOI":"10.3233\/JCS-1992-13-403","volume":"1","author":"JC Wray","year":"1992","unstructured":"Wray, J.C.: An analysis of covert timing channels. J. Comput. Secur. 1(3\u20134), 219\u2013232 (1992)","journal-title":"J. Comput. Secur."},{"key":"1_CR50","doi-asserted-by":"crossref","unstructured":"Xu, Y., Cui, W., Peinado, M.: Controlled-channel attacks: deterministic side channels for untrusted operating systems. In: S&P 2015, May 2015","DOI":"10.1109\/SP.2015.45"},{"key":"1_CR51","unstructured":"Yarom, Y., Falkner, K.: Flush+Reload: a high resolution, low noise, L3 cache side-channel attack. In: USENIX Security Symposium (2014)"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-60876-1_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,29]],"date-time":"2022-07-29T03:57:51Z","timestamp":1659067071000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-60876-1_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319608754","9783319608761"],"references-count":51,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-60876-1_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]}}}