Modern security technology in Intel processors ‘not watertight’ say Leuven academics

Created September 3, 2018
Applications and Research

Intel has now released patches and updates to resolve the flaw in millions of processors.

Technology giant Intel has been including an innovative security method in its processors for a number of years. This method works as a vault for your personal data. However, researchers at KU Leuven (Leuven University, Netherlands) have shown that the system can, in fact, be hacked using the Foreshadow attack.

What’s more, they say, information processed in cloud systems also seems to be vulnerable to this kind of attack. Intel has announced that it will be releasing patches and updates to resolve the flaw in millions of processors.

Computer systems are made up of different layers; every layer also contains millions of lines of computer code. As this code is still written manually, the risk for errors is significant. If such an error occurs, the entire computer system is left vulnerable to attacks.

Viruses exploit such errors to gain access to sensitive or personal information on the computer, from holiday pictures and passwords to business secrets. In order to protect their processors against these kind of intrusions, IT company Intel introduced an innovative technology in 2015: Intel Software Guard eXtensions (Intel SGX). This technology creates isolated environments in the computer’s memory, so-called enclaves, where data and programmes can be used securely.

“If you look at a computer system as a skyscraper, the enclaves form a vault,” commented researcher Jo Van Bulck of the Informatics Section at KU Leuven. “Even when the building collapses the vault should still guard its secrets. You can put personal information, such as passwords or medical data, in this vault, but there are other possibilities as well. Streaming services such as Netflix, for example, can use enclaves for copyright protection: customers may look at films, but they cannot extract the data that would enable them to make an illegal copy of these films.”

Partnership with Technion
Until now, this technology seemed watertight, but KU Leuven researchers have discovered a breach. The attack they launched together with Technion – Israel Institute of Technology, University of Michigan and The University of Adelaide, called Foreshadow, shows that the content of the enclaves can be uncovered anyway.

“The attack uses speculative execution”, says researcher Raoul Strackx. “To be able to work quickly, a processor will make certain calculations in advance. If it becomes clear that the calculations retrieve information from an enclave in an unauthorised way, they are discarded. But this is where Intel SGX makes a mistake. Not all traces of the calculations are discarded, which allowed us to enter the enclave.” The computer scientists already notified Intel of this security risk earlier in 2018, ensuring the technology company had enough time to resolve the breach.

An analysis performed by Intel itself also revealed that the impact of Foreshadow is even greater than expected. Not only can this kind of attack enter the enclaves, it also compromises the security of cloud platforms, which play a crucial role in our IT infrastructure. On 14 August, Intel released an update to repair the flaw in millions of processors.

“Over the past years, researchers of KU Leuven have uncovered several important issues in our IT infrastructure”, commented Professor Frank Piessens of KU Leuven’s Department of Computer Science. “Our scientists discovered a major breach in the WIFI security in October last year, for instance. In other words, this new successful attack is more than just a stroke of luck. That is why Intel Corporation has decided to support us in the coming years to help them in their search for solutions for cybersecurity.”


This article was written
by Matthew Peach

Matthew Peach is a freelance technology journalist specialising in photonics and communications. He has previously worked for several business-to-business publishers, editing a range of high-tech magazines and websites.