On Tue, 2017-12-12 at 15:07 +0100, Pavel Machek wrote: > On Sat 2017-11-25 21:29:17, Jarkko Sakkinen wrote: > > Intel(R) SGX is a set of CPU instructions that can be used by applications to > > set aside private regions of code and data. The code outside the enclave is > > disallowed to access the memory inside the enclave by the CPU access control. > > In a way you can think that SGX provides inverted sandbox. It protects the > > application from a malicious host. > > Would you list guarantees provided by SGX? > > For example, host can still observe timing of cachelines being > accessed by "protected" app, right? Can it also introduce bit flips? > > Pavel I'll give a more proper response to this now that all the reported major issues in the code have been fixed in v9. Yes, SGX is vulnerable to the L1 cacheline timing attacks. Jethro Beekman wrote a great summary about this on early March: https://jbeekman.nl/blog/2017/03/sgx-side-channel-attacks/ The counter measures are the same as without SGX. It really does not add or degrade security in this area. /Jarkko