In this talk, I will describe the details of the recent Foreshadow speculative execution attack. The first variant of Foreshadow breaks the SGX confidentiality guarantees, and enables us to circumvent the SGX remote attestation mechanism. Later, Intel's continued investigation revealed two other variants, with the most devastating one allowing a malicious Guest OS running in a virtual machine to access the host data. I will explain a few less known technical details and will discuss some non-technical implications of this attack.


Mark Silberstein is an assistant professor in the Electrical Engineering department at the Technion - Israel Institute of Technology. His main research focus has been on OS for accelerators, Smart I/O devices and other heterogeneous hardware, but recently drifted toward OS support for SGX (Eleos, Eurosys'17), protection of SGX enclaves against side channels (Varys, USENIX ATC'18) and speculative attacks on SGX (Foreshadow, USENIX Sec'18).