Sigy: Breaking Intel SGX Enclaves with Malicious Exceptions & Signals
OPEN ACCESS
Loading...
Author / Producer
Date
2025
Publication Type
Conference Paper
ETH Bibliography
yes
Citations
Scopus:
Altmetric
OPEN ACCESS
Data
Rights / License
Abstract
User programs recover from hardware exceptions and respond to signals by executing custom handlers that they register specifically for such events. We present Sigy attack, which abuses this programming model on Intel SGX to break the confidentiality and integrity guarantees of enclaves. Sigy uses the untrusted OS to deliver fake hardware events and injects fake signals in an enclave at any point. Such unintended execution of benign program-defined handlers in an enclave corrupts its state and violates execution integrity. 7 runtimes and library OSes (OpenEnclave, Gramine, Scone, Asylo, Teaclave, Occlum, EnclaveOS) are vulnerable to Sigy. 8 languages supported in Intel SGX have programming constructs that are vulnerable to Sigy. We use Sigy to demonstrate 4 proof of concept exploits on webservers (Nginx, Node.js) to leak secrets and data analytics workloads in different languages (C and Java) to break execution integrity.
Permanent link
Publication status
published
External links
Editor
Book title
ASIA CCS '25: Proceedings of the 20th ACM Asia Conference on Computer and Communications Security
Journal / series
Volume
Pages / Article No.
1643 - 1658
Publisher
Association for Computing Machinery
Event
20th ACM Asia Conference on Computer and Communications Security (ASIA CSS 2025)
Edition / version
Methods
Software
Geographic location
Date collected
Date created
Subject
TEE; Intel SGX; Exception; Signal; Interrupt handling
Organisational unit
09730 - Shinde, Shweta Shivaji / Shinde, Shweta Shivaji