A cureted list of system papers using/about Intel SGX. I'll try to keep this list updated. I gladly accept PRs.
Title | Venue | |
---|---|---|
Using Innovative Instructions to Create Trustworthy Software Solutions | HASP@ISCA'13 | link |
Cooperation and Security Isolation of Library OSes for Multi-Process Applications | EuroSys'14 | link |
Shielding Applications from an Untrusted Cloud with Haven | TOCS'15 | link |
VC3: trustworthy data analytics in the cloud using SGX | S&P'15 | link |
Moat: Verifying Confidentiality of Enclave Programs | CCS'15 | link |
SCONE: Secure Linux Containers with Intel SGX | OSDI'16 | link |
Ryoan: a distributed sandbox for untrusted computation on secret data. | OSDI'16 | link |
SGX Support for Dynamic Memory Management Inside an Enclave | HASP'16 | link |
Secure Content-Based Routing Using Intel Software Guard Extensions | Middleware'16 | link |
SecureKeeper: Confidential ZooKeeper using Intel SGX | Middleware'16 | link |
AsyncShock: Exploiting Synchronisation Bugs in Intel SGX Enclaves | ESORICS'16 | link |
Eleos: ExitLess OS Services for SGX Enclaves | EuroSys'17 | link |
SGXBounds: Memory Safety for Shielded Execution | EuroSys'17 | link |
Hybrids on Steroids: SGX-Based High Performance BFT | EuroSys'17 | link |
PANOPLY: Low-TCB Linux Applications with SGX Enclaves | NDSS'17 | link |
Teechan: Payment Channels Using Trusted Execution Environments | BITCOIN'17 | link |
SGXIO: Generic Trusted I/O Path for Intel SGX | CODASPY'17 | link |
TrustJS: Trusted Client-side Execution of JavaScript | EuroSec'17 | link |
SGX-Log: Securing System Logs With SGX | Asia CCS'17 | link |
Secure Live Migration of SGX Enclaves on Untrusted Cloud | DSN'17 | link |
Rollback and Forking Detection for Trusted Execution Environments using Lightweight Collective Memory | DSN'17 | link |
SecureStreams: Reactive Middleware for Secure Data Stream | DEBS'17 | link |
Regaining Lost Cycles with HotCalls: A Fast Interface for SGX Secure Enclaves | ISCA'17 | link |
Glamdring: Automatic Application Partitioning for Intel SGX | ATC'17 | link |
Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing | Usenix Security'17 | link |
S-NFV: Securing NFV states by using SGX | CODASPY'17 | link |
Enhancing Security and Privacy of Tor's Ecosystem by Using Trusted Execution Environments | NSDI'17 | link |
Securing Data Analytics on SGX With Randomization | ESORICS'17 | link |
Software Grand Exposure: SGX Cache Attacks Are Practical | WooT'17 | link |
Komodo: Using verification to disentangle secure-enclave hardware from software | SOSP'17 | link |
POSTER: Rust SGX SDK: Towards Memory Safety in Intel SGX Enclave | CCS'17 | link |
Iron: Functional Encryption using Intel SGX | CCS'17 | link |
A Formal Foundation for Secure Remote Execution of Enclaves | CCS'17 | link |
SGX-Bomb: Locking Down the Processor via Rowhammer Attack | SysTEX'17 | link |
X-Search: Revisiting Private Web Search using Intel SGX | Middleware'17 | link |
SGXKernel: A Library Operating System Optimized for Intel SGX | CF'17 | link |
Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX | ATC'17 | link |
VAULT: Reducing Paging Overheads in SGX with Efficient Integrity Verification Structures | ASPLOS'18 | link |
STANlite - a database engine for secure data processing at rack-scale level | IC2E'18 | link |
EnclaveDB: A Secure Database using SGX | SP'18 | link |
Oblix: An Efficient Oblivious Search Index | S&P'18 | link |
ZeroTrace: Oblivious Memory Primitives from Intel SGX | NDSS'18 | link |
OBLIVIATE: A Data Oblivious Filesystem for Intel SGX | NDSS'18 | link |
EndBox: Scalable Middlebox Functions Using Client-Side Trusted Execution | DSN'18 | link |
LibSEAL: Revealing Service Integrity Violations Using Trusted Execution | EuroSys'18 | link |
PESOS: Policy Enhanced Secure Object Store | EuroSys'18 | link |
Migrating SGX Enclaves with Persistent State | DSN'18 | link |
SafeBricks: Shielding Network Functions in the Cloud | NSDI'18 | link |
ShieldBox: Secure Middleboxes using Shielded Execution | SOSR'18 | link |
CYCLOSA: Decentralizing Private Web Search Through SGX-Based Browser Extensions | ICDCS'18 | link |
SGX-Aware Container Orchestration for Heterogeneous Clusters | ICDCS'18 | link |
Varys: Protecting SGX enclaves from practical side-channel attacks | ATC'18 | link |
Security, Performance and Energy Trade-offs of Hardware-assisted Memory Protection Mechanisms | SRDS'18 | link |
PubSub-SGX: exploiting Trusted Execution Environments for privacy-preserving publish/subscribe systems | SRDS'18 | link |
sgx-perf: A Performance Analysis Tool for Intel SGX Enclaves | Middleware'18 | link |
EActors: Fast and flexible trusted computing using SGX | Middleware'18 | link |
DelegaTEE: Brokered Delegation Using Trusted Execution Environments | USENIX Security'18 | link |
Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution | USENIX Security'18 | link |
A Practical Intel SGX Setting for Linux Containers in the Cloud | CODASPY'19 | link |
Everything you should know about Intel SGX performance on virtualized systems | SIGMETRICS'19 | link |
ShieldStore: Shielded In-memory Key-value Storage with SGX | EuroSys'19 | link |
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware | ICLR'19 | link |
OBFUSCURO: A Commodity Obfuscation Engine on Intel SGX | NDSS‘19 | link |
Trust more, serverless | SysTor'19 | link |
Clemmys: Towards Secure Remote Execution in FaaS | SysTor'19 | link |
Using Trusted Execution Environments for Secure Stream Processing of Medical Data | DAIS'19 | link |
Unpublished, tech-reports, or open-access:
Title | |
---|---|
Intel SGX Explained | link |
A Blockchain Based on Gossip? – a Position Paper | link |
Proof of Luck: an Efficient Blockchain Consensus Protocol | link |
Malware Guard Extension: Using SGX to Conceal Cache Attacks | link |
Blockchain and Trusted Computing: Problems, Pitfalls, and a Solution for Hyperledger Fabric | link |
DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization | link |
SgxPectre Attacks: Stealing Intel Secrets from SGX Enclaves via Speculative Execution | link |
PROXIMITEE: Hardened SGX Attestation and Trusted Path through Proximity Verification | link |
ObliDB: Oblivious Query Processing using Hardware Enclaves | link |
Practical Enclave Malware with Intel SGX | link |
Secure Network Interface with SGX | link |