Academic Research
These Intel® Software Guard Extensions (Intel® SGX) papers are ordered by category and publication year.
Blockchain
FastKitten: Practical Smart Contracts on Bitcoin (USENIX 2019)
BITE: Bitcoin Lightweight Client Privacy Using Trusted Execution (USENIX 2019)
Teechain: Scalable Blockchain Payments Using Trusted Execution Environments | Code (arXiv 2018)
Private Data Objects: An Overview | Code (arXiv 2018)
Troxy: Transparent Access to Byzantine Fault-Tolerant Systems (Dependable Systems and Networks [DSN] 2018)
Ekiden: A Platform for Confidentiality-Preserving, Trustworthy, and Performant Smart Contract Execution (arXiv 2018)
ShadowEth: A Private Smart Contract on Public Blockchain (Journal of Computer Science & Technology 2018)
Identity Aging: Efficient Blockchain Consensus (arXiv 2018)
Paralysis Proofs: Safe Access-Structure Updates for Cryptocurrencies and More (Cryptology ePrint Archive 2018)
WAVE: A Decentralized Authorization System for IoT via Blockchain Smart Contracts (Berkeley 2017)
Tesseract: A Real-Time Cryptocurrency Exchange Using Trusted Hardware (Cryptology ePrint Archive 2017)
Solidus: Confidential Distributed Ledger Transactions via PVORM (CCS 2017)
REM: Resource-Efficient Mining for Blockchains (USENIX Security 2017)
Teechan: Payment Channels Using Trusted Execution Environments (arXiv 2017)
Scalable Byzantine Consensus via Hardware-assisted Secret Sharing (arXiv 2016)
Proof of Luck: An Efficient Blockchain Consensus Protocol | Code (SysTEX 2016)
Town Crier: An Authenticated Data Feed for Smart Contracts (ACM Conference on Computer and Communications Security [CCS] 2016)
Data Analytics in the Cloud
TensorSCONE: A Secure TensorFlow* Framework Using Intel SGX (arXiv 2019)
ObliDC: An SGX-based Oblivious Distributed Computing Framework with Formal Proof (ACM ASIA Conference on Computer and Communications Security [ACM ASIACCS] 2019)
Hardware-Supported Oblivious Random Access Machine (ORAM) in Effect: Practical Oblivious Search and Update on Very Large Dataset (Privacy Enhancing Technologies Symposium [PETS] 2019)
StealthDB: A Scalable Encrypted Database with Full SQL Query Support (PETS 2019)
ObliDB: An Efficient and Secure Cloud Database Using Hardware Enclaves (arXiv 2018)
DataBright: Towards a Global Exchange for Decentralized Data Ownership and Trusted Computation (arXiv 2018)
Chiron: Privacy-Preserving Machine Learning as a Service (arXiv 2018)
SafeBricks: Securing Network Functions in the Cloud (USENIX Symposium on Networked Systems Design and Implementation [NSDI] 2018)
EnclaveDB: A Secure Database Using Intel SGX (IEEE European Symposium on Security and Privacy [EuroS&P] 2018)
Oblix: An Efficient Oblivious Search Index (EuroS&P 2018)
LibSEAL: Revealing Service Integrity Violations Using Trusted Execution (European Conference on Computer Systems [EUROSYS] 2018)
Pesos: Policy Enhanced Secure Object Store (EUROSYS 2018)
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware (arXiv 2018)
Efficient Deep Learning on Multisource Private Data (arXiv 2018)
MLCapsule: Guarded Offline Deployment of Machine Learning as a Service (arXiv 2018)
MaskAI: Privacy-Preserving Masked Reads Alignment Using Intel SGX (Symposium on Reliable Distributed Systems [SRDS] 2018)
Opaque: An Oblivious and Encrypted Distributed Analytics Platform (NSDI 2017)
SecureCloud: Secure Big Data Processing in Untrusted Clouds (Design, Automation & Test in Europe Conference & Exhibition 2017)
The Circle Game: A Scalable Private Membership Test Using Trusted Hardware (Asia CCS 2017)
Secure Multiparty Computation from Intel SGX (International Conference on Financial Cryptography and Data Security 2017)
Glimmers: Resolving the Privacy and Trust Quagmire (Workshop on Hot Topics in Operating Systems [HotOS] 2017)
A Lightweight MapReduce Framework for Secure Processing with Intel SGX (International Workshop on Assured Cloud Computing [WACC] 2017)
Secure Data Analytics on Intel SGX with Randomization (European Symposium on Research in Computer Security [ESORICS] 2017)
Computation on Encrypted Data Using Data Flow Authentication (arXiv 2017)
Enclave-Based, Privacy-Preserving Alignment of Raw Genomic Information: Information Leakage and Countermeasures (SysTex 2017)
IRON: Functional Encryption Using Intel SGX (CCS 2017)
SGX-BigMatrix: A Practical Encrypted Data Analytic Framework with Trusted Processors (CCS 2017)
VC3: Trustworthy Data Analytics in the Cloud (EuroS&P 2015)
Hardening Enclaves
A Trusted Clock for Intel SGX Enclaves (EuroSec 2018)
The Guard's Dilemma: Efficient Code-Reuse Attacks Against Intel SGX (USENIX Security Symposium 2018)
SGXCrypter: Intellectual Property (IP) Protection for Portable Executables Using Intel SGX Technology | Code (Asia and South Pacific Design Automation Conference [ASP-DAC] 2017)
SGX-Shield: Enabling Address Space Layout Randomization for Intel SGX Programs | Code (Network and Distributed System Security Symposium [NDSS] 2017)
SGXBounds: Memory Safety for Shielded Execution | Code (EUROSYS 2017)
TrustJS: A Trusted Client-Side Execution of JavaScript* (EuroSec 2017)
Sealed-Glass Proofs: Using Transparent Enclaves to Prove and Sell Knowledge (EuroS&P 2017)
EnGarde: Mutually-Trusted Inspection of Intel SGX Enclaves (International Conference on Distributed Computing Systems [ICDCS] 2017)
Glamdring: Automatic Application Partitioning for Intel SGX (ATC 2017)
ROTE: Rollback Protection for Trusted Execution (USENIX Security Symposium 2017)
A Compiler and Verifier for Page Access Oblivious Computation (European Software Engineering Conference and Symposium on the Foundations of Software Engineering [ESEC/FSE] 2017)
Challenges for Scaling Applications Across Enclaves (SysTex 2017)
Harden Intel SGX Applications: Balancing Concerns (SysTex 2017)
Strongly Secure and Efficient Data Shuffle on Hardware Enclaves (SysTex 2017)
A Formal Foundation for Secure Remote Execution of Enclaves (CCS 2017)
JITGuard: Hardening Just-in-Time Compilers with Intel SGX (CCS 2017)
Towards Safe Enclaves (HotSpot 2016)
Foundations of Hardware-Based Attested Computation and the Application to Intel SGX (IEEE European Symposium on Security and Privacy [EuroS&P] 2016)
A Design and Verification Methodology for Secure Isolated Regions (Programming Language Design and Implementation [PDLI] 2016)
Towards Management of Chains of Trust for Multi-Clouds with Intel SGX (Second Workshop on Security in Clouds 2016)
Ariadne: A Minimal Approach to State Continuity (USENIX Security Symposium 2016)
Trusted Code Execution on Untrusted Platform Using Intel SGX (Virus Bulletin 2016)
Build Critical Applications Using Microservices (IEEE Security and Privacy 2016)
Ryoan: A Distributed Sandbox for Untrusted Computation on Secret Data (OSDI 2016)
Develop Secure Intel SGX Enclaves: New Challenges on the Horizon (SysTex 2016)
Moat: Verifying Confidentiality Properties of Enclave Programs (CCS 2015)
Networking
ConsenSGX: Scaling Anonymous Communications Networks with Trusted Execution Environments | Code (PETS 2019)
Instruction Set Architecture (ISA)-Based Trusted Network Functions and Server Applications in the Untrusted Cloud (arXiv 2018)
Secure and Privacy-Aware Data Dissemination for Cloud-Based Applications (arXiv 2018)
ShieldBox: Secure Middleboxes Using Shielded Execution (Symposium on SDN Research [SOSR] 2018)
ENDBOX: Scalable Middlebox Functions Using Client-Side Trusted Execution (DSN 2018)
Trusted Click: Overcoming Security Issues of Network Function Virtualization (NFV) in the Cloud (Security in Software Defined Networks & Network Function Virtualization [SDN NFV Security] 2017)
Opaque: An Oblivious and Encrypted Distributed Analytics Platform (NSDI 2017)
TaLoS: Secure and Transparent Transport Layer Security (TLS) Termination Inside Intel SGX Enclaves | Code (2017)
LightBox: Assisted Secure Network Functions at Near-Native Speed (arXiv 2017)
SGX-Box: Enabling Visibility on Encrypted Traffic Using a Secure Middlebox Module (Asia-Pacific Workshop on Networking [APNet] 2017)
Slick: Secure Middleboxes Using Shielded Execution (arXiv 2017)
And Then There Were More: Secure Communication for More Than Two Parties (Conference on Emerging Networking Experiments and Technologies [CoNEXT] 2017)
S-NFV: Securing NFV States by Using Intel SGX (SDN NFV Security 2016)
Fast, Scalable, and Secure Onloading of Edge Functions Using AirBox (ACM Symposium on Edge Computing [ACM SEC] 2016)
A First Step Towards Leveraging Commodity Trusted Execution Environments for Network Applications (HotNets 2015)
Other Enclave Papers
Intel SGX Remote Attestation Is Not Sufficient (BlackHat 2017)
Hack in Darkness: Return-Oriented Programming Against Secure Enclaves (USENIX Security Symposium 2017)
Another Flip in the Wall of Rowhammer Defenses (arXiv 2017)
Leaking Uninitialized Secure Enclave Memory via Structure Padding (arXiv 2017)
SGX-Bomb: Locking Down the Processor via a Rowhammer Attack (SysTex 2017)
AsyncShock: Exploiting Synchronization Bugs in Intel SGX Enclaves (ESORICS 2016)
Avoid Leakage and Synchronization Attacks Through Enclave-Side Preemption Control (SysTex 2016)
Other Intel SGX® Uses
OBFSCURO: A Commodity Obfuscation Engine on Intel SGX | Code (NDSS 2019)
Fidelius: Protecting User Secrets from Compromised Browsers | Code (IEEE Symposium on Security and Privacy [SP] 2019)
Enable Strong Database Integrity Using Trusted Execution Environments (arXiv 2018)
Snort Intrusion Detection System with Intel SGX | Code (arXiv 2018)
Aurora: Providing Trusted System Services for Enclaves on an Untrusted System (arXiv 2018)
Keys in the Clouds: Auditable Multidevice Access to Cryptographic Credentials | Code (arXiv 2018)
SafeKeeper: Protecting Web Passwords Using Trusted Execution Environments | Code (World Wide Web [WWW] Conference 2018)
IBBE-SGX: Cryptographic Group Access Control Using Trusted Execution Environments (DSN 2018)
Migrate Intel SGX Enclaves with Persistent State | Code
CYCLOSA: Decentralizing Private Web Search Through Browser Extensions Based on Intel SGX (ICDCS 2018)
Container Orchestration for Heterogeneous Clusters That's Aware of Intel SGX | Code (ICDCS 2018)
Se-Lambda: Securing Privacy-Sensitive Serverless Applications Using an Intel SGX Enclave (Security and Privacy in Communication Systems [SecureComm] 2018)
PubSub-SGX: Exploiting Trusted Execution Environments for Privacy-Preserving Publish and Subscribe Systems (SRDS 2018)
Intel SGX Enforcement of Use-Based Privacy (Workshop on Privacy in the Electronic Society [WPES] 2018)
Robust Synchronous Peer-to-Peer (P2P) Primitives Using Intel SGX Enclaves (Cryptology ePrint Archive 2017)
HardIDX: A Practical and Secure Index with Intel SGX (arXiv 2017)
SGX-Log: Securing System Logs with Intel SGX (Asia Conference on Computer and Communications Security [Asia CCS] 2017)
Hybrids on Steroids: High-Performance Byzantine Fault Tolerance (BFT) Based on Intel SGX (EUROSYS 2017)
LibSEAL: Detecting Service Integrity Violations Using Trusted Execution (EUROSYS 2017)
Trust Is in the Keys of the Beholder: Extending Intel SGX Autonomy and Anonymity (MS Thesis, Interdisciplinary Center, Herzliya 2017)
Glimmers: Resolving the Privacy and Trust Quagmire (HotOS 2017)
PrIXP: Preserving the Privacy of Routing Policies at Internet Exchange Points (IFIP/IEEE IM 2017)
Leverage Intel SGX to Create a Nondisclosure Cryptographic Library (arXiv 2017)
Rollback and Forking Detection for Trusted Execution Environments Using Lightweight Collective Memory (arXiv 2017)
Secure Cloud Micro Services Using Intel SGX (Distributed Applications and Interoperable Systems [DAIS] 2017)
Regain Lost Cycles with HotCalls: A Fast Interface for Intel SGX Secure Enclaves (International Symposium on Computer Architecture [ISCA] 2017)
Establish Mutually Trusted Channels for Remote Sensing Devices with Trusted Execution Environments (International Conference on Availability, Reliability, and Security [ARES] 2017)
Protect Web Passwords from Rogue Servers Using Trusted Execution Environments (arXiv 2017)
Scotch: Combining Intel SGX and System Management Mode to Monitor Cloud Resource Usage (RAID 2017)
Scale Databases Using Trusted Hardware Proxies (SysTex 2017)
X-Search: Revisiting Private Web Search Using Intel SGX (Middleware 2017)
Intel SGX Enabled Key Manager Service with OpenStack* Barbican | Code (arXiv 2017)
A Cloud-Based Secure Logger for Medical Devices (Connected Health: Applications, Systems, and Engineering Technologies [CHASE] 2017)
A Case for Protecting Computer Games with Intel SGX (SysTex 2016)
Isolate Operating System Components with Intel SGX (SysTex 2016)
Mitigate Password Database Breaches with Intel SGX (SysTex 2016)
Overhead-Free I/O from Enclaves (SysTex 2016)
Protect Password Databases Using Trusted Hardware (SysTex 2016)
Secure Content-Based Routing Using Intel SGX (International Middleware Conference 2016)
SecureKeeper: Confidential ZooKeeper Using Intel SGX | Code (International Middleware Conference 2016)
Run Applications in Enclaves
eMotion: An Intel SGX Extension for Migrating Enclaves (Computers & Security 2019)
A Practical Intel SGX Setting for Linux* Containers in the Cloud (Conference on Data and Application Security and Privacy [CODASPY] 2019)
ReplicaTEE: Enabling Seamless Replication of Intel SGX Enclaves in the Cloud (EuroS&P 2019)
Secured Routines: Language-Based Construction of Trusted Execution Environments | Code (ATC 2019)
Integrate Remote Attestation with Transport Layer Security | Code (arXiv 2018)
DelegaTEE: Brokered Delegation Using Trusted Execution Environments (Cryptology ePrint Archive 2018)
Aurora: Providing Trusted System Services for Enclaves on an Untrusted System (arXiv 2018)
SGXElide: Enabling Enclave Code Secrecy via Self Modification | Code (International Symposium on Code Generation and Optimization [CGO] 2018)
The Secure Machine: Efficient Secure Execution on Untrusted Platforms (Technion 2018)
VAULT: Reducing Paging Overheads in Intel SGX with Efficient Integrity Verification Structures (ASPLOS 2018)
IMIX: In-Process Memory Isolation Extension (USENIX Security Symposium 2018)
S-FaaS: Trustworthy and Accountable Function-as-a-Service Using Intel SGX (arXiv 2018)
Secure Compute-VM: Secure Big Data Processing with Intel SGX and Compute Accelerators (SysTex 2018)
Switchless Calls Made Practical in Intel SGX | Code (SysTex 2018)
TEEshift: Protecting Code Confidentiality by Selectively Shifting Functions into Trusted Execution Environments (TEE) (SysTex 2018)
Sgx-perf: A Performance Analysis Tool for Intel SGX Enclaves | Code (Middleware 2018)
EActors: Fast and Flexible Trusted Computing Using Intel SGX | Code (Middleware 2018)
Panoply: Low Trusted Computing Base (TCB) Linux Applications with Intel SGX Enclaves | Code (NDSS 2017)
Eleos: ExitLess Operating System Services for Intel SGX Enclaves | Code (EUROSYS 2017)
SGXKernel: A Library Operating System Optimized for Intel SGX (Computing Frontiers Conference 2017)
SecureStreams: A Reactive Middleware Framework for Secure Data Stream Processing (ACM International Conference on Distributed and Event-Based Systems [DEBS] 2017)
Secure Live Migration of Intel SGX Enclaves on an Untrusted Cloud (DSN 2017)
Secure Tera-Scale Data Crunching with a Small TCB (DSN 2017)
Graphene-SGX: A Practical Library Operating System for Unmodified Applications on Intel SGX | Code (ATC 2017)
DynSGX: A Privacy-Preserving Toolset for Dynamically Loading Functions into Intel SGX Enclaves (CloudCom 2017)
SCONE: Secure Linux Containers with Intel SGX (OSDI 2016)
Shield Applications from an Untrusted Cloud with Haven (Transactions on Computer Systems [TOCS] 2015)
Side-Channel Attacks & Defenses
SgxPectre Attacks: Leaking Enclave Secrets via Speculative Execution (arXiv 2018)
BranchScope: A New Side-Channel Attack on Directional Branch Predictor (ASPLOS 2018)
MemJam: A False Dependency Attack Against Constant-Time Crypto Implementations (CT-RSA 2018)
CacheQuote: Efficiently Recovering Long-Term Secrets of Intel SGX EPID via Cache Attacks (TCHES 2018)
Single Trace Attack Against RSA Key Generation in Intel SGX SSL (ATC 2018)
Off-Limits: Abusing Legacy x86 Memory Segmentation to Spy on Enclaved Execution (ESSoS 2018)
Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution (USENIX Security Symposium 2018)
Mitigate Branch-Shadowing Attacks on Intel SGX Using Control Flow Randomization | Code (SysTex 2018)
On the Detectability of Control Flow Using Memory Access Patterns (SysTex 2018)
Software Grand Exposure: Intel SGX Cache Attacks Are Practical (arXiv 2017)
CacheZoom: How SGX Amplifies the Power of Cache Attacks (CHES 2017)
Cache Attacks on Intel SGX (EuroSec 2017)
Malware Guard Extension: Using Intel SGX to Conceal Cache Attacks (DIMVA 2017)
High-Resolution Side Channels for Untrusted Operating Systems (ATC 2017)
Infer Fine-Grained Control Flow Inside SGX Enclaves with Branch Shadowing (USENIX Security Symposium 2017)
Tell Your Secrets without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution | Code (USENIX Security Symposium 2017)
SGX-Step: A Practical Attack Framework for Precise Enclave Execution Control (SysTex 2017)
Understand Memory Side-Channel Hazards in Intel SGX (CCS 2017)
Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems (Symposium on Security and Privacy 2015)
OBLIVIATE: A Data-Oblivious File System for Intel SGX (NDSS 2018)
ZeroTrace: Oblivious Memory Primitives from Intel SGX (NDSS 2018)
VARYS: Protecting Intel SGX Enclaves from Practical Side-Channel Attacks (ATC 2018)
Mitigate Branch-Shadowing Attacks on Intel SGX Using Control Flow Randomization | Code (arXiv 2018)
Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary CPU Interrupt Logic (CCS 2018)
T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs (NDSS 2017)
Detect Privileged Side-Channel Attacks in Shielded Execution with Déjà Vu (Asia CCS 2017)
Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory (USENIX Security Symposium 2017)
SGX-LAPD: Thwarting Controlled Side Channel Attacks via Enclave Verifiable Page Faults (RAID 2017)
DR.SGX: Hardening Intel SGX Enclaves Against Cache Attacks with Data Location Randomization (arXiv 2017)
The Pyramid Scheme: Oblivious RAM for Trusted Processors (arXiv 2017)
Prevent Page Faults from Telling Your Secrets (Asia Conference on Computer and Communications Security [Asia CCS] 2016)
InvisiPage: Oblivious Demand Paging for Secure Enclaves (ISCA 2019)
MicroScope: Enabling Microarchitectural Replay Attacks (ISCA 2019)
Steal Intel Secrets from Intel SGX Enclaves via Speculative Execution (Euro S&P 2019)
Theory of Operation
Run Language Interpreters Inside Intel SGX: A Lightweight, Legacy-Compatible Script Code Hardening Approach (Asia CCS 2019)
Everything You Should Know About Intel SGX Performance on Virtualized Systems (ACM SIGMETRICS 2019)
Trusted Execution and the Impact of Security on Performance (SysTex 2018)
Formal Abstractions for Attested Execution Secure Processors (EuroCrypt 2017)
Hardware is the New Software (HotOS 2017)
Secure Processors Part I: Background, Taxonomy for Secure Enclaves, and Intel SGX Architecture (Now Publishers 2017)
Secure Processors Part II: Intel SGX Security Analysis and MIT Sanctum Architecture (Now Publishers 2017)
S-OpenSGX: A System-Level Platform for Exploring Intel SGX Enclave-Based Computing (Computers & Security 2017)
Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software | Code (Symposium on Operating Systems Principles [SOSP] 2017) Intel SGX Explained (Cryptology ePrint Archive 2016)
OpenSGX: An Open Platform for Intel SGX Research | Code (NDSS 2016)
Trusted I/O
ProximiTEE: Hardened Intel SGX Attestation and Trusted Path through Proximity Verification (Cryptology ePrint Archive 2018)
SGXIO: Generic Trusted I/O Path for Intel SGX (CODASPY 2017)