Cache attacks are a class of side-channel attacks that have been used since 2005 to break implementations of cryptographic algorithms. However, they do not impact only cryptography; if a given context makes cache attacks applicable, then everything that handles confidential data is potentially vulnerable. The SGX technology offers such a context where all the code in an enclave, not only its encryption code, shall be made robust to such attacks. In this talk, we present a summary of cache attacks, SGX, and a toolkit of C functions designed to help with writing generic, non-crypto, constant-time code.
Thomas Pornin Cryptographer and Researcher, NCC Group
Thomas Pornin is a cryptographer and researcher, doing cryptography consulting at NCC Group. He is the author of BearSSL, a secure and compact SSL/TLS library.