Home

Awesome

sgx-papers

A curated list of system papers using/about Intel SGX. I'll try to keep this list updated. I gladly accept PRs.

Do you use or are you familiar with Intel SGX? If yes, we’d appreciate you could fill in this anonymous survey, it takes less than 60 seconds https://forms.gle/HdHqXiBdRp98CU6y7

TitleVenuePDF
Using Innovative Instructions to Create Trustworthy Software SolutionsHASP@ISCA'13link
Cooperation and Security Isolation of Library OSes for Multi-Process ApplicationsEuroSys'14link
Shielding Applications from an Untrusted Cloud with HavenTOCS'15link
VC3: trustworthy data analytics in the cloud using SGXS&P'15link
Moat: Verifying Confidentiality of Enclave ProgramsCCS'15link
Applying the Trustworthy Remote Entity to Privacy-Preserving Multiparty Computation: Requirements and Criteria for Large-Scale ApplicationsATC'16link
Exploring the use of Intel SGX for Secure Many-Party ApplicationsSysTEX'16link
SCONE: Secure Linux Containers with Intel SGXOSDI'16link
Ryoan: a distributed sandbox for untrusted computation on secret data.OSDI'16link
SGX Support for Dynamic Memory Management Inside an EnclaveHASP'16link
Secure Content-Based Routing Using Intel Software Guard ExtensionsMiddleware'16link
SecureKeeper: Confidential ZooKeeper using Intel SGXMiddleware'16link
AsyncShock: Exploiting Synchronisation Bugs in Intel SGX EnclavesESORICS'16link
Eleos: ExitLess OS Services for SGX EnclavesEuroSys'17link
SGXBounds: Memory Safety for Shielded ExecutionEuroSys'17link
Hybrids on Steroids: SGX-Based High Performance BFTEuroSys'17link
PANOPLY: Low-TCB Linux Applications with SGX EnclavesNDSS'17link
Teechan: Payment Channels Using Trusted Execution EnvironmentsBITCOIN'17link
SGXIO: Generic Trusted I/O Path for Intel SGXCODASPY'17link
TrustJS: Trusted Client-side Execution of JavaScriptEuroSec'17link
SGX-Log: Securing System Logs With SGXAsia CCS'17link
Secure Live Migration of SGX Enclaves on Untrusted CloudDSN'17link
Rollback and Forking Detection for Trusted Execution Environments using Lightweight Collective MemoryDSN'17link
SecureStreams: Reactive Middleware for Secure Data StreamDEBS'17link
Regaining Lost Cycles with HotCalls: A Fast Interface for SGX Secure EnclavesISCA'17link
Glamdring: Automatic Application Partitioning for Intel SGXATC'17link
Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch ShadowingUsenix Security'17link
S-NFV: Securing NFV states by using SGXCODASPY'17link
Enhancing Security and Privacy of Tor's Ecosystem by Using Trusted Execution EnvironmentsNSDI'17link
Securing Data Analytics on SGX With RandomizationESORICS'17link
Software Grand Exposure: SGX Cache Attacks Are PracticalWooT'17link
Komodo: Using verification to disentangle secure-enclave hardware from softwareSOSP'17link
POSTER: Rust SGX SDK: Towards Memory Safety in Intel SGX EnclaveCCS'17link
Iron: Functional Encryption using Intel SGXCCS'17link
A Formal Foundation for Secure Remote Execution of EnclavesCCS'17link
SGX-Bomb: Locking Down the Processor via Rowhammer AttackSysTEX'17link
X-Search: Revisiting Private Web Search using Intel SGXMiddleware'17link
Cache Attacks on Intel SGXEuroSec'17link
SGXKernel: A Library Operating System Optimized for Intel SGXCF'17link
Graphene-SGX: A Practical Library OS for Unmodified Applications on SGXATC'17link
HardIDX: Practical and Secure Index with SGXDBSec'17link
Opaque: An Oblivious and Encrypted Distributed Analytics PlatformNSDI'17link
VAULT: Reducing Paging Overheads in SGX with Efficient Integrity Verification StructuresASPLOS'18link
STANlite - a database engine for secure data processing at rack-scale levelIC2E'18link
EnclaveDB: A Secure Database using SGXSP'18link
Oblix: An Efficient Oblivious Search IndexS&P'18link
ZeroTrace: Oblivious Memory Primitives from Intel SGXNDSS'18link
OBLIVIATE: A Data Oblivious Filesystem for Intel SGXNDSS'18link
EndBox: Scalable Middlebox Functions Using Client-Side Trusted ExecutionDSN'18link
Troxy: Transparent Access to Byzantine Fault-Tolerant SystemsDSN'18link
LibSEAL: Revealing Service Integrity Violations Using Trusted ExecutionEuroSys'18link
PESOS: Policy Enhanced Secure Object StoreEuroSys'18link
Bring the Missing Jigsaw Back: TrustedClock for SGX EnclavesEuroSec'18link
Migrating SGX Enclaves with Persistent StateDSN'18link
SafeBricks: Shielding Network Functions in the CloudNSDI'18link
ShieldBox: Secure Middleboxes using Shielded ExecutionSOSR'18link
CYCLOSA: Decentralizing Private Web Search Through SGX-Based Browser ExtensionsICDCS'18link
SGX-Aware Container Orchestration for Heterogeneous ClustersICDCS'18link
Varys: Protecting SGX enclaves from practical side-channel attacksATC'18link
Mitigating Branch-Shadowing Attacks on Intel SGX using Control Flow RandomizationSysTEX'18link
Security, Performance and Energy Trade-offs of Hardware-assisted Memory Protection MechanismsSRDS'18link
PubSub-SGX: exploiting Trusted Execution Environments for privacy-preserving publish/subscribe systemsSRDS'18link
sgx-perf: A Performance Analysis Tool for Intel SGX EnclavesMiddleware'18link
EActors: Fast and flexible trusted computing using SGXMiddleware'18link
DelegaTEE: Brokered Delegation Using Trusted Execution EnvironmentsUSENIX Security'18link
Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order ExecutionUSENIX Security'18link
Achieving Data Dissemination with Security using FIWARE and Intel Software Guard Extensions (SGX)ISCC'18link
Scaling Intel® Software Guard Extensions Applications with Intel® SGX CardHASP@ISCA'19link
A Practical Intel SGX Setting for Linux Containers in the CloudCODASPY'19link
Careful-Packing: A Practical and Scalable Anti-Tampering Software Protection enforced by Trusted ComputingCODASPY'19link
Everything you should know about Intel SGX performance on virtualized systemsSIGMETRICS'19link
ShieldStore: Shielded In-memory Key-value Storage with SGXEuroSys'19link
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted HardwareICLR'19link
OBFUSCURO: A Commodity Obfuscation Engine on Intel SGXNDSS‘19link
Trust more, serverlessSysTor'19link
Clemmys: Towards Secure Remote Execution in FaaSSysTor'19link
Using Trusted Execution Environments for Secure Stream Processing of Medical DataDAIS'19link
A Hybrid Approach to Secure Function Evaluation using SGXAsiaCCS'19link
Secured Routines: Language-based Construction of Trusted Execution EnvironmentsATC'19link
NeXUS: Practical and Secure Access Control on Untrusted Storage Platforms using Client-Side SGXDSN'19link
Forward and Backward Private Searchable Encryption with SGXEuroSec'19link
TEE-Perf: A Profiler for Trusted Execution EnvironmentsDSN'19link
SgxPectre Attacks: Stealing Intel Secrets from SGX Enclaves via Speculative ExecutionEuroS&P'19link
Managing confidentiality leaks through private algorithms on Software Guard eXtensions (SGX) enclaves: Minimised TCB on secret-code execution with Early Private Mode (EPM)EURASIP Journal on Information Securitylink
BITE: Bitcoin Lightweight Client Privacy using Trusted ExecutionSEC'19link
Towards Memory Safe Enclave Programming with Rust-SGXCCS'19link
A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding RuntimesCCS'19link
OPERA: Open Remote Attestation for Intel’s Secure EnclavesCCS'19link
LightBox: Full-stack Protected Stateful Middlebox at Lightning SpeedCCS'19link
BLOXY: Providing Transparent and Generic BFT-Based Ordering Services for BlockchainsSRDS'19link
AccTEE: A WebAssembly-based Two-way Sandbox for Trusted Resource AccountingMiddleware'19link
EnclaveCache: A Secure and Scalable Key-value Cache in Multi-tenant Clouds using Intel SGXMiddleware'19link
PrivaTube: Privacy-Preserving Edge-Assisted Video StreamingMiddleware'19link
Teechain: a secure payment network with asynchronous blockchain accessSOSP'19link
Plundervolt: Software-based Fault Injection Attacks against Intel SGXOakland '20link
ObliDB: Oblivious Query Processing using Secure EnclavesVLDB'19link
CoSMIX: A Compiler-based System for Secure Memory Instrumentation and Execution in EnclavesUSENIX ATC'19link
Computation on Encrypted Data using Dataflow AuthenticationPETS'20link
Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted ExecutionNDSS'20link
COIN Attacks: On Insecurity of Enclave Untrusted Interfaces in SGXASPLOS'20link
Occlum: Secure and Efficient Multitasking Inside a Single Enclave of Intel SGXASPLOS'20link
MPTEE: Bringing Flexible and Efficient Memory Protection to Intel SGXEuroSys'20link
Autarky: Closing controlled channels with self-paging enclavesEuroSys'20link
Trust management as a service: Enabling trusted execution in the face of Byzantine stakeholdersDSN'20link
SeGShare: Secure Group File Sharing in the Cloud using EnclavesDSN'20link
Civet: An Efficient Java Partitioning Framework for Hardware EnclavesSEC'20link
BesFS: A POSIX Filesystem for Enclaves with a Mechanized Safety ProofSEC'20link
TEEMon: A continuous performance monitoring framework for TEEsMiddleware'20link
secureTF: A Secure TensorFlow FrameworkMiddleware'20link
Vessels: Efficient and Scalable Deep Learning Prediction on Trusted ProcessorsSoCC'20link
PROXIMITEE: Hardened SGX Attestation and Trusted Path through Proximity VerificationCODASPY'20link
Towards Formalization of Enhanced Privacy ID (EPID)-based Remote Attestation in Intel SGXDSD'20link
Formal Foundations for Intel SGX Data Center Attestation PrimitivesICFEM'20link
EnclavePDP: A General Framework to Verify Data Integrity in Cloud Using Intel SGXRAID'20link
TRUSTORE: Side-Channel Resistant Storage for SGX using Intel Hybrid CPU-FPGACCS'20link
Spons & Shields: Practical Isolation for Trusted ExecutionVEE'21link
Aria: Tolerating Skewed Workloads in Secure In-memory Key-value StoresICDE'21link
TWINE: An Embedded Trusted Runtime for WebAssemblyICDE'21link
CHANCEL: Efficient Multi-client Isolation Under Adversarial ProgramsNDSS'21link
VoltPillager: Hardware-based fault injection attacks against Intel SGX Enclaves using the SVID voltage scaling interfaceUSENIX Security'21link
SGXoMeter: Open and Modular Benchmarking for Intel SGXEuroSec'21link
Building enclave-native storage engines for practical encrypted databasesVLDB'21link
MigSGX: A Migration Mechanism for Containers Including SGX ApplicationsUCC'21link
Accelerating Encrypted Deduplication via SGXUSENIX ATC'21link
SGX-Stream: A Secure Stream Analytics Framework In SGX-enabled Edge CloudJISA'23link
SGX Switchless Calls Made ConfiglessDSN'23link
HasTEE: Programming Trusted Execution Environments with HaskellHaskell'23link

Do you use or are you familiar with Intel SGX? If yes, we’d appreciate you could fill in this anonymous survey, it takes less than 60 seconds https://forms.gle/HdHqXiBdRp98CU6y7

Unpublished, tech-reports, or open-access:

TitlePDF
Intel SGX Explainedlink
A Blockchain Based on Gossip? – a Position Paperlink
Proof of Luck: an Efficient Blockchain Consensus Protocollink
Malware Guard Extension: Using SGX to Conceal Cache Attackslink
Blockchain and Trusted Computing: Problems, Pitfalls, and a Solution for Hyperledger Fabriclink
DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomizationlink
Practical Enclave Malware with Intel SGXlink
Secure Network Interface with SGXlink
TaLoS: Secure and Transparent TLS Termination inside SGX Enclaveslink
Practical Enclave Malware with Intel SGXlink
EncDBDB: Searchable Encrypted, Fast, Compressed, In-Memory Database using Enclaveslink
HardIDX: Practical and Secure Index with SGXlink
SGAxe: How SGX Fails in Practicelink
Secure ProcessorsPart 1, Part 2
Edgar: Offloading Function Execution to the Ultimate Edgelink