Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.
1265 Discussions

Question about Monotonic Counter on hard-disk-clone-replay attack

chaoshun_z_
Beginner
266 Views

Hi,

Currently I am working on Monotonic Counter.  From "Intel SGX SDK Developer Reference for Windows OS.pdf", I noticed that Monotonic Counter can defend Replay Attack by compare the saved previous counter value and current value of Monotonic Counter.

However, it seems the  Monotonic Counter value is exists in non-volatile memory or sealed data. In this way, it seems Monotonic Counter can't defend hard-disk-clone-replay attack. By "hard-disk-clone-replay attack", I mean in Enterprise Rights Management (ERM) type usages, the attacker first clone the disk (including sealed data since it also on the disk) and then replace the disk once the attacker has reached the max-time to read the protected secret document.

Does  Monotonic Counter help under this kind of attack? I think the key question is whether we can save information in the CPU even after reboot or not.

Thank you,
Chao

0 Kudos
1 Solution
Raoul
Novice
266 Views

The value of the monotonic counter is stored in the management engine (ME), not the hard disk drive. It is thus not affected by hard disk clone attacks.

You may also be interested in this paper that offers some stronger security guarantees:

https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_strackx.pdf

(full disclosure: this is my work :) )

View solution in original post

2 Replies
Raoul
Novice
267 Views

The value of the monotonic counter is stored in the management engine (ME), not the hard disk drive. It is thus not affected by hard disk clone attacks.

You may also be interested in this paper that offers some stronger security guarantees:

https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_strackx.pdf

(full disclosure: this is my work :) )

chaoshun_z_
Beginner
266 Views

@Raoul         ​Thank you, that's really helpful. I am reading your paper, cool stuff ! 

Reply