Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

Rollback open file at Protected File System Library

Benny_F_
Beginner
‎09-18-2019 08:51 AM
469 Views

Hello all,

currently, I use the Intel Protected File System Library for my research and I have a question regarding its security guarantees. I already checked the description in the Developer Reference and the following blog post, but my question is not answered.

The question in short: once a file is opened, can an attacker swap the file content?

More details:
According to the reference, the library does not protect against swapping of files with the same name, as only the name is checked. Therefore, it is clear that an attacker can perform a rollback attack, i.e., if a file with the name xyz was updated, an attacker can afterwards replace the updated version with the old one and the library would not notice it. 
The important aspect of my question is if swapping is possible if the file is already open. An example scenario: the enclave opens a file, reads the first 4kB chunk of the file, then does some other operations, and finally reads another 4kB chunk. Can the enclave be sure that an attacker did not rollback the file between the two chunk reads? 

I consider this protection possible, as the enclave only has to cache the metadata node (referenced in the blog post)  on a file open and use the cached version for all reads. However, I do not know if this is done.

Thank you and best regards
Benny

 


 

 

0 Kudos

Link Copied

1 Reply
Tian__Tate
Beginner
‎09-18-2019 10:28 PM
469 Views

Hi Benny, 

I think it has been done.

Check out the definition of `class protected_fs_file`, which represents an opened SGX-protected file. The class has a field named `meta_data_encrypted_t encrypted_part_plain`. This field contains the root hash of the merkle hash tree that protects a SGX-protected file. See definition of `meta_data_encrypted_t` is here. So the root hash is always kept in memory while the SGX-protected file is opened. So swapping part of the hash tree is not possible.

Tate

 

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.