{"id":"https://openalex.org/W4405170915","doi":"https://doi.org/10.1145/3658644.3690230","title":"TDXdown: Single-Stepping and Instruction Counting Attacks against Intel TDX","display_name":"TDXdown: Single-Stepping and Instruction Counting Attacks against Intel TDX","publication_year":2024,"publication_date":"2024-12-02","ids":{"openalex":"https://openalex.org/W4405170915","doi":"https://doi.org/10.1145/3658644.3690230"},"language":"en","primary_location":{"id":"doi:10.1145/3658644.3690230","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3690230","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690230","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690230","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5076679616","display_name":"Luca Wilke","orcid":null},"institutions":[{"id":"https://openalex.org/I9341345","display_name":"University of L\u00fcbeck","ror":"https://ror.org/00t3r8h32","country_code":"DE","type":"education","lineage":["https://openalex.org/I9341345"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Luca Wilke","raw_affiliation_strings":["University of L\u00fcbeck, L\u00fcbeck, Germany"],"affiliations":[{"raw_affiliation_string":"University of L\u00fcbeck, L\u00fcbeck, Germany","institution_ids":["https://openalex.org/I9341345"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5042420220","display_name":"Florian Sieck","orcid":"https://orcid.org/0000-0002-1501-0936"},"institutions":[{"id":"https://openalex.org/I9341345","display_name":"University of L\u00fcbeck","ror":"https://ror.org/00t3r8h32","country_code":"DE","type":"education","lineage":["https://openalex.org/I9341345"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Florian Sieck","raw_affiliation_strings":["University of L\u00fcbeck, L\u00fcbeck, Germany"],"affiliations":[{"raw_affiliation_string":"University of L\u00fcbeck, L\u00fcbeck, Germany","institution_ids":["https://openalex.org/I9341345"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5075079896","display_name":"Thomas Eisenbarth","orcid":"https://orcid.org/0000-0003-1116-6973"},"institutions":[{"id":"https://openalex.org/I9341345","display_name":"University of L\u00fcbeck","ror":"https://ror.org/00t3r8h32","country_code":"DE","type":"education","lineage":["https://openalex.org/I9341345"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Thomas Eisenbarth","raw_affiliation_strings":["University of L\u00fcbeck, L\u00fcbeck, Germany"],"affiliations":[{"raw_affiliation_string":"University of L\u00fcbeck, L\u00fcbeck, Germany","institution_ids":["https://openalex.org/I9341345"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5076679616"],"corresponding_institution_ids":["https://openalex.org/I9341345"],"apc_list":null,"apc_paid":null,"fwci":3.2733,"has_fulltext":false,"cited_by_count":9,"citation_normalized_percentile":{"value":0.93227797,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"79","last_page":"93"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9934999942779541,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9886000156402588,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7395247220993042},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.49850893020629883},{"id":"https://openalex.org/keywords/parallel-computing","display_name":"Parallel computing","score":0.4974344074726105}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7395247220993042},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.49850893020629883},{"id":"https://openalex.org/C173608175","wikidata":"https://www.wikidata.org/wiki/Q232661","display_name":"Parallel computing","level":1,"score":0.4974344074726105}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3658644.3690230","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3690230","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690230","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3658644.3690230","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3690230","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690230","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4405170915.pdf"},"referenced_works_count":25,"referenced_works":["https://openalex.org/W1485287820","https://openalex.org/W1520399166","https://openalex.org/W2061643296","https://openalex.org/W2150620897","https://openalex.org/W2606774910","https://openalex.org/W2616901112","https://openalex.org/W2769061097","https://openalex.org/W2795160257","https://openalex.org/W2885297972","https://openalex.org/W2890914193","https://openalex.org/W2897106820","https://openalex.org/W2976763854","https://openalex.org/W3015806656","https://openalex.org/W3016293720","https://openalex.org/W3020133545","https://openalex.org/W3096664316","https://openalex.org/W3098582260","https://openalex.org/W3100785504","https://openalex.org/W3103974952","https://openalex.org/W3112409568","https://openalex.org/W3153001680","https://openalex.org/W3214700734","https://openalex.org/W4233119454","https://openalex.org/W4288057728","https://openalex.org/W4308641902"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W4391913857","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052"],"abstract_inverted_index":{"Trusted":[0,27],"Execution":[1,28],"Environments":[2,29],"are":[3,40],"a":[4,20,73,108,173,205,233,242,254],"promising":[5],"solution":[6],"for":[7,127],"solving":[8],"the":[9,51,57,64,68,100,119,128,133,140,153,158,166,177,182,191,195,201,220],"data":[10],"privacy":[11],"and":[12,78,125,216],"trust":[13],"issues":[14],"introduced":[15],"by":[16,56,151,200],"cloud":[17],"computing.":[18],"As":[19],"result,":[21],"all":[22],"major":[23],"CPU":[24],"vendors":[25],"integrated":[26],"(TEEs)":[30],"into":[31],"their":[32],"CPUs.":[33,228],"The":[34],"biggest":[35],"threat":[36],"to":[37,49,66,103,210,277,279],"TEE":[38,58,69],"security":[39,81,155],"side-channel":[41,79,189,245],"attacks,":[42,214],"of":[43,122,165,197,257],"which":[44,92,265],"single-stepping":[45,61,110,120,178,215,270],"attacks":[46,62],"turned":[47],"out":[48],"be":[50,144],"most":[52,221],"powerful":[53],"ones.":[54],"Enabled":[55],"attacker":[59,65],"model,":[60],"allow":[63],"execute":[67],"one":[70],"instruction":[71],"at":[72],"time,":[74,130],"enabling":[75,204],"numerous":[76],"controlled-":[77],"based":[80],"issues.":[82],"Intel":[83,86,123,223],"recently":[84],"launched":[85],"TDX,":[87],"its":[88,247],"second":[89],"generation":[90,250],"TEE,":[91],"protects":[93],"whole":[94],"virtual":[95],"machines":[96],"(VMs).":[97],"To":[98],"minimize":[99],"attack":[101,111,207,236],"surface":[102],"side-channels,":[104],"TDX":[105,124,154,224,278],"comes":[106],"with":[107,268],"dedicated":[109],"countermeasure.":[112],"In":[113],"this":[114],"paper,":[115],"we":[116,208,231,266,273],"systematically":[117],"analyze":[118],"countermeasure":[121,179],"show,":[126],"first":[129],"that":[131,180],"both,":[132],"built-in":[134],"detection":[135,167],"heuristic":[136],"as":[137,139,163,211],"well":[138],"prevention":[141,183,192],"mechanism,":[142],"can":[143],"circumvented.":[145],"We":[146,252],"reliably":[147],"single-step":[148],"TDX-protected":[149,202],"VMs":[150],"deluding":[152],"monitor":[156],"about":[157],"elapsed":[159],"processing":[160],"time":[161],"used":[162],"part":[164],"heuristic.":[168],"Moreover,":[169],"our":[170,269,281],"study":[171,256],"reveals":[172],"design":[174,275],"flaw":[175],"in":[176,246,263],"turns":[181],"mechanism":[184,193],"against":[185,237],"itself:":[186],"An":[187],"inherent":[188],"within":[190],"leaks":[194],"number":[196],"instructions":[198],"executed":[199],"VM,":[203],"novel":[206,234],"refer":[209],"StumbleStepping.":[212],"Both":[213],"StumbleStepping,":[217,230],"work":[218],"on":[219],"recent":[222],"enabled":[225],"Xeon":[226],"Scalable":[227],"Using":[229],"demonstrate":[232],"end-to-end":[235],"wolfSSL's":[238],"ECDSA":[239],"implementation,":[240],"exploiting":[241],"control":[243],"flow":[244],"truncation-based":[248],"nonce":[249],"algorithm.":[251],"provide":[253],"systematic":[255],"nonce-truncation":[258],"implementations,":[259],"revealing":[260],"similar":[261],"leakages":[262],"OpenSSL,":[264],"exploit":[267],"primitive.":[271],"Finally,":[272],"propose":[274],"changes":[276],"mitigate":[280],"attacks.":[282]},"counts_by_year":[{"year":2025,"cited_by_count":9}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}