{"id":"https://openalex.org/W2996753292","doi":"https://doi.org/10.13154/tches.v2020.i1.321-347","title":"Bluethunder: A 2-level Directional Predictor Based Side-Channel Attack against SGX","display_name":"Bluethunder: A 2-level Directional Predictor Based Side-Channel Attack against SGX","publication_year":2019,"publication_date":"2019-11-19","ids":{"openalex":"https://openalex.org/W2996753292","doi":"https://doi.org/10.13154/tches.v2020.i1.321-347","mag":"2996753292"},"language":"en","primary_location":{"id":"pmh:oai:doaj.org/article:34eabc83705e4ab5910b652180bd2a07","is_oa":true,"landing_page_url":"https://doaj.org/article/34eabc83705e4ab5910b652180bd2a07","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Transactions on Cryptographic Hardware and Embedded Systems, Vol 2020, Iss 1 (2019)","raw_type":"article"},"type":"article","indexed_in":["datacite","doaj"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doaj.org/article/34eabc83705e4ab5910b652180bd2a07","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5055848285","display_name":"Tianlin Huo","orcid":null},"institutions":[{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Huo, Tianlin","raw_affiliation_strings":["University of Chinese Academy of Sciences; Institute of Software, CAS"],"affiliations":[{"raw_affiliation_string":"University of Chinese Academy of Sciences; Institute of Software, CAS","institution_ids":["https://openalex.org/I4210128818","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5067943861","display_name":"Xiaoni Meng","orcid":"https://orcid.org/0000-0002-7993-1865"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Meng, Xiaoni","raw_affiliation_strings":["University of Chinese Academy of Sciences; Institute of Software, CAS"],"affiliations":[{"raw_affiliation_string":"University of Chinese Academy of Sciences; Institute of Software, CAS","institution_ids":["https://openalex.org/I4210128818","https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100390305","display_name":"Wenhao Wang","orcid":"https://orcid.org/0000-0001-7294-2724"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Wang, Wenhao","raw_affiliation_strings":["SKLOIS Institute of Information Engineering, CAS"],"affiliations":[{"raw_affiliation_string":"SKLOIS Institute of Information Engineering, CAS","institution_ids":["https://openalex.org/I4210156404"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5001887781","display_name":"Chunliang Hao","orcid":null},"institutions":[{"id":"https://openalex.org/I4210162213","display_name":"China Electronics Standardization Institute","ror":"https://ror.org/05hxrpj87","country_code":"CN","type":"facility","lineage":["https://openalex.org/I4210162213","https://openalex.org/I890469752"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Hao, Chunliang","raw_affiliation_strings":["China Electronics Standardization Institute"],"affiliations":[{"raw_affiliation_string":"China Electronics Standardization Institute","institution_ids":["https://openalex.org/I4210162213"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5105973509","display_name":"Pei Zhao","orcid":null},"institutions":[{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhao, Pei","raw_affiliation_strings":["Institute of Software, CAS"],"affiliations":[{"raw_affiliation_string":"Institute of Software, CAS","institution_ids":["https://openalex.org/I4210128818"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102346667","display_name":"Jian Zhai","orcid":null},"institutions":[{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhai, Jian","raw_affiliation_strings":["Institute of Software, CAS"],"affiliations":[{"raw_affiliation_string":"Institute of Software, CAS","institution_ids":["https://openalex.org/I4210128818"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5091468980","display_name":"Mingshu Li","orcid":"https://orcid.org/0000-0002-5129-6097"},"institutions":[{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Li, Mingshu","raw_affiliation_strings":["Institute of Software, CAS"],"affiliations":[{"raw_affiliation_string":"Institute of Software, CAS","institution_ids":["https://openalex.org/I4210128818"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5055848285"],"corresponding_institution_ids":["https://openalex.org/I4210128818","https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":1.7365,"has_fulltext":false,"cited_by_count":20,"citation_normalized_percentile":{"value":0.89032592,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9970999956130981,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/side-channel-attack","display_name":"Side channel attack","score":0.8164342641830444},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8111572265625},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6558557748794556},{"id":"https://openalex.org/keywords/guard","display_name":"Guard (computer science)","score":0.6319004893302917},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.44914960861206055},{"id":"https://openalex.org/keywords/control-flow","display_name":"Control flow","score":0.43434345722198486},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.4282549023628235},{"id":"https://openalex.org/keywords/hypervisor","display_name":"Hypervisor","score":0.422887921333313},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3815651834011078},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.3305058181285858},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.32053565979003906},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.2831653952598572},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.12886270880699158}],"concepts":[{"id":"https://openalex.org/C49289754","wikidata":"https://www.wikidata.org/wiki/Q2267081","display_name":"Side channel attack","level":3,"score":0.8164342641830444},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8111572265625},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6558557748794556},{"id":"https://openalex.org/C141141315","wikidata":"https://www.wikidata.org/wiki/Q2379942","display_name":"Guard (computer science)","level":2,"score":0.6319004893302917},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.44914960861206055},{"id":"https://openalex.org/C160191386","wikidata":"https://www.wikidata.org/wiki/Q868299","display_name":"Control flow","level":2,"score":0.43434345722198486},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.4282549023628235},{"id":"https://openalex.org/C112904061","wikidata":"https://www.wikidata.org/wiki/Q1077480","display_name":"Hypervisor","level":4,"score":0.422887921333313},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3815651834011078},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.3305058181285858},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.32053565979003906},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.2831653952598572},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.12886270880699158},{"id":"https://openalex.org/C513985346","wikidata":"https://www.wikidata.org/wiki/Q270471","display_name":"Virtualization","level":3,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"pmh:oai:doaj.org/article:34eabc83705e4ab5910b652180bd2a07","is_oa":true,"landing_page_url":"https://doaj.org/article/34eabc83705e4ab5910b652180bd2a07","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Transactions on Cryptographic Hardware and Embedded Systems, Vol 2020, Iss 1 (2019)","raw_type":"article"},{"id":"doi:10.13154/tches.v2020.i1.321-347","is_oa":true,"landing_page_url":"https://doi.org/10.13154/tches.v2020.i1.321-347","pdf_url":null,"source":{"id":"https://openalex.org/S7407052971","display_name":"UB Bochum","issn_l":null,"issn":[],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article-journal"}],"best_oa_location":{"id":"pmh:oai:doaj.org/article:34eabc83705e4ab5910b652180bd2a07","is_oa":true,"landing_page_url":"https://doaj.org/article/34eabc83705e4ab5910b652180bd2a07","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Transactions on Cryptographic Hardware and Embedded Systems, Vol 2020, Iss 1 (2019)","raw_type":"article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.5099999904632568}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":1,"referenced_works":["https://openalex.org/W1560720671"],"related_works":["https://openalex.org/W2791034507","https://openalex.org/W2807459027","https://openalex.org/W2606774910","https://openalex.org/W2550858797","https://openalex.org/W2593994116","https://openalex.org/W2963311060","https://openalex.org/W2890914193","https://openalex.org/W2809372447","https://openalex.org/W2807403537","https://openalex.org/W2726246108","https://openalex.org/W2594560662","https://openalex.org/W2397423248","https://openalex.org/W2150620897","https://openalex.org/W3028997697","https://openalex.org/W2080672785","https://openalex.org/W3030183593","https://openalex.org/W2185430182","https://openalex.org/W2062736835","https://openalex.org/W3214700734","https://openalex.org/W2006977529"],"abstract_inverted_index":{"Software":[0],"Guard":[1],"Extension":[2],"(SGX)":[3],"is":[4,148],"a":[5,32,75,154,236],"hardware-based":[6],"trusted":[7],"execution":[8],"environment":[9,35],"(TEE)":[10],"implemented":[11],"in":[12,117,137,173,177,190,221,235],"recent":[13,43],"Intel":[14,179],"commodity":[15],"processors.":[16],"By":[17],"isolating":[18],"the":[19,96,113,118,133,141,145,158,169,174,178,184,211,222,228],"memory":[20],"of":[21,124,143,186],"security-critical":[22],"applications":[23],"from":[24],"untrusted":[25],"software,":[26],"this":[27,71],"mechanism":[28],"provides":[29],"users":[30],"with":[31,59,205,232],"strongly":[33],"shielded":[34],"called":[36],"enclave":[37,204],"for":[38],"executing":[39],"programs":[40],"safely.":[41],"However,":[42],"studies":[44],"have":[45,65],"demonstrated":[46],"that":[47,196],"SGX":[48,85,180],"enclaves":[49],"are":[50],"vulnerable":[51],"to":[52,57,103,131],"side-channel":[53,82],"attacks.":[54],"In":[55,70],"order":[56],"deal":[58],"these":[60],"attacks,":[61],"several":[62],"protection":[63,92],"techniques":[64,93],"been":[66],"studied":[67],"and":[68,94,182],"utilized.":[69],"paper,":[72],"we":[73,126],"explore":[74],"new":[76],"pattern":[77],"history":[78],"table":[79],"(PHT)":[80],"based":[81],"attack":[83,216],"against":[84],"named":[86],"Bluethunder,":[87],"which":[88,125,209],"can":[89,152,198,226],"bypass":[90],"existing":[91,104],"reveal":[95],"secret":[97],"information":[98,172,201],"inside":[99,202],"an":[100,128,138,203],"enclave.":[101,139],"Comparing":[102],"PHT-based":[105,213],"attacks":[106,163,194],"(such":[107],"as":[108],"Branchscope":[109],"[ERAG+18]),":[110],"Bluethunder":[111,151,197,225],"abuses":[112],"2-level":[114,146],"directional":[115],"predictor":[116,147],"branch":[119],"prediction":[120],"unit,":[121],"on":[122,164],"top":[123],"develop":[127],"exploitation":[129],"methodology":[130],"disclose":[132],"input-dependent":[134],"control":[135],"flow":[136],"Since":[140],"cost":[142],"training":[144,207],"pretty":[149],"low,":[150],"achieve":[153],"high":[155],"bandwidth":[156],"during":[157],"attack.":[159],"We":[160],"evaluate":[161],"our":[162],"two":[165],"case":[166],"studies:":[167],"extracting":[168],"format":[170],"string":[171],"vfprintf":[175],"function":[176],"SDK":[181],"attacking":[183],"implementation":[185],"RSA":[187,229],"decryption":[188],"algorithm":[189],"mbed":[191],"TLS.":[192],"Both":[193],"show":[195],"recover":[199,227],"fine-grained":[200],"low":[206],"overhead,":[208],"outperforms":[210],"latest":[212],"side":[214],"channel":[215],"(Branchscope)":[217],"by":[218],"52\u00d7.":[219],"Specifically,":[220],"second":[223],"attack,":[224],"private":[230],"key":[231],"96.76%":[233],"accuracy":[234],"single":[237],"run.":[238]},"counts_by_year":[{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":5},{"year":2020,"cited_by_count":5}],"updated_date":"2026-03-25T14:56:36.534964","created_date":"2025-10-10T00:00:00"}