GitBook: [master] 23 pages and 24 assets modified

Author: sangfansh

.gitbook/assets/aesm.png

@@ -0,0 +1,33 @@
+---
+layout: page
+title: SGX 101
+sidebar_sort_order: 1
+description: The very first place to study Intel SGX.
+---
+
+# Home
+
+## [SSLab](sslab.md)
+
+SSLab represents the [Systems Software & Security Lab](https://gts3.org/) from Georgia Institute of Technology led by [Prof. Taesoo Kim](https://taesoo.kim/).
+
+We have been actively working on SGX related research. These research projects can be broadly classified into three different categories: System Design, Defense, and Attack.
+
+* Please take a look at our achievements on Attacks and Defenses for Intel SGX \(download link blow\). Demo videos can be viewed under [SGX Bootstrap/CCS17 Tutorial](sgx-bootstrap/ccs17-tutorial.md).
+
+{% file src=".gitbook/assets/security-issues.pdf" caption="Attacks and Defenses for Intel SGX" %}
+
+## [SGX Bootstrap](sgx-bootstrap/)
+
+This is the very place to learn building your first application with Intel SGX in mind.
+
+## [SGX Security](sgx-security/)
+
+Intel SGX is not as secure as we thought.
+
+## [Other Resources](resources.md)
+
+Here you can look up various resources related to Intel SGX for reference.
+
+## [About Us](about-us.md)
+

.gitbook/assets/aesm.socket.png

@@ -0,0 +1,25 @@
+# Table of contents
+
+* [Home](README.md)
+* [SSLab](sslab.md)
+* [SGX Bootstrap](sgx-bootstrap/README.md)
+  * [Overview](sgx-bootstrap/overview.md)
+  * [Enclave](sgx-bootstrap/enclave/README.md)
+    * [Communication between Architectural and Application Enclaves](sgx-bootstrap/enclave/interaction-between-pse-and-application-enclaves.md)
+  * [Attestation](sgx-bootstrap/attestation/README.md)
+    * [Inter-process Local Attestation](sgx-bootstrap/attestation/inter-process-local-attestation.md)
+  * [Sealing](sgx-bootstrap/sealing.md)
+  * [Real-world Example](sgx-bootstrap/real-world-example.md)
+  * [CCS'17 Tutorial](sgx-bootstrap/ccs17-tutorial.md)
+  * [Technion'18 Summer School Program](sgx-bootstrap/technion18-summer-school-program.md)
+* [SGX Security](sgx-security/README.md)
+  * [Memory Corruption](sgx-security/memory-corruption.md)
+  * [Uninitialized Memory](sgx-security/uninitialized-memory.md)
+  * [Page-table-based Attacks](sgx-security/page-table-based-attack.md)
+  * [Cache Attacks](sgx-security/cache-attack.md)
+  * [Branch Shadowing](sgx-security/branch-shadowing.md)
+  * [Row Hammer Attacks](sgx-security/row-hammer-attack.md)
+  * [Speculative Execution Side Channels](sgx-security/speculative-side-channels.md)
+* [Other Resources](resources.md)
+* [About Us](about-us.md)
+

.gitbook/assets/aesm_position.png

@@ -0,0 +1,21 @@
+---
+layout: page
+title: About Us
+sidebar_link: true
+sidebar_sort_order: 5
+---
+
+# About Us
+
+## Systems Software & Security Lab
+
+We build practical systems with focuses on security, performance, robustness, or often just for fun. Our research projects have been published in top academic conferences, and have made great impacts on real programs, such as Firefox, Android, and the Linux kernel, that you might be using every day. If you are interested in hacking with us, please drop us an email via [[email protected]](mailto:[email protected]).
+
+## Location
+
+Klaus Advanced Computing Building, 266 Ferst Dr NW, Atlanta GA 30332-0765 [\(map\)](http://goo.gl/maps/1gbI8)
+
+## More
+
+For more information, please visit [gts3.org](https://gts3.org/).
+

.gitbook/assets/attestation.png

@@ -0,0 +1,47 @@
+---
+layout: page
+title: Resources
+sidebar_link: true
+sidebar_sort_order: 4
+description: A collection of study resources related to Intel SGX technology.
+---
+
+# Other Resources
+
+## From Intel
+
+* [SGX developer guide from Intel](https://software.intel.com/en-us/documentation/sgx-developer-guide).
+* [This](http://tce.webee.eedev.technion.ac.il/wp-content/uploads/sites/8/2015/10/SGX-for-Technion-TCE.pdf) is a comprehensive introduction of SGX presented by Dror Caspi from Intel in Israel Institute of Technology.
+* [Introducing the Intel® Software Guard Extensions Tutorial Series](https://software.intel.com/en-us/articles/introducing-the-intel-software-guard-extensions-tutorial-series) is a set of tutorial blogs provided by Intel, which is focused on developing SGX applications for Windows platform.
+* [This blog form Intel](https://software.intel.com/en-us/blogs/2016/06/10/overview-of-intel-software-guard-extensions-instructions-and-data-structures) provides the overview of the instructions and data structures used in SGX. It's useful as a reference for technical terms.
+* [This blog from Intel](https://software.intel.com/en-us/articles/code-sample-intel-software-guard-extensions-remote-attestation-end-to-end-example) explains the Remote Attestation code example provided by Intel. Note that the code example from SGX SDK does not include the actual provisioning process with Intel Attestation Service.
+* [Innovative Technology for CPU Based Attestation and Sealing](https://software.intel.com/en-us/articles/innovative-technology-for-cpu-based-attestation-and-sealing) is the initial white paper for the attestation and sealing techniques now offered by SGX.
+* [Attestation Service for Intel® Software Guard Extensions \(Intel® SGX\): API Documentation](https://software.intel.com/sites/default/files/managed/7e/3b/ias-api-spec.pdf) provides the reference on how to interact with Intel Attestation Service using RESTful API.
+* [Enhanced Privacy ID: A Direct Anonymous Attestation Scheme with Enhanced Revocation Capabilities](https://eprint.iacr.org/2007/194.pdf) is the initial paper from Intel that proposes Enhanced Privacy ID, the anonymous attestation scheme that is adopted by Intel Attestation Service.
+* [Integrating Remote Attestation with Transport Layer Security](https://arxiv.org/pdf/1801.05863.pdf) introcudes how to use remote attestation to achieve a TLS connection.
+* [This blog from Intel](https://eprint.iacr.org/2016/086.pdf) introduces the primitives associated with SGX sealing process. [More details](https://software.intel.com/en-us/node/702997) are also available from SGX developer guide.
+
+## From Others
+
+* [Intel SGX Explained](https://eprint.iacr.org/2016/086.pdf) is a comprehensive introduction to the technology, including the architecture background and the implementation. A must-have.
+* [Trust is in the Keys of the Beholder: Extending SGX Autonomy and Anonymity](https://www.idc.ac.il/en/schools/cs/research/Documents/jackson-msc-thesis.pdf) is the dissertation for MS degree by Alon Jackson. It offers an extensive description of the SGX ecosystem and evaluations of SGX security guarentees.
+* [SGX Secure Enclaves in Practice](https://www.blackhat.com/docs/us-16/materials/us-16-Aumasson-SGX-Secure-Enclaves-In-Practice-Security-And-Crypto-Review.pdf) is a review slides of the technology during BlackHat 2016. [This](https://github.com/kudelskisecurity/sgxfun/blob/master/paper/sgxpaper.md) is the corresponding review paper.
+* [Information Security – Theory vs. Reality](http://www.cs.tau.ac.il/~tromer/istvr1516-files/lecture10-trusted-platform-sgx.pdf) is another good intruduction slides from Tel Aviv University.
+* [Intel SGX Instructions in Enclave Initialization](https://insujang.github.io/2017-04-05/intel-sgx-instructions-in-enclave-initialization/) is a blog that explores and explains the implementation details of SGX enclave initialization very well.
+* [SGX attestation process](https://courses.cs.ut.ee/MTAT.07.022/2017_spring/uploads/Main/hiie-report-s16-17.pdf) is a report from University of Tartu that gives a good high level explanation of attestation process.
+* [Intel SGX Sealing](https://insujang.github.io/2017-10-09/intel-sgx-sealing/) is a blog that explains the details of SGX sealing process very well.
+
+## Papers
+
+Below are the best places to keep track of SGX related research papers for general purposes:
+
+* [SGX Reading List](http://ina.kaist.ac.kr/~dongsuh/SGXReadingList.html) A well categorized SGX reading list.
+* [An up-to-date list of system papers related to Intel SGX](https://github.com/vschiavoni/sgx-papers)
+
+## Useful
+
+Other useful recources:
+
+* [A list of hardwares that support Intel SGX](https://github.com/ayeks/SGX-hardware)
+* [Command-line tools to analyze SGX related binaries](https://github.com/kudelskisecurity/sgxfun)
+

.gitbook/assets/christof.pdf

@@ -0,0 +1,31 @@
+---
+layout: page
+title: SGX Bootstrap
+sidebar_link: true
+sidebar_sort_order: 3
+description: >-
+  This is the very place to learn building your first application with Intel SGX
+  in mind.
+---
+
+# SGX Bootstrap
+
+## Contents
+
+###     1. [Overview](overview.md)
+
+###     2. [Enclave](enclave/)
+
+###     3. [Attestation](attestation/)
+
+###     4. [Sealing](sealing.md)
+
+###     5. [Real-world Example](real-world-example.md)
+
+###     6. [Security Issues](../sgx-security/)
+
+## Bonus
+
+* A very good three-day security seminar from [Technion'18 summer school program](technion18-summer-school-program.md).
+* A must-read overall review of Intel SGX from CCS'17: [CCS17 Tutorial](ccs17-tutorial.md)
+