This course teaches learners how to implement malware inside Intel SGX to stealthily steal Bitcoins. The course covers topics such as using SGX to implement Bitcoin wallets, cache attacks, prime and rope techniques, physical address manipulation, sidechain resistant crypto, DRM video player exploitation, and more. The teaching method involves a presentation that demonstrates practical implementation and detection evasion techniques. This course is intended for individuals interested in cybersecurity, cryptography, and advanced exploitation techniques.
When Good Turns Evil - Using Intel SGX to Stealthily Steal Bitcoins
Overview
Syllabus
Outline
Introduction to SGX
Using SGX to implement Bitcoin wallets
Bitcoins Signatures
Cache Attacks
Prime and Rope
How does this work
Not that easy
Building the time
Physical address
Physical page
Addresses
Summary
Results
Performance Counter
Solution
Operating System
Hardware
Sidechain resistant crypto
DRM video player
Stealing Bitcoins
The Problem
Validity Period
Double Fetch Back
Shared Memory
Double Fetch Detection
Video Player Exploit
Double Fetches
Atomic Fetches
TFX
How it works
Dropit
Code
Advantages
Takeaways
Out of Scope
Conclusion
Taught by
Black Hat
