This study addresses the vulnerability of Intel SGX applications to forking (cloning) attacks, wherein multiple enclave instances on the same platform cannot be distinguished, thereby undermining security guarantees. For the first time, the authors conduct a large-scale empirical analysis of 72 SGX-based schemes, systematically evaluating their resilience against cloning attacks through a combination of trusted execution environment security modeling and concrete attack vectors. The investigation reveals that approximately 20% of the examined schemes—including some explicitly designed to defend against rollback attacks—remain susceptible to cloning vulnerabilities. These findings demonstrate that the threat of forking attacks has been persistently overlooked despite its widespread implications, highlighting significant gaps in current protection mechanisms and underscoring the urgent need for more robust defenses.

Trusted Execution Environments (TEEs) are gaining popularity as an effective means to provide confidentiality in the cloud. TEEs, such as Intel SGX, suffer from so-called rollback and cloning attacks (often referred to as forking attacks). Rollback attacks are enabled by the lack of freshness guarantees for sealed data; cloning attacks stem from the inability to determine if other instances of an enclave are running on the same platform. While rollback attacks have been extensively studied by the community, cloning attacks have been, unfortunately, less investigated. To address this gap, we extensively study and thoroughly analyze the susceptibility of 72 SGX-based proposals to cloning attacks. Our results show that roughly 20% of the analyzed proposals are insecure against cloning attacks-including those applications that rely on monotonic counters and are, therefore, secure against rollback attacks.