The point of the enclave is so that you can have a provider operate the hardware without access to any unencrypted data. That's why they go through the trouble of encrypting the data on the wires in the first place. So it wouldn't be a physical intrusion of the building or access to the machine as they are operators and should have it. What they shouldn't have is access to unencrypted data.
I think I maybe wasn't clear: this attack, this breach of the encrypted flows between the CPUs and the enclave, THATS what depends on physical access. To intrude hardware, which exhilarates state, which because of simplifying (speeding up) decisions, uses deterministic encoding for values, and so admits replay attack possibilities.
If you have access to the hardware to interpose a device in between the CPUs and the trusted execution hardware.
So unless I miss something it's not a remote exercise, it demands physical intrusion.
The point of the enclave is so that you can have a provider operate the hardware without access to any unencrypted data. That's why they go through the trouble of encrypting the data on the wires in the first place. So it wouldn't be a physical intrusion of the building or access to the machine as they are operators and should have it. What they shouldn't have is access to unencrypted data.
I think I maybe wasn't clear: this attack, this breach of the encrypted flows between the CPUs and the enclave, THATS what depends on physical access. To intrude hardware, which exhilarates state, which because of simplifying (speeding up) decisions, uses deterministic encoding for values, and so admits replay attack possibilities.