- A $ 50 integraser can repeat encryption traffic and undermine the memory of the enclave, experts say
- Intel SGX and AMD SEV-SNP fall to reproduce manipulation
- Hardware level compensation favored scalability, leaving freshness and integrity without protection
Ku Leuven academics and the University of Birmingham have shown how a simple interpoator can undermine hardware protections of Intel and AMD processors.
The teams built and tested a cheap integer for less than $ 50 that feels physically between a CPU and the DDR4 memory modules.
They showed that with these economic components, an attacker can observe, alias and reproduce the encrypted memory traffic to undermine confidence enclaves designed to protect the confidential data in the cloud.
Deterministic encryption of rupture
The Intecoser is a small circuit placed on the memory signal route containing analog switches controlled by a microcontroller.
When turning these switches, the device can selectively redirect or the ground addresses and the command lines so that two different physical addresses point to the same DRAM cells.
Because both SGX and Sev-SNP use deterministic memory encryption that depends on text inputs without format and direction, the same text without format in the same direction always produces the same encrypted text.
Therefore, the attacker captures the encrypted text in an observed direction and then forces the processor to read from an alias direction.
This causes the deterministic encryption to produce a text without a valid deciphered format that is obsolete or the chosen attacker.
This repetition method allows arbitrary readings and deeds in the protected enclave memory in another way in systems where the encryption and semantics of the management allow these operations.
The researchers revealed two separate techniques, RAM and Wiretap, which exploit the deterministic encryption used in reliable execution environments.
In the case of the beating RAM, the method works with the protections of the Intel and AMD processor.
The researchers say it, “exposes the fundamental limits of scalable memory encryption designs currently used by Intel and AMD.”
“Ram […] It is able to introduce alias with dynamically memory in time of execution. As a result, the blow can avoid the verifications of alias of start -up time of Intel and AMD “.
The related Wiretap technique adopts a mapping approach that combines blocks of encrypted text observed at probable values of angry text, which allows the partial reconstruction of secrets used during cryptographic operations and the eventual recovery of certification keys.
Wiretap is based on the construction of a dictionary of encrypted text to known for the values that occur algorithms such as ECDSA.
Then coincide with sequences encrypted against that dictionary until sufficient values are recovered to rebuild the keys.
While Wiretap is more intensive in the team than the RAM prototype of Batir, demonstrates passive deciphering threats that do not require active manipulation.
Because both attacks point to DDR4 signage and depend on deterministic encryption, systems used DDR5 or TDX that avoid deterministic schemes are less vulnerable to these exact methods.
The researchers emphasized that vulnerability comes from a deliberate choice of engineering where determinism and scalability about freshness and integrity were prioritized.
Both Intel and AMD maintain their confidence enclaves are not designed to resist physical attacks, emphasizing their protections focused on commitments at the software level, not on scenarios in which the attackers install hardware between the CPU and memory.
However, the fact that such attacks require only a cheap processor integer raises questions about the practicality of excluding them from the threat model.
The problem solution probably requires hardware changes, such as adopting probabilistic encryption or adding integrity and freshness to memory encryption.
These approaches are more difficult to climb in large memory spaces, which explains why the deterministic designs were chosen.
Until more resistant designs arrive, organizations that use confidential tasks enclaves must recognize that their strongest defenses can fail against attackers with modest resources and physical access.
Through Arstechnica
Keep PakGazette on Google News and Add us as a preferred source To get our news, reviews and opinion of experts in their feeds. Be sure to click on the Force button!
And of course you can also Keep PakGazette in Tiktok For news, reviews, video deciphes and get regular updates from us in WhatsApp also.
You may also like
