"The findings come weeks after the release of two other attacks aimed at TEEs, such as Battering RAM and WireTap. Unlike these techniques that target systems using DDR4 memory, TEE.Fail is the first attack to be demonstrated against DDR5, meaning they can be used to undermine the latest hardware security protections from Intel and AMD. The latest study has found that the AES-XTS encryption mode used by Intel and AMD is deterministic and, therefore, not sufficient to prevent physical memory interposition attacks."
""This allows us for the first time to extract cryptographic keys from Intel TDX and AMD SEV-SNP with Ciphertext Hiding, including in some cases secret attestation keys from fully updated machines in trusted status," the researchers noted on an informational site. "Beyond breaking CPU-based TEEs, we also show how extracted attestation keys can be used to compromise Nvidia's GPU Confidential Computing, allowing attackers to run AI workloads without any TEE protections.""
An interposition side-channel attack can physically inspect DDR5 memory traffic using off-the-shelf equipment costing under $1,000. The attack enables extraction of cryptographic and attestation keys from CPU TEEs including Intel SGX/TDX and AMD SEV-SNP with Ciphertext Hiding. Extracted attestation keys can be used to undermine GPU confidential computing, permitting unprotected AI workloads. AES-XTS encryption mode used by Intel and AMD is deterministic and insufficient to stop memory interposition. The technique is demonstrated on DDR5, distinguishing it from earlier DDR4 attacks such as Battering RAM and WireTap, and can record reads and writes to enable key recovery.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]