"In the age of cloud computing, protections baked into chips from Intel, AMD, and others are essential for ensuring confidential data and sensitive operations can't be viewed or manipulated by attackers who manage to compromise servers running inside a data center. In many cases, these protections-which work by storing certain data and processes inside encrypted enclaves known as TEEs ( Trusted Execution Enclaves)-are essential for safeguarding secrets stored in the cloud by the likes of Signal Messenger and WhatsApp."
"Over the years, researchers have repeatedly broken the security and privacy promises that Intel and AMD have made about their respective protections. On Tuesday, researchers independently published two papers laying out separate attacks that further demonstrate the limitations of SGX and SEV-SNP. One attack, dubbed Battering RAM, defeats both protections and allows attackers to not only view encrypted data but also to actively manipulate it to introduce software backdoors or to corrupt data."
Chip-level protections such as Intel SGX and AMD SEV-SNP place sensitive data and operations inside encrypted TEEs to prevent cloud attackers from viewing or manipulating secrets. Two independently published attacks, Battering RAM and Wiretap, exploit deterministic encryption used by these TEEs. Both attacks employ an interposer placed between CPU silicon and memory to observe data traffic. Battering RAM enables active manipulation of encrypted memory to implant backdoors or corrupt data. Wiretap can passively decrypt SGX-protected data while remaining invisible. Deterministic encryption combined with physical access undermines both confidentiality and integrity guarantees of current TEEs.
Read at Ars Technica
Unable to calculate read time
Collection
[
|
...
]