""We show how one can build a device to physically inspect all memory traffic inside a computer cheaply and easily, in environments with only basic electrical tools, and using equipment easily purchased on the internet," the researchers said. "Using our interposer device against SGX's attestation mechanism, we are able to extract an SGX secret attestation key from a machine in fully trusted status, thereby breaching SGX's security.""
""Like the Battering RAM attack recently disclosed by KU Leuven and the University of Birmingham researchers, the newly devised method - codenamed WireTap - relies on an interposer that sits between the CPU and the memory module to observe the data that flows between them. The interposer can be installed by a threat actor either through a supply chain attack or physical compromise.""
Intel SGX aims to protect enclave memory and CPU state even if the operating system is compromised. A physical interposer placed between CPU and DDR4 memory can passively observe memory traffic using inexpensive, easily purchased tools. The interposer technique, codenamed WireTap and similar to Battering RAM, leverages deterministic memory encryption to enable full key recovery against the Quoting Enclave (QE). An extracted ECDSA attestation/signing key can sign arbitrary enclave reports and undermine SGX attestation and confidentiality. The interposer can be introduced via supply-chain tampering or direct physical compromise, creating a practical hardware-based attack vector against SGX on DDR4.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]