"A group of academic researchers from Georgia Tech and Purdue University has demonstrated that a passive DIMM interposer can be used to break Intel SGX's DCAP attestation mechanism. Called WireTap (PDF), the attack requires physical access to a server that uses SGX, and relies on an interposer that can be constructed using readily-available second-hand electronics for less than $1,000. Intel SGX (Software Guard Extensions) is built into some Intel CPUs"
"The compromised key, the academics explain, can then be used to break confidentiality guarantees of numerous deployments, such as the Phala and Secret privacy-preserving smart contract networks, and the Crust centralized blockchain storage system. In their attacks against Phala and Secret, the academics were able to extract keys for contract data encryption by forging quotes in a custom quoting enclave, which allowed them to decrypt the smart contract state across the network."
A passive DIMM interposer named WireTap can break Intel SGX's DCAP attestation by intercepting and slowing DDR4 bus traffic, enabling cache-flush control and cryptographic targeting to extract the attestation key within about 45 minutes. The interposer can be assembled from second-hand components for under $1,000 and requires physical access to the target server. Extraction of the attestation key permits forging of SGX quotes and recovery of encrypted contract data on networks like Phala and Secret, and allows faked storage proofs on systems like Crust, undermining confidentiality, integrity, and correctness of affected deployments.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]