A $50 'Battering RAM' Can Bust Confidential Computing

[Miravi]

Content source

https://www.darkreading.com/cloud-security/50-battering-ram-bust-confidential-computing

Security researchers have built a $50 device that can bypass the confidential computing defenses of both Intel and AMD processors used in hardware powering cloud environments, thus allowing attackers to break encryption designed to protect sensitive data.

An attack called "Battering RAM" can break through both Intel SGX and AMD SEV-SNP processor defenses "designed to protect sensitive workloads from compromised hosts, malicious cloud providers, or rogue employees," according to the researchers at KU Leuven and the University of Birmingham/Durham University who developed the attack.

"Modern computers use memory modules (DRAM) to store everything in use: from photos and passwords to credit card numbers," according to the research team's website. "Public cloud providers increasingly deploy hardware-level memory encryption to protect this sensitive data."

The researchers demonstrate how they can break this encryption by building a low-cost imposer that sits in the memory path of the processor-based memory encryption that cloud-based systems use to protect sensitive data. The imposer — which is invisible to the OS — can bypass both SGX-protected memory as well as break SEV's attestation feature on systems without other vulnerabilities present.

The researchers said that "with a flip of a switch, our interposer turns malicious and silently redirects protected addresses to attacker-controlled locations, allowing corruption or replay of encrypted memory."

Further reading: https://www.darkreading.com/cloud-security/50-battering-ram-bust-confidential-computing

 

[simmerskool]

from the article >> For the attack to be successful, however, it requires that someone have one-time physical access to the hardware system, even if only for a short time. <<

 

[bazang]

Uh oh. Now all my Intel and AMD systems are... quite useless... because of this report.

I have to run out and buy all Apple and ARM replacement systems.

This IT and security hobby has become more expensive than (street) drugs.

Maybe, just maybe, it would be better if I just returned to pencil and paper.