Security News > 2020 > November > Researchers break Intel SGX by creating $30 device to control CPU voltage
Researchers at the University of Birmingham have managed to break Intel SGX, a set of security functions used by Intel processors, by creating a $30 device to control CPU voltage.
Break Intel SGX. The work follows a 2019 project, in which an international team of researchers demonstrated how to break Intel's security guarantees using software undervolting.
A team in the University's School of Computer Science has created a $30 device, called VoltPillager, to control the CPU's voltage - thus side-stepping Intel's fix.
This research takes advantage of the fact that there is a separate voltage regulator chip to control the CPU voltage.
Zitai Chen, a PhD student in Computer Security at the University of Birmingham, says: "This weakness allows an attacker, if they have control of the hardware, to breach SGX security. Perhaps it might now be time to rethink the threat model of SGX. Can it really protect against malicious insiders or cloud providers?".
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/7tKWWGO3_Mo/