Security News > 2020 > November > VoltPillager: New Hardware-Based Voltage Manipulation Attack Against Intel SGX
A group of researchers from the University of Birmingham has devised a new attack that can break the confidentiality and integrity of Intel Software Guard Extensions enclaves through controlling the CPU core voltage.
The attack relies on VoltPillager, "a low-cost tool for injecting messages on the Serial Voltage Identification bus between the CPU and the voltage regulator on the motherboard," and can be used to fault security-critical operations.
The open-source hardware device can inject Serial Voltage Identification packets, thus allowing the researchers to fully control the CPU core voltage and perform fault-injection attacks.
The researchers, who present proof-of-concept key-recovery attacks targeting the cryptographic algorithms inside the SGX, note that VoltPillager could be abused by untrusted cloud providers that have physical access to hardware.
The findings were disclosed to Intel on March 13, 2020, but the company does not plan on addressing the concerns, noting that the SGX threat model does not include hardware compromise and that the patches released for Plundervolt were not meant to protect against hardware-based attacks.