Security News > 2021 > August > Re-volting: AMD Secure Encrypted Virtualization undone by electrical attack

AMD's Secure Encrypted Virtualization scheme is not as secure as its name suggests.

In a paper titled "One Glitch to Rule Them All: Fault Injection Attacks Against AMD's Secure Encrypted Virtualization," Robert Buhren, Hans Niklas Jacob, Thilo Krachenfels, and Jean-Pierre Seifert from TU Berlin's Security in Telecommunications group, describe how they succeeded in mounting a voltage fault injection attack.

This shock to the system allowed them to recover secret encryption keys and execute arbitrary code on all AMD chips with Secure Processors.

The attack was inspired by a separate cunning plan, dubbed Voltpillager, used to defeat Intel's Software Guard Extensions, a similar secure enclave system for x86 microarchitecture.

As with SGX, the SEV attack relies on cheap, off-the-shelf components: a ~$30 Teensy µController and a $12 flash programmer.

SEV utilizes the Secure Processor, a microcontroller that provides the root of trust in AMD Naples, Rome, and Milan chips and manages the VM lifecycle.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/08/13/amd_secure_encrypted_virtualization/