Scientists pluck crypto keys from Intel’s SGX by tweaking CPU voltage
- Thread starter JournalBot
- Start date
Is SGX the same as Trusted Execution Environment (TEE) in processors or something completely different?
Upvote
12
(12
/
0)
Upvote
108
(108
/
0)
That isn't really all that surprising once I think about it. I remember from my college classes that having a dieing battery that wasn't putting out enough voltage completely changed the output of programs I was running on an embedded processor. IRRC the program appeared to run correctly except the math was completely wrong. To me it seemed random the way the output was changed, but there had to be followable logic to the execution, so you could tweak that to trick the processor to do stuff you wanted it to do. Of course this was with a 2 cent processor hooked up to a cheap voltage regulator. Doing this on a high end Intel machine is much more impressive.
Upvote
95
(95
/
0)
Sounds like you have a really bad thermal paste application or something if it's going into limp mode during extended gaming sessions...
Upvote
33
(35
/
-2)
Impressive, even more so that it can be done without causing a crash, a reboot, etc.
"In response, Intel has released a microcode and BIOS updates that mitigate attacks by locking voltage to the default settings."
I assume this doesn't matter to those for whom SGX really matters, but does this mean that this microcode/BIOS update would prevent undervolting through means such as Intel's own UTX or ThrottleStop on mobile platforms as well?
"In response, Intel has released a microcode and BIOS updates that mitigate attacks by locking voltage to the default settings."
I assume this doesn't matter to those for whom SGX really matters, but does this mean that this microcode/BIOS update would prevent undervolting through means such as Intel's own UTX or ThrottleStop on mobile platforms as well?
Upvote
37
(38
/
-1)
I sit corrected (thanks @umtumbum). SGX is actually a form of TEE. Not the same, but an implementation of the concept.
Edit: Corrected mistaking TXT for TEE. Whoops!
Upvote
18
(18
/
0)
Yeah, pretty common from reading I've done, the fixes are undervolt or reapply. That's what happens when you cram an i7 and a 1060 into a 6 pound laptop and build it for under $1k.
Upvote
35
(37
/
-2)
Intel really hasn't been having a good run on security on their Core series processors. I guess they're hoping their cove series of processors clean up a lot of the issues
Upvote
-2
(9
/
-11)
Calling it now, some nation-state or crime syndicate is going to pair something from this class of vulnerabilities with a privilege escalation zero day and some diskless persistence to make the next EternalBlue. Or maybe they already have... /tinfoil hat
Upvote
-5
(5
/
-10)
It's scary in abstact, but the fact that SGX is an opt-in via BIOS setting and is only a feature on certain recent CPUs means this would not be nearly as universal an attack as EternalBlue was.
Upvote
40
(40
/
0)
Since the update mentioned here:
is already available thankfully; so at least it's no longer a zero day.
On a side note: is this now a 0+-day or a 1-day?
Upvote
1
(2
/
-1)
Reminds me of a game we used to play on a solar powered scientific calculator when I was at school.. by computing 2^64 (I think - it was 25 years ago) then covering the solar cell for a short time you could corrupt the result. We had a scoring system depending upon the result we got with a *twinkly* - where random LCD segments would flash for a few seconds - being worth the most points.
Upvote
43
(43
/
0)
The funny thing about these Intel microprocessor exploits is not the sheer amount of them, it's that while researchers give time for Intel to develop mitigation solutions for these flaws, it also means that the scientists also have a chance to come up with sassy nicknames for these once their research papers are out.
Upvote
36
(36
/
0)
That's what I was thinking. I know that 4k Blu-Ray playback on PCs specifically requires SGX; I wonder if this could be used to break the encryption.
Upvote
49
(49
/
0)
I'm wondering if it took longer to actually create Plundervolt, or come up with that double-pun of a name, haha.
Upvote
13
(13
/
0)
I have some very punny friends could come up with that on the fly.
Upvote
3
(4
/
-1)
Celery Man
Ars Legatus Legionis
I imagine half the pun of being a scientist (other than science is awesome and you’re doing it) is getting to come up with clever names and acronyms...
Upvote
10
(10
/
0)
I think the key here is, are you using SGX? Unless you explicitly enabled it in your BIOS, it's unlikely you need to apply this patch.
Upvote
10
(11
/
-1)
For me, and I think most folks, the nuances and technical aspects (though fascinating) are basically moot when one considers the adage that if someone has that level of physical control over a device, the device will be compromised.
Maybe that'll change one day, but not today.
Maybe that'll change one day, but not today.
Upvote
1
(10
/
-9)
Not at all. You're thinking endpoint, breaking into your machine.
The highest impact of this is on servers if it gets to be implemented remotely. It will cause leaks from hypervisors which are the applications which use this technology, to run multiple VMs in one server of course. This means that if they break into one server and that has say, 10 different company VMs on it, they'll literally break into 10 different companies with one machine compromised.
This is of course worst case scenario, but at the minimum they could bring down 10 company servers and cause significant monetary or operational functionality.
https://www.intel.com/content/www/us/en ... ssors.html
Upvote
-2
(6
/
-8)
This is one of the only times where I'm actually GLAD for a security vulnerability.
SGX is actually a nasty piece of tech, if you think about it: it allows software to essentially cloak itself from the rest of the system, including the OS and whatever the system's owner may want to do.
There is already proof of concept malware that uses it to become impossible to detect thanks to the hardware itself.
And if you need further confirmation the tech is used for no good, SGX is *required* by PC based UHD Blu-ray player software. So the Sony rootkit again, but this time made impossible to detect by your own CPU.
As an added kick in the teeth, it's not like everyone, including, again, the CPU owner, can use the thing: SGX usage requires signing your code with certificates provided by Intel, for a price.
SGX is actually a nasty piece of tech, if you think about it: it allows software to essentially cloak itself from the rest of the system, including the OS and whatever the system's owner may want to do.
There is already proof of concept malware that uses it to become impossible to detect thanks to the hardware itself.
And if you need further confirmation the tech is used for no good, SGX is *required* by PC based UHD Blu-ray player software. So the Sony rootkit again, but this time made impossible to detect by your own CPU.
As an added kick in the teeth, it's not like everyone, including, again, the CPU owner, can use the thing: SGX usage requires signing your code with certificates provided by Intel, for a price.
Upvote
52
(61
/
-9)
Frosty Grin
Ars Legatus Legionis
Clearly, the only solution is to round up all people who can undervolt a CPU, and keep them somewhere safe.
Upvote
-2
(7
/
-9)
This doesn't require physical access though. You can undervolt via software, which was the predecessor attack to this one.
And privileged access, while obviously generally well-protected against, is hardly impossible to obtain.
Upvote
11
(12
/
-1)
MS will include the microcode fix sooner or later so I won't have a choice.
Upvote
0
(3
/
-3)
How can you force both a human an a CPU to release passwords / cryptokeys? Applying the right voltage!
Upvote
52
(52
/
0)
EspressoMachine asked about SGX vs TEE (Trusted Execution Environment), not Intel's TXT. SGX is a form of TEE.
Upvote
5
(5
/
0)
Indeed, I'm not actually aware of any software that uses SGX, let alone in widespread use.
I mean who's going write software that con only run on certain Intel chips? Some super special DRM for cinemas or something?
Intel was targeting SGX to 'cloud' - where you don't trust your vendor - but I don't see any cloud vendor tying themselves to Intel either.
Upvote
0
(4
/
-4)
"By subtly increasing or decreasing the *current* delivered to a CPU—operations known as "overvolting" and "undervolting""...
Yikes!
Somebody was asleep during their electronics 101 class...
Yikes!
Somebody was asleep during their electronics 101 class...
Upvote
20
(20
/
0)
Reminds me of the behavior one gets with uninitialized variables.
Upvote
4
(4
/
0)
I’m a bit surprised. I would have thought if SGX is being presented as an independent Secure Enclave then it shouldn’t have anything to do with the main CPU, and power supplies is an obvious part of that. I guess you’re a bit limited being perhaps on the same die but still, avoiding any interaction witn the CPU except through the defined interface was the main point wasn’t it?
So basically I would have expected the SGX part to have an independent non-configurable power supply
So basically I would have expected the SGX part to have an independent non-configurable power supply
Upvote
4
(5
/
-1)
Yeah, this is the same thing with overclocking. Overclocking shortens the time of the cycles which means that circuitry may not stabilize before being latched. These will not necessarily cause a system to crash if it's just data... the processor will just keep on keeping on... so you could end up with math producing incorrect results and you get no errors/warnings. At least if you overclock and you push the control logic too hard, you'll get erratic behavior and the machine will crash, letting you know something was wrong.
Upvote
6
(6
/
0)
It's not a terribly prominent or exciting application; but I know that some Synaptics fingerprint reader sensors show up slightly differently in Device Manager depending on whether SGX is available(either as "Synaptics WBDI (SGX Enabled)" or "Synaptics WBDI (SGX Disabled)").
I'm not sure if those parts are too cheap to do match-in-sensor and are using SGX, when available, as a substitute, or if there is some other aspect of the process that is seen as in need of enclaving.
Upvote
5
(5
/
0)