Security researchers from Technische Universität Berlin have devised an attack that proves AMD’s Secure Encrypted Virtualization (SEV) is not as safe as it seems. The researchers designed an attack that defeats what the silicon safe room technology was devised for; protecting the data in virtual machines from reprobate admins in cloud environments.
Robert Buhren, Hans Niklas Jacob, Thilo Krachenfels, and Jean-Pierre Seifert from TU Berlin’s Security in Telecommunications group detailed their findings in a paper titled ‘One Glitch to Rule Them All: Fault Injection Attacks Against AMD’s Secure Encrypted Virtualization.
How they did it
By shocking the system the researchers were able to extract secret encryption keys and execute arbitrary code on every AMD chip with Secure Processors.
As the researchers explained in the paper, manipulating the input voltage to AMD systems on a chip (SoCs), they were able to create an error in the ROM (read-only memory) bootloader of the AMD-SP, giving them complete control over the root-of-trust.
The attack took inspiration from a similar one used to defeat a secure enclave system for Intel’s Software Guard Extensions (SGX) for the x86 microarchitecture. As with the SGX attack, the AMD infiltration also relies on cheap components people can buy off the shelf.
The components
To execute the attack, you need a Teensy µController, known as a microcontroller and a flash programmer. Both items cost less than $50 total.
However, even after you assemble the materials, mounting an attack will require insider access at a cloud company using AMD chips, an opportunity to attach wires to the server motherboard without getting noticed, and technical knowledge of how the system works.
The Register asked AMD to comment on this. A spokesperson pointed to the second step of the attack to highlight that this is not an attack scenario one can execute remotely.