Forwarded from BlackBox (Security) Archiv
VoltPillager: Researchers Compromise Intel SGX With Hardware-Based Undervolting Attack
Security researchers out of the University of Birmingham have crafted another attack against Intel Software Guard Extensions (SGX) when having physical motherboard access and using their "VoltPillager" hardware device they assembled for about $30 USD.
Two years ago Plundervolt was widely publicized for compromising Intel's SGX security by manipulating the CPU frequency/voltage as able to through software interfaces. By carefully undervolting the Intel CPUs when executing enclave computations they were able to ultimately compromise the integrity of SGX.
The impact of Plundervolt was already limited as typically the software needs root/administrative rights to access the CPU voltage/frequency MSRs or other kernel interfaces for manipulating them. But in response to Plundervolt, motherboard vendors began offering options to allow disabling voltage/frequency interface controls on their systems. Following Plundervolt, security researchers at the University of Birmingham in the UK began exploring a hardware-based attack on SGX.
https://www.phoronix.com/scan.php?page=news_item&px=VoltPillager-HW-Undervolt
#research #VoltPillager #undervolting #attack #intel #sgx
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
Security researchers out of the University of Birmingham have crafted another attack against Intel Software Guard Extensions (SGX) when having physical motherboard access and using their "VoltPillager" hardware device they assembled for about $30 USD.
Two years ago Plundervolt was widely publicized for compromising Intel's SGX security by manipulating the CPU frequency/voltage as able to through software interfaces. By carefully undervolting the Intel CPUs when executing enclave computations they were able to ultimately compromise the integrity of SGX.
The impact of Plundervolt was already limited as typically the software needs root/administrative rights to access the CPU voltage/frequency MSRs or other kernel interfaces for manipulating them. But in response to Plundervolt, motherboard vendors began offering options to allow disabling voltage/frequency interface controls on their systems. Following Plundervolt, security researchers at the University of Birmingham in the UK began exploring a hardware-based attack on SGX.
https://www.phoronix.com/scan.php?page=news_item&px=VoltPillager-HW-Undervolt
#research #VoltPillager #undervolting #attack #intel #sgx
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
Phoronix
VoltPillager: Researchers Compromise Intel SGX With Hardware-Based Undervolting Attack
Security researchers out of the University of Birmingham have crafted another attack against Intel Software Guard Extensions (SGX) when having physical motherboard access and using their 'VoltPillager' hardware device they assembled for about $30 USD.