TeqGo.com
No Result
View All Result
No Result
View All Result
TeqGo.com
No Result
View All Result
Home Computer

SGX, Intel’s supposedly impregnable data fortress, has been breached yet again

Staff by Staff
August 17, 2022
in Computer
0
SGX, Intel’s supposedly impregnable data fortress, has been breached yet again
467
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter


Intel

Intel’s latest generation of CPUs contains a vulnerability that allows attackers to obtain encryption keys and other confidential information protected by the company’s software guard extensions, the advanced feature that acts as a digital vault for security users’ most sensitive secrets.

Abbreviated as SGX, the protection is designed to provide a fortress of sorts for the safekeeping of encryption keys and other sensitive data, even when the operating system or a virtual machine running on top is maliciously compromised. SGX works by creating trusted execution environments that protect sensitive code and the data it works with from monitoring or tampering by anything else on the system.

Cracks in Intel’s foundational security

SGX is a cornerstone of the security assurances many companies provide to users. Servers used to handle contact discovery for the Signal Messenger, for instance, rely on SGX to ensure the process is anonymous. Signal says running its advanced hashing scheme provides a “general recipe for doing private contact discovery in SGX without leaking any information to parties that have control over the machine, even if they were to attach physical hardware to the memory bus.”

The example is purely hypothetical. Signal spokesperson Jun Harada wrote in an email: “Intel alerted us to this paper… and we were able to verify that the CPUs that Signal uses are not impacted by the findings of this paper and therefore are not vulnerable to the stated attack.”

Key to the security and authenticity assurances of SGX is its creation of what are called “enclaves,” or blocks of secure memory. Enclave contents are encrypted before they leave the processor and are written in RAM. They are decrypted only after they return. The job of SGX is to safeguard the enclave memory and block access to its contents by anything other than the trusted part of the CPU.

Advertisement

Enter ÆPIC Leak

Since 2018, researchers have poked at least seven serious security holes in SGX, some of which completely undermined the assurances Intel makes about them. On Tuesday, a research paper publicly identified a new hole, which also completely breaks SGX guarantees in most 10th, 11th, and 12th generation Intel CPUs. The chipmaker said it released mitigations that prevent the researchers’ proof-of-concept exploit from working any longer. The researchers will present their findings on Wednesday at the Black Hat security conference in Las Vegas.

A list showing which Intel CPUs are vulnerable.
Enlarge / A list showing which Intel CPUs are vulnerable.

Borrello et al.

The vulnerability resides in APIC, short for Advanced Programmable Interrupt Controller. APIC is a mechanism built into many modern CPUs that manages and routes interrupts, which are signals generated by hardware or software that cause the CPU to stop its current task so it can process a higher-priority event. The researchers who discovered the flaw have named the vulnerability and their proof-of-concept exploit ÆPIC Leak.

An overview of ÆPIC Leak.
Enlarge / An overview of ÆPIC Leak.

Borrello et al.

The bug that makes ÆPIC Leak possible is what’s known as an uninitialized memory read, which happens when memory space isn’t cleared after the CPU is done processing it, causing the leak of old data that is no longer needed. Unlike previous CPU flaws with names like Spectre, Meltdown, Foreshadow, and RIDL/Fallout/ZombieLoad—which were the result of transient execution creating side channels that revealed private data—ÆPIC Leak is an architectural flaw that resides in the CPU itself.



Source link

Previous Post

How To Delete Amolatina Account

Next Post

NASA’s Space Launch System Is Rolling Out Ahead of Schedule

Next Post
NASA's Space Launch System Is Rolling Out Ahead of Schedule

NASA's Space Launch System Is Rolling Out Ahead of Schedule

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended.

Samsung Galaxy M53 5G Specs

Samsung Galaxy M53 5G Specs

August 9, 2022
Obsessively Checking News Linked to Anxiety, Stress, Ill Health, Study Finds

Obsessively Checking News Linked to Anxiety, Stress, Ill Health, Study Finds

August 26, 2022

Trending.

What happened in the year 0 AD?

August 23, 2022

What is a 100000 year period called?

August 23, 2022

What does partner of the quarter mean Starbucks?

August 24, 2022

Is 50 years old a century?

August 23, 2022

Who left Fox 2 Detroit?

August 24, 2022
  • About us
  • Contact Us
  • Home
  • Privacy Policy and Disclaimer

© 2021-2023 Teqgo.com

No Result
View All Result
  • About us
  • Contact Us
  • Home
  • Privacy Policy and Disclaimer

© 2021-2023 Teqgo.com