Voltage manipulation can bypass hardware security on AMD's server CPUs

Molematt

Posts: 36   +2
Why it matters: Researchers from the Technische Universität Berlin have demonstrated that AMD's Secure Encrypted Virtualisation (SEV) technology can be defeated by manipulating input voltages, compromising the technology in a similar way to previous attacks against its Intel counterpart.

SEV relies on the Secure Processor (SP), a humble Arm Cortex-A5, to provide a root of trust in AMD EPYC CPUs (Naples, Rome and Milan -- Zen 1 through 3).

The research paper -- toting the amusing-yet-wordy title of "One Glitch to Rule Them All: Fault Injection Attacks Against AMD’s Secure Encrypted Virtualization" -- describes how an attacker could compromise the SP to retrieve encryption keys or execute arbitrary code.

"By manipulating the input voltage to AMD systems on a chip (SoCs), we induce an error in the read-only memory (ROM) bootloader of the AMD-SP, allowing us to gain full control over this root-of-trust."

Conventional wisdom often follows the mantra that any system that an attacker has physical access to may as well be already compromised. But as SEV is supposed to shield virtual machines from the hypervisor itself (as well as from one another), it should provide a layer of security against those situations -- for example, guarding VMs from a rogue admin in a cloud environment.

The position required to execute such an attack is rather exacting; access to a cloud computing company in a role that allows server access at the hardware level, with the smarts to pull it off without arousing suspicion. However, the gear required is much less ambitious, merely needing a microcontroller and a flash programmer that can be acquired for firmly under $50 between the two.

Intel's comparable Software Guard Extensions technology has been previously demonstrated to be vulnerable to voltage-fault attacks (as well as many others). Plundervolt used built-in voltage scaling interfaces commonly used in undervolting, and when those were locked down researchers found that external voltage manipulation could achieve similar results. That method, dubbed VoltPillager, ended up inspiring the TU Berlin researchers to test AMD's SEV in this manner.

Intel decided not to try and mitigate VoltPillager, stating that hardware-level attacks were beyond the scope of the SGX threat model, leading the researchers to call into question the safety entrusting sensitive computation to a third-party cloud.

Now that their primary competitor has been found similarly susceptible across all three EPYC generations -- albeit with its dramatic vulnerability codename still pending -- those questions are only more pointed.

Permalink to story.

 
You literally have no way of knowing if your third-party cloud assets are compromised anywhere along the chain. The cloud provider might be able to detect certain MITM attacks but if the provider itself is the bad guy then you're pretty well screwed. I have yet to see a single use case where it makes sense to rent cloud power at the enterprise level as opposed to keeping it in-house. The one situation where it might, however, is for a company that had literally no hosting expertise and loathed the idea of supporting their own infrastructure.
 
The one situation where it might, however, is for a company that had literally no hosting expertise and loathed the idea of supporting their own infrastructure.

You've just described start ups and small businesses who wouldn't have an internal expert on computers.
 
Wouldn't encryption on the customers side protect this - but from all the articles over the years - about storing passwords , salted hashes etc - that you must assume all data not encrypted is compromised . I assume the admins on Servers can access the data - to restore , compare etc . Lots of inside people have been corrupted before.
 
You've just described start ups and small businesses who wouldn't have an internal expert on computers.
Add in small businesses without a good enough internet connection at a price that can be afforded by said small business along with hardware to handle it. Exactly why I'm dealing with a VPS currently. I would love to self host though.
 
Add in small businesses without a good enough internet connection at a price that can be afforded by said small business along with hardware to handle it. Exactly why I'm dealing with a VPS currently. I would love to self host though.

OVH and Hetzner offer dedicated hardware at reasonable prices. Still a server in a data centre but I doubt any businesses server rack is run by the companies owner so it would be no different than any other server rack.
 
You literally have no way of knowing if your third-party cloud assets are compromised anywhere along the chain. The cloud provider might be able to detect certain MITM attacks but if the provider itself is the bad guy then you're pretty well screwed. I have yet to see a single use case where it makes sense to rent cloud power at the enterprise level as opposed to keeping it in-house. The one situation where it might, however, is for a company that had literally no hosting expertise and loathed the idea of supporting their own infrastructure.
Why would you trust your own system admins over the ones at AWS and Azure? At least those sys admins have national security clearance.

Anyone that can hook wires up to a CPU while it is running to manipulate the hardware should be trusted or fired immediately. You have to establish a level of trust with someone if you want to do business.
 
Maybe as a business you have a choice locally or cloud or both . But the nature of the modern world is our health , banking details are all on servers .
So until we have a quantum system where we can see it data has been accessed - we just have to build protections from the inside . Normally to pay invoices over x in companies requires 2 people . To do large currency settlements - requires normally 3 people inside, at least 1 at bank , and dedicated phone lines on top- normally one of the computers inside should be isolated from main network and dedicated for that sole purpose.
 
Technical people make this too complicated.

Just put the hapless secretary or CEO in an arm lock and twist until they give you the password. Then tell them to keep silent or they will suffer repercussions.

That's the way these things have always worked. Sheesh!
 
Technical people make this too complicated.

Just put the hapless secretary or CEO in an arm lock and twist until they give you the password. Then tell them to keep silent or they will suffer repercussions.

That's the way these things have always worked. Sheesh!
Neither the secretary nor a CEO would have systems level access. You would have to get a high level member of the systems team in an armlock and twist!
 
It's an interesting proof of concept. This continues to show how important physical security is and why I prefer a local desktop to a cloud vm any day of the week.
As I don't know you, I can't say for sure but I'm guessing your home security is far below what most cloud service providers have. Most cloud data centers I have been in severely restrict physical access. Even office buildings are less secure, unless maybe you're in a company doing classified work for the government.
 
You literally have no way of knowing if your third-party cloud assets are compromised anywhere along the chain. The cloud provider might be able to detect certain MITM attacks but if the provider itself is the bad guy then you're pretty well screwed. I have yet to see a single use case where it makes sense to rent cloud power at the enterprise level as opposed to keeping it in-house. The one situation where it might, however, is for a company that had literally no hosting expertise and loathed the idea of supporting their own infrastructure.

Nonsense. There is very little reason to have on-prem computing these days, unless you're engaged in some sort of high-trust or classified government business. I submit that the larger cloud providers such as Amazon, Microsoft, Google have far better security than most companies have on-premise. Stacking hardware on-prem is costly and many companies I have worked with are hugely over provisioned, wasting thousands if not millions of dollars every year maintaining and operating these machines and all the ancillary equipment needed in a datacenter.

While this is an interesting article, this is not how most companies get hacked. Most of the time it's either social engineering or some admin left the default password on the firewall.
 
Back