Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

AMD (SEV) & Intel (SGX) are NOT reliable #18

Open
CHEF-KOCH opened this issue Nov 22, 2019 · 0 comments
Open

AMD (SEV) & Intel (SGX) are NOT reliable #18

CHEF-KOCH opened this issue Nov 22, 2019 · 0 comments

Comments

@CHEF-KOCH
Copy link
Owner

@CHEF-KOCH CHEF-KOCH commented Nov 22, 2019

Intel (SGX) - software as well as hardware

Possible attacks on SGX -> Side-channel attacks: Spectre, L1TF and MDS/RIDL/Zombieload

v2 introduced Flexible Launch Control, which allows the system admin to take control over the signing process and not Intel.

A practical example to "inject" malware into SGX is shown over here.

Migration

New Intel processors using Total Memory Encryption (TME) and Multi-Key Total Memory Encryption (MKTME) instead. SGX is EOL.

AMD (SEV) (RAM encryption in e.g. AMD Epyc processors)

SEK-PEK-PDH-46372ce64b22e28b

Attacks on CEK via manipulated firmware. Migration is not possible, there is already a migrations attack there are other scenarios.

My advice

Intel

Disable SGX in bios, and if installed uninstall the application and the driver. Performance problems and SGX is "ineffective".

AMD

Update the firmware and wait until AMD patches it.

Both weaknesses are irrelevant for us, as I wrote in the guide you should disable it and ensure you update to the latest BIOS/Firmware. So this is a "wontfix", since migration is not entirely possible without altering our security "best practices" strategy.

@CHEF-KOCH CHEF-KOCH self-assigned this Nov 22, 2019
Repository owner deleted a comment from issue-label-bot bot Nov 22, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant
You can’t perform that action at this time.