New attacks are diluting secure enclave defenses from Nvidia, AMD, and Intel
6 months ago
- #TEE
- #HardwareAttack
- #Cybersecurity
- Trusted Execution Environments (TEEs) are widely used in blockchain, cloud services, AI, finance, and defense industries.
- Major TEE providers include Nvidia's Confidential Compute, AMD's SEV-SNP, and Intel's SGX/TDX, all promising data security even if the OS kernel is compromised.
- A new attack called TEE.fail can bypass protections from all three chipmakers by inserting hardware between a memory chip and motherboard, requiring OS kernel compromise.
- TEE.fail works on DDR5 memory, unlike previous attacks limited to DDR4, making it effective against the latest TEEs.
- Chipmakers exclude physical attacks from their threat models, focusing instead on protecting data from kernel-level compromises.
- Public claims about TEE protections by chipmakers and users can be misleading or incorrect, especially regarding physical security in remote server locations.