Battering RAM: Low-Cost Interposer Attacks on Confidential Computing
16 hours ago
- #confidential-computing
- #memory-encryption
- #cybersecurity
- Modern computers use DRAM for storing sensitive data, with cloud providers implementing hardware-level memory encryption for protection.
- A malicious memory module called 'Bad RAM' can bypass these protections by supplying false metadata during processor boot.
- Battering RAM is a new attack that breaks Intel SGX and AMD SEV-SNP confidential computing technologies by bypassing memory encryption and boot-time defenses.
- A custom-built interposer for Battering RAM can be constructed for under $50, making the attack accessible to low-budget adversaries.
- The attack affects all systems using DDR4 memory, particularly confidential computing workloads in public cloud environments.
- Intel and AMD have acknowledged the findings, but defending against Battering RAM would require a fundamental redesign of memory encryption.
- The attack re-enables previously mitigated BadRAM attacks and can bypass firmware-level mitigations by enabling/disabling the interposer at runtime.
- DDR5 reorganizes the command/address bus, making simple switches ineffective, but the underlying memory encryption issues remain.
- Open-source schematics and firmware for the interposer are available, along with proof-of-concept code for the attacks.
- Confidential computing technologies have critical physical-layer limitations, and encrypted memory is not secure against physical tampering.