Photo Credit: AMD
In a significant discovery, computer scientists at ETH Zurich have identified critical vulnerabilities in the security mechanisms of chips produced by AMD and Intel. These vulnerabilities could potentially expose sensitive data processed in public cloud environments to unauthorized access.
The research team, led by Professor Shweta Shinde, found that the confidential computing technologies employed by these chip manufacturers contain gaps that hackers could exploit. Confidential computing is a method that isolates sensitive data during processing, ensuring that it remains secure even when using shared cloud computing resources.
The vulnerabilities were discovered in the trusted execution environments (TEEs) of the chips. TEEs are hardware-based components designed to isolate and protect applications during execution, preventing unauthorized access to sensitive data. However, the ETH Zurich team uncovered that certain attack scenarios could compromise these secure environments.
One such attack, named the Ahoi attack, involves coordinated interrupts directed at the TEE from an untrustworthy hypervisor. This attack tricks the system into allowing unauthorized access, particularly effective against AMD's confidential computing technology. The WeSee attack, on the other hand, exploits special interrupts to access sensitive data and execute external programs within the secure environment.
Professor Shinde's Secure & Trustworthy Systems Group conducted extensive research to pinpoint these vulnerabilities, which could compromise the integrity of data stored and processed within secure execution environments. The team notes that confidential computing relies on TEEs embedded within hardware to isolate and protect applications during execution. This hardware-based isolation is designed to prevent unauthorized access to sensitive data, safeguarding it from potential breaches.
The discovery illuminates gaps in the confidential computing technologies employed by leading chip manufacturers, raising concerns about the efficacy of current security measures. The vulnerabilities found in AMD and Intel chips according to Shinde, interrupts - the mechanisms that temporarily disrupt regular processing to prioritize different computing tasks - have been identified as a significant area of vulnerability.
The implications of these vulnerabilities are significant for companies and governmental organizations that rely on public cloud services to process sensitive data. Unchecked interruptions and insecure communication channels between TEEs and hypervisors undermine the fundamental principles of confidential computing, compromising data privacy and security.
The findings of the ETH Zurich team will be presented at the 45th IEEE Symposium on Security and Privacy and at the 33rd USENIX Security Symposium. The papers detailing the vulnerabilities are also available on the arXiv preprint server. These revelations underscore the need for continuous vigilance and improvement in the security mechanisms of cloud server hardware.
