from the slipping-in-through-the-side-door dept.
Plundering of crypto keys from ultrasecure SGX sends Intel scrambling again:
On Tuesday, two separate academic teams disclosed two new and distinctive exploits that pierce Intel's Software Guard eXtension, by far the most sensitive region of the company's processors.
Abbreviated as SGX, the protection is designed to provide a Fort Knox of sorts for the safekeeping of encryption keys and other sensitive data even when the operating system or a virtual machine running on top is badly and maliciously compromised. SGX works by creating trusted execution environments that protect sensitive code and the data it works with from monitoring or tampering by anything else on the system.
Key to the security and authenticity assurances of SGX is its creation of what are called enclaves, or blocks of secure memory. Enclave contents are encrypted before they leave the processor and are written in RAM. They are decrypted only after they return. The job of SGX is to safeguard the enclave memory and block access to its contents by anything other than the trusted part of the CPU.
[...] The [SGAxe] attack can just as easily steal cryptographic keys that SGX uses for "attestation," or the process of proving to a remote server that the hardware is a genuine Intel processor and not a malicious simulation of one. A remote server can require connecting devices to provide these attestation keys before it will carry out financial transactions, play protected videos, or perform other restricted functions. In a paper titled SGAxe: How SGX Fails in Practice, researchers from the University of Michigan and the University of Adelaide in Australia wrote:
With the machine's production attestation keys compromised, any secrets provided by [the] server are immediately readable by the client's untrusted host application while all outputs allegedly produced by enclaves running on the client cannot be trusted for correctness. This effectively renders SGX-based DRM applications useless, as any provisioned secret can be trivially recovered. Finally, our ability to fully pass remote attestation also precludes the ability to trust any SGX-based secure remote computation protocols.
[...] The second SGX attack is notable because it's based on a previously unknown side channel created by an undocumented buffer that all Intel CPU cores use. This "staging buffer," as researchers from Vrije University in Amsterdam and ETH Zurich call it, retains the results of previously executed offcore instructions across all CPU cores.
The discovery is highly significant for a couple of reasons. First, the staging buffer retains output from RDRAND and RDSEED, which are among the most sensitive instructions an Intel CPU can carry out because they provide the random numbers needed when generating crypto keys.
[...] Equally important, the side channel provided by this newly discovered staging buffer allowed the attackers to create the world's first-known speculative execution attack that works across CPU cores. All previous attacks have worked only when an attacker and a target used the same core. Many defenders took that to mean that allocating trusted and untrusted code to different cores provided meaningful protection against speculative execution attacks, which are also known as transient execution attacks. CrossTalk, as the new exploit has been named, will force researchers and engineers to revisit that assumption.
Related Stories
Bill Aimed at Ending 'Warrant-Proof' Encryption Introduced in House:
Referred to as the Lawful Access to Encrypted Data Act, the bill aims to put a stop to criminals using “warrant-proof encryption and other technological advances” to hide their activity from authorities, Congresswoman Ann Wagner (R-MO), who introduced the bill, said.
“It is time tech companies stand with criminal investigators and the public to make clear they are committed to rooting out perpetrators who use their services to commit horrific crimes. As the digital world advances, so must our legislative solutions to investigate crimes that hit hardest the most vulnerable in our society,” Rep. Wagner commented.
Law enforcement agencies have long argued that strong encryption hinders their ability to conduct successful investigations in certain cases, often asking for backdoors that would provide them fast access to data of interest, but tech companies have opposed these requests, arguing that backdoors would introduce serious security and privacy risks.
The legislation would require tech companies to provide authorities with access to encrypted user data, while also stating that the Attorney General would report on which companies can comply. Furthermore, the government would offer compensation to companies that comply with the legislation.
Previously:
(2020-07-07) US Senate Panel OK's EARN IT Act
(2020-06-27) Senators Introduce "Balanced" Bill That Aims to End Warrant-Proof Encryption
(2020-06-11) Plundering of Crypto Keys From Ultrasecure SGX Sends Intel Scrambling Again
(2020-06-06) Zoom Says Free Users Won't Get End-to-End Encryption so FBI and Police Can Access Calls
(2020-05-19) AG Barr Seeks 'Legislative Solution' to Make Companies Unlock Phones
(2020-05-19) FBI Successfully Broke Into a Gunman's iPhone, but Still Very Angry at Apple
(Score: 2) by takyon on Friday June 12 2020, @12:08PM (3 children)
New CrossTalk attack impacts Intel's mobile, desktop, and server CPUs [zdnet.com]
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 2) by DannyB on Friday June 12 2020, @05:37PM
Simplification. Reduce the administrative impact to simpler vulnerability assessments.
Hardware: does it have Intel?
Software: does it have Microsoft? If Linux: does it have systemd?
The lower I set my standards the more accomplishments I have.
(Score: 1) by fustakrakich on Friday June 12 2020, @05:38PM (1 child)
Now is a good time to invest in paper and printing products, pen and pencil too.
La politica e i criminali sono la stessa cosa..
(Score: 2) by takyon on Friday June 12 2020, @05:53PM
Tin cans and string.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 0) by Anonymous Coward on Friday June 12 2020, @07:22PM (2 children)
Ok, so Intel hardware is not trustworthy. News at 11.
When can we get back not "do not run untrusted code on your hardware"?
(Score: 0) by Anonymous Coward on Friday June 12 2020, @09:13PM (1 child)
Not feasible. These days you can't even open a simple web page without loading javascipt from twenty different sources.
(Score: 0) by Anonymous Coward on Saturday June 13 2020, @07:34AM
Sure you can.
Disable javascript, if can't, use a request firewall, if it don't work, use an SSL terminator and rewrite the data before encryption.
If NSA can do it, an 8 year old child can do it.
Oh, you meant in an unmodified browser, that running on a device Stallman wouldn't be caught dead with, autotrusting _any_ non-yours certificate authority?
Pfft, you should suffer.
(Score: 2) by The Vocal Minority on Saturday June 13 2020, @03:48AM
So sad
(Score: -1, Spam) by Anonymous Coward on Saturday June 13 2020, @09:56AM
This has been a public service announcement from GNAA (GAY NIGGER ASSOCIATION OF AMERICA).
And now we return to our usual broadcast...
GNAA (GAY NIGGER ASSOCIATION OF AMERICA) is the first organization which gathers GAY NIGGERS from all over America and abroad for one common goal - being GAY NIGGERS.
Are you GAY [klerck.org]?
Are you a NIGGER [mugshots.org]?
Are you a GAY NIGGER [gay-sex-access.com]?
If you answered "Yes" to any of the above questions, then GNAA (GAY NIGGER ASSOCIATION OF AMERICA) might be exactly what you've been looking for!
Join GNAA (GAY NIGGER ASSOCIATION OF AMERICA) today, and enjoy all the benefits of being a full-time GNAA member.
GNAA (GAY NIGGER ASSOCIATION OF AMERICA) is the fastest-growing GAY NIGGER community with THOUSANDS of members all over United States of America. You, too, can be a part of GNAA if you join today!
Why not? It's quick and easy - only 3 simple steps!
First, you have to obtain a copy of GAY NIGGERS FROM OUTER SPACE THE MOVIE [imdb.com] and watch it.
Second, you need to succeed in posting a GNAA "first post" on SoylentNews [soylentnews.org], a popular "news for trolls" website
Third, you need to join the official GNAA irc channel #GNAA on EFNet, and apply for membership.
Talk to one of the ops or any of the other members in the channel to sign up today!
If you are having trouble locating #GNAA, the official GAY NIGGER ASSOCIATION OF AMERICA irc channel, you might be on a wrong irc network. The correct network is EFNet, and you can connect to irc.prison.net or irc.colosolutions.net as one of the EFNet servers.
If you do not have an IRC client handy, you are free to use the GNAA Java IRC client by clicking here [nero-online.org].
If you have mod points and would like to support GNAA, please moderate this post up.
This post proudly brought to you by the GNAA president
________________________________________________
| ______________________________________._a,____ |
| _______a_._______a_______aj#0s_____aWY!400.___ |
| __ad#7!!*P____a.d#0a____#!-_#0i___.#!__W#0#___ |
| _j#'_.00#,___4#dP_"#,__j#,__0#Wi___*00P!_"#L,_ |
| _"#ga#9!01___"#01__40,_"4Lj#!_4#g_________"01_ |
| ________"#,___*@`__-N#____`___-!^_____________ |
| _________#1__________?________________________ |
| _________j1___________________________________ |
| ____a,___jk_GAY_NIGGER_ASSOCIATION_OF_AMERICA_ |
| ____!4yaa#l___________________________________ |
| ______-"!^____________________________________ |
` _______________________________________________'