Monday, May 28th 2018
AMD EPYC Secure Encrypted Virtualization Not So Secure: Researchers
Secure Encrypted Virtualization (SEV) was touted as one of the killer features of AMD EPYC and Ryzen Pro series processors. It involves encryption of parts of the memory of the host machine which house virtual machines (or guests), with encryption keys stored on the processor, so the host has no scope of infiltrating or reading the contents of the guest's memory. This was designed to build trust in cloud-computing and shared hosting industries, so web-present small businesses with sensitive data could have some peace of mind and wouldn't have to spend big on dedicated hosting. A Germany-based IT security research team from Fraunhofer AISEC, thinks otherwise.
Using a technique called "SEVered," the researchers were able to use rogue host-level administrator, or malware within a hypervisor, to bypass SEV and copy decrypted information from the guest machine's memory. The exploit involves alteration of the guest machine's physical memory mappings using standard page tables, so SEV can't properly isolate and encrypt parts of the guest in the physical memory. The exploit is so brazen, that you could pull plaintext information out of compromised guests. The researchers published a paper on SEVered, along with technical details of the exploit.
Source:
The Register
Using a technique called "SEVered," the researchers were able to use rogue host-level administrator, or malware within a hypervisor, to bypass SEV and copy decrypted information from the guest machine's memory. The exploit involves alteration of the guest machine's physical memory mappings using standard page tables, so SEV can't properly isolate and encrypt parts of the guest in the physical memory. The exploit is so brazen, that you could pull plaintext information out of compromised guests. The researchers published a paper on SEVered, along with technical details of the exploit.
31 Comments on AMD EPYC Secure Encrypted Virtualization Not So Secure: Researchers
Frankly, till now, no one really gave much concern, not even bad guys. But after Spectre and meltdown, I bet a lot of them are now focused poking CPU's. If one thing worked, chances are, something else will too. And here is the product of that.
It's like everything with a catchy name and lacking a CV requires root access... heck, they even had to make a custom version of KVM for this to even work.
Blaming the manufacturer because the product does not behave the same after the user flashes a new bios is unfathomable.
Even CTS Labs would not stoop so low as to report this a vulnerability.
Quoting the paper,
"As malicious HV, we used Kernel-based Virtual Machine (KVM) and modified it to execute our attack. To realize our tracking mechanism, we extended the KVM infrastructure for guest write access tracking [7] to track all kinds of accesses. We furthermore extended KVM with functionality to alter memory mappings for the extraction phase. Both features can be controlled by the attacker in the host Linux running the target VM. "
Someone explain to me, if one can do this, wouldn't they also be able to, idk, disable SEV altogether, and/or do something exponentially more evil and harmful?
Heck, an evil host can "claim" encryption and not have it, and plainly read/collect all data at the guest... am I wrong?
Their paper is pretty much a slightly modified copycat of this one, published by members of Tangram Technologies from Shanghai back in December.
arxiv.org/ftp/arxiv/papers/1712/1712.05090.pdf
Their team lead, ZhaoHui Du, is very notable for being an Intel researcher and software engineer for almost 18 years. It's not a red flag by any means, but considering that Tangram was founded in 2017, it raises some concerns and suspicions.
"We then simply created a hardware adaptor that we inserted between the AMD processors and the socket. Thanks to that simple to make adaptor (if you are a multi billion company with decades of expertise) we could easily have access to the information the processor was processing"
8 New Spectre-Class Vulnerabilities (Spectre-NG) Found in Intel CPUs
thehackernews.com/2018/05/intel-spectre-vulnerability.html
Is like discovering a bad batch of tomatoes and instead of inform the seller you go to the press and saying stuff .
This don't make any sense .
Amd should take them to court because is not right at all .
Makes me wonder if someone is a shill there.
Thankfully this didn't come with a ridiculous press deck, greenscreen videos, or blatant stock manipulation attempt like the CTS Labs "exploits". If anything this looks more like an attempt to damage AMD's reputation in the data center market, rather than a short play.
I don't know their protocol on how they inform these companies, though. Maybe some contact already took place and AMD just didn't bother to release it themselves. But I'm guessing a state funded research institute will probably have some protocol like that in place.
Another side channel attack that is legitimate and effects Intel, AMD and ARM
“Speculative Store Bypass”
www.theverge.com/2018/5/21/17377994/google-microsoft-cpu-vulnerability-speculative-store-bypass-variant-4
www.amd.com/en/corporate/security-updates
I will become concerned when some of their poking and prodding of Ryzen/Epyc results in a weakness that doesn't require the perpetrator to have total access to the system they are trying to attack.
Next funded Intel hit piece will suggest that server farms using Epyc are susceptible to power outages should someone with a ladder and dynamite gain access to the transformer leading to the data center. And, of course, a desire to blow up the transformer.
Of course, this Epyc vulnerability will also require an inside man that can disable the backup power source within the data center.