Explore a groundbreaking Black Hat conference talk that delves into the vulnerabilities of hardware-enforced security mechanisms. Learn how hypervisors can be exploited to bypass Intel's Trusted Execution Environment (TXT) DRTM and capture keys from Intel's AES-NI instructions. Discover the limitations of trusted computing technologies like TXT, ARM TrustZone, Microsoft Isolated User Mode, and Intel SGX in protecting user data from privileged processes. Examine the implementation flaws in Intel TXT and the open-source tBoot project, and understand how Type-1 hypervisors can be used to exploit these weaknesses. Gain insights into proper deployment strategies for hardware-enforced security systems, including sealed storage, remote attestation, and hardware hardening techniques to mitigate potential vulnerabilities.
Breaking Hardware-Enforced Security With Hypervisors
Overview
Syllabus
Breaking Hardware-Enforced Security With Hypervisors
Taught by
Black Hat
Related Courses
-
Trusted Execution Environments - A Technical Overview of Intel SGX, Arm TrustZone, and RISC-V PMP
-
Bypassing Hardware-Based Trusted Boot Through x86 Downgrade
-
Plundervolt - Software-Based Fault Injection Attacks against Intel SGX
-
Understanding the Prevailing Security Vulnerabilities in TrustZone-Assisted TEE Systems
-
PMFault - Voltage Fault Injection on Server Platforms Through the PMBus
-
Breaking Through Another Side - Bypassing Firmware Security Boundaries from Embedded Controller
