Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Plundervolt - Software-Based Fault Injection Attacks against Intel SGX

IEEE via YouTube

Overview

Explore the Plundervolt attack, a software-based fault injection technique targeting Intel SGX, in this IEEE conference talk. Delve into the exploitation of privileged interfaces for dynamic frequency and voltage scaling in modern processors, particularly Intel Core series. Understand how adversaries can manipulate voltage to compromise the integrity of Intel SGX enclave computations, bypassing memory encryption and authentication safeguards. Examine real-world attack scenarios, including key recovery from cryptographic algorithms and inducing memory safety vulnerabilities in secure enclave code. Learn about the challenges of mitigating Plundervolt and the potential need for microcode updates or hardware modifications to ensure trusted computing base recovery.

Syllabus

Intro
TEES Trusted Execution Environments
DVES Dynamic voltage and frequency scaling
Undervolting Intel CPUs
Investigating faults in SGX
Fault analysis
Detailed CPU testing
Faulting RSA
Faulting AES-NÍ
When a single random byte fault is induced at the input of the eighth round, the AES key can be deduced. The computation complexity to recover 128 bit key is: 232 +256 encryptions.
Memory corruption
To summarise

Taught by

IEEE Symposium on Security and Privacy

Reviews

Start your review of Plundervolt - Software-Based Fault Injection Attacks against Intel SGX

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.