Recent discoveries by computer scientists at ETH Zurich have raised concerns about the security of semiconductor technologies, particularly in relation to confidential computing, as reported in TechXplore.
What Is Confidential Computing?
Confidential computing is a method used by companies and governmental organizations to process sensitive data securely in shared cloud computing environments.
However, researchers have identified vulnerabilities in the latest chip technologies that could potentially compromise data security.
Two Attack Scenarios
The vulnerabilities were uncovered through two attack scenarios devised by the Secure & Trustworthy Systems Group at ETH Zurich.
These scenarios exploit the interrupt mechanism, which temporarily disrupts regular processing to prioritize other computing tasks. The research team, led by Professor Shweta Shinde, found that certain interrupts could be manipulated to gain unauthorized access to sensitive data stored in the server hardware of leading chip manufacturers such as AMD and Intel.
The vulnerabilities were discovered during an investigation into confidential computing technologies employed by AMD and Intel processors. The researchers sought to understand the functionality of these processors as part of their work on developing an eavesdrop-proof smartphone based on confidential computing principles.
At the heart of confidential computing is the trusted execution environment (TEE), a hardware-based component that isolates applications during runtime, according to the research team.
This isolation ensures that sensitive data is protected from unauthorized access while being processed. However, vulnerabilities in the interrupt handling mechanisms of these processors pose a significant risk to data security.
One vulnerability identified by the research team involves the interaction between hypervisors and TEEs in public cloud environments. Hypervisors, which manage virtualized resources in cloud environments, are essential for ensuring the flexibility, efficiency, and security of cloud services.
However, they also introduce potential security risks, as they can be exploited to access data stored in the memories of other cloud users or by cloud providers themselves.
Read Also: Texas Unveils New Innovation Group to Boost the State’s Chipmaking Hub
“Ahoi Attacks”
The researchers conducted what they termed “Ahoi attacks” to exploit the hypervisor-TEE interface and send coordinated interrupts to the secured system. These attacks demonstrated that certain interrupts could bypass the TEE’s security measures, allowing unauthorized access to sensitive data.
Another attack scenario, known as WeSee, exploits a mechanism introduced by AMD to facilitate communication between the TEE and hypervisor. This mechanism can be manipulated to extract sensitive data from the secured system or execute external programs.
The vulnerabilities identified by the research team highlight the challenges of ensuring data security in confidential computing environments. While chip manufacturers have taken steps to address these vulnerabilities, the risks associated with interrupt-based attacks remain a concern for companies and governmental organizations, according to the team.
For Professor Shinde and her research group, uncovering these vulnerabilities is part of a broader effort to ensure user control over data and applications in smartphones.
By developing a TEE that supports unmonitored operation of apps not managed by device manufacturers, they aim to enhance user privacy and security in mobile computing environments.
Related Article: Compact Accelerator Tech Achieves Significant Energy Milestone, Holds Promise for Semiconductor Industry
ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
