Sascha Wessel – Firmware Security

AMD SEV is a hardware feature designed for the secure encryption of virtual machines. SEV aims to protect virtual machine memory not only from other malicious guests and physical attackers, but also from a possibly malicious hypervisor. This relieves cloud and virtual server customers from fully trusting their server providers and the hypervisors they are using. We present the design and implementation of SEVered, an attack from a malicious hypervisor capable of extracting the full contents of main memory in plaintext from SEV-encrypted virtual machines. SEVered neither requires physical access nor colluding virtual machines, but only relies on a remote communication service, such as a web server, running in the targeted virtual machine. We verify the effectiveness of SEVered on a recent AMD SEV-enabled server platform running different services, such as web or SSH servers, in encrypted virtual machines. With these examples, we demonstrate that SEVered reliably and efficiently extracts all memory contents even in scenarios where the targeted virtual machine is under high load.

This is a fascinating exploitation of AMD's Secure Encrypted Virtualization – the security mechanism that decrypts and encrypts virtual machines on the fly in RAM. It can be bypassed by an evil HV so that info can be exfiltrated via HTTP, we're told https://t.co/0b9chrqdXn pic.twitter.com/R7wiGwTZU4

— The Register (@TheRegister) May 25, 2018

Uses the same technique Shay Gueron and I presented years ago in our research about attacks to transparent memory encryption without authentication. https://t.co/b8e8aawl1L

— Rodrigo Branco (@bsdaemon) May 26, 2018

[PDF] "SEVered: Subverting AMD’s Virtual Machine Encryption"
How to extract the full contents of main memory in plaintext
from SEV-encrypted virtual machines.https://t.co/x5471adbNN

— Denis Laskov (@it4sec) May 25, 2018

The 2015 ARES Conference (the Int’l Conference on Availability, Reliability, and Security), is happening in France later this month. There’s a variety of interesting talks on the schedule: focusing on firmware security, a few jump out, and I’m sure I’ve missed a bunch:

Cold Boot Attacks on DDR2 and DDR3 SDRAM
Simon Lindenlauf, Hans Höfken, Marko Schuba

Hardware Security Evaluation Using Assurance Case Models
Henrique Kawakami, Roberto Gallo, Ricardo Dahab, Erick Nascimento

Virtual Machine Introspection_c_ Techniques and Applications
Yacine Hebbal, Sylvie Laniepce, Jean-Marc Menaud

A Lightweight Framework for Cold Boot Based Forensics on Mobile Devices
Benjamin Taubmann, Manuel Huber, Sascha Wessel, Lukas Heim, Hans Peter Reiser, Georg Sigl

Don’t brick your car: Firmware confidentiality and rollback for vehicles
Hafizah Mansor, Konstantinos Markantonakis, Raja Naeem Akram, Keith Mayes

Watch what you wear: preliminary forensic analysis of smart watches
Ibrahim Baggili, Kyle Anthony, Jeff Oduru, Frank Breitinger, Glenn McGee

Physically Secure Code and Data Storage in Autonomously Booting Systems
Johannes Götzfried, Johannes Hampel, Tilo Müller

Complexity Estimates of a SHA-1 Near-Collision Attack for GPU and FPGA
Stefan Gradinger, Bernhard Greslehner-Nimmervoll, Jürgen Fuß, Robert Kolmhofer

Tag: Sascha Wessel

SEVered: Subverting AMD’s Virtual Machine Encryption

ARES 2015