Public cloud services utilize advanced security technologies to safeguard data. However, ETH Zurich computer scientists have identified a vulnerability in the latest security mechanisms used by AMD and Intel chips, impacting major cloud providers.
In recent years, hardware manufacturers have developed technologies intended to enable secure processing of sensitive data on shared cloud resources. This approach, known as confidential computing, aims to protect data by isolating it in a secure environment, inaccessible to other users or the cloud provider. Yet, researchers from ETH Zurich have demonstrated that hackers can potentially breach these systems and access the data.
The researchers conducted two attack scenarios utilizing the interrupt mechanism, which temporarily halts regular processing to prioritize different tasks. With 256 different interrupts, each triggers a specific sequence of commands.
“Interrupts have been considered a minor issue, and it seems that ensuring their systematic protection has been overlooked,” notes Shweta Shinde, Professor of Computer Science at ETH Zurich. Her Secure & Trustworthy Systems Group discovered vulnerabilities in server hardware from AMD and Intel.
Their findings will be presented at the 45th IEEE Symposium on Security and Privacy (IEEE S&P) in May 2024 and the 33rd USENIX Security Symposium (USENIX Security) in August 2024. The research papers are also available on the arXiv preprint server.
The security gaps were uncovered while Shinde’s team was investigating AMD and Intel’s confidential computing technologies. They were seeking a deeper understanding of these processors as part of their work on an eavesdrop-proof smartphone based on confidential computing principles.
Confidential computing relies on the trusted execution environment (TEE), a hardware component that isolates applications during execution, allowing access only to authorized code. This ensures data is protected from unauthorized access while being stored unencrypted in memory during processing, unlike previous methods that required encryption of data at rest and in transit.
One major instability arises from hypervisors, which manage cloud resources and virtual servers. Although hypervisors are essential for flexibility, efficiency, and security in cloud services, they introduce vulnerabilities. They can potentially allow access to data from other users on the same hardware or enable cloud providers to view user data.
Completely isolating the hypervisor is challenging, as some communication between it and the TEE is necessary for administrative functions like resource allocation and managing virtual servers. The ETH team identified vulnerabilities in the management of interrupts, conducting “Ahoi attacks” to exploit the hypervisor’s ability to send coordinated interrupts to the secure system.
This vulnerability reveals a security gap: instead of blocking potentially malicious interrupts from the untrusted hypervisor, the TEE allows some through, enabling attackers to manipulate the system.
By using coordinated interrupt attacks, the ETH scientists managed to confuse a TEE-secured system, gaining root access and full control. AMD’s confidential computing was particularly susceptible, with multiple vulnerabilities, while Intel had only one exposed. The researchers found AMD’s previous defenses inadequate, though the company has since made improvements.
The second attack scenario, known as WeSee, affects only AMD hardware and exploits a mechanism introduced to ease communication between the TEE and hypervisor. A special interrupt can cause the secure system to reveal sensitive data or execute external programs.
Finding these security gaps is crucial, but for Shinde and her team, it’s part of a broader goal to ensure users of smartphones retain full control over their data and applications. Their work includes developing a TEE that not only protects data from eavesdropping by the operating system but also supports the secure operation of apps not managed by Apple or Google.
