UK-SPS Seminar -15th December Title: One Glitch to Rule them All

Title: One Glitch to Rule them All: Fault Injection Attacks against AMD’s Secure Encrypted Virtualization

Speaker: Robert Buhren (TU Berlin)

Hosts: Mark Ryan & David Oswald (Birmingham)

Abstract: In this talk, we present our voltage fault injection attack against the AMD Secure Processor (AMD-SP / PSP). The AMD-SP is an ARM core, embedded into modern AMD CPUs. It hosts the firmware implementing the SEV API and is a single point of failure for the SEV technology. Our attack allows us to deploy custom code on the AMD-SP on Zen 1, Zen 2 and Zen 3 CPUs. We present how our attack allows attackers to fully circumvent SEV’s protection guarantees. To the best of our knowledge, the presented attack cannot be mitigated and questions SEV’s security promises on all affected CPU generations.

Bio: Robert Buhren is a security researcher and firmware reverse engineer currently pursuing a PhD at the Technische Universität Berlin. In his research, Robert focuses on cloud security and security aspects of virtualization.

Please feel free to forward to others who might be interested. 

UK-SPS is an inter-university seminar series on cyber security and privacy. Seminar details are also advertised on our website, calendar and Twitter, and recordings will be available on our YouTube channel afterwards. 

Last modified: Mon, 20 Dec 2021 10:25:51 GMT