TEE.Fail attack breaks confidential computing on Intel, AMD, NVIDIA CPUs

Academic researchers developed a side-channel attack called TEE.Fail, which allows extracting secrets from the trusted execution environment in the CPU, the highly secure area of a system, such as Intel’s SGX and TDX, and AMD’s SEV-SNP.

Specifically, TEEs moved from client CPUs to server-grade hardware using DDR5 memory, which adopted deterministic AES-XTS memory encryption and stripped away memory integrity and replay protections in favor of performance and scalability.

In the technical paper, the researchers explain that they were able to capture the signal reliably by reducing the system’s memory clock to 3200 MT/s (1.6 GHz). For this, they attached a RDIMM riser and a custom probe isolation network between a DDR5 DIMM and the motherboard.

The researchers showcased attacks that allowed them to:

• Forge TDX attestations on Ethereum BuilderNet to access confidential transaction data and keys, enabling undetectable frontrunning.
• Fake Intel and NVIDIA attestations to run workloads outside TEEs while appearing legitimate.
• Extract ECDH private keys directly from enclaves, recovering the network’s master key, and fully breaching confidentiality.

To read the complete article see: Bleeping Computer.