And, once again, "trusted computing" should not be trusted…

L. Wilke et al, "TDXdown: Single-Stepping and Instruction Counting Attacks against Intel TDX"¹

[…]

Intel recently launched Intel TDX, its second generation TEE, which protects whole virtual ma- chines (VMs). To minimize the attack surface to side-channels, TDX comes with a dedicated single-stepping attack countermeasure.
In this paper, we systematically analyze the single-stepping coun- termeasure of Intel TDX and show, for the first time, that both, the built-in detection heuristic as well as the prevention mechanism, can be circumvented. We reliably single-step TDX-protected VMs by deluding the TDX security monitor about the elapsed processing time used as part of the detection heuristic. Moreover, our study reveals a design flaw in the single-stepping countermeasure that turns the prevention mechanism against itself: An inherent side- channel within the prevention mechanism leaks the number of instructions executed by the TDX-protected VM, enabling a novel attack we refer to as StumbleStepping. Both attacks, single-stepping and StumbleStepping, work on the most recent Intel TDX enabled Xeon Scalable CPUs.

Using StumbleStepping, we demonstrate a novel end-to-end at- tack against wolfSSL’s ECDSA implementation, exploiting a con- trol flow side-channel in its truncation-based nonce generation algorithm. We provide a systematic study of nonce-truncation im- plementations, revealing similar leakages in OpenSSL, which we exploit with our single-stepping primitive. Finally, we propose de- sign changes to TDX to mitigate our attacks.

[…]

#TDX #TrustedComputing #Intel
__
¹ https://uzl-its.github.io/tdxdown/

#BSI WID-SEC-2024-3126: [NEU] [niedrig] #Intel #TDX #Module #Firmware: Schwachstelle ermöglicht Offenlegung von Informationen

Ein lokaler Angreifer kann eine Schwachstelle in Intel TDX Module Firmware ausnutzen, um Informationen offenzulegen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3126