Sophie SchmiegMar 5, 2025

This was a really fun vulnerability to have the pleasure to consult on:

https://bughunters.google.com/blog/5424842357473280/zen-and-the-art-of-microcode-hacking

It turns out AES-CMAC is not second preimage resistant if you know the key (double so if the key is in an RFC), and 2048 bit numbers are quite often very easy to factor.

Blog: Zen and the Art of Microcode Hacking

This blog post covers the full details of EntrySign, the AMD Zen microcode signature validation vulnerability recently discovered by the Google Security team.

Show threadSpaceLifeFormMar 5, 2025

@sophieschmieg

Is the problem really due to RSA?

#SiliconTurtles

Show threadSophie Schmieg
@SpaceLifeForm the problem is the combination of insecure hash function with RSA.
Mar 6, 2025 at 12:55amWeb