Intel’s SGX Falls for a “WireTap”: How to Hack a CPU with Spare Change and a Screwdriver
Researchers from Georgia Tech and Purdue University have discovered that a passive DIMM interposer can compromise Intel SGX’s DCAP attestation mechanism. Dubbed “WireTap,” this attack requires physical access to the server and less than $1,000 in second-hand electronics, proving once again that hacking is cheaper than a Starbucks addiction.
Hot Take:
Who knew that a group of academic researchers could turn a simple DIMM interposer into the ultimate tech magician, pulling secrets out of Intel SGX like a rabbit out of a hat? It seems that with just $1,000, some second-hand electronics, and a bit of elbow grease, they’ve managed to make Intel SGX’s security look like Swiss cheese at a dairy convention. Hats off to these cyber Houdinis!
Key Points:
– Researchers from Georgia Tech and Purdue University created the WireTap attack to exploit Intel SGX.
– The attack requires a DIMM interposer and physical access to a server to break SGX’s DCAP attestation.
– The attack can compromise sensitive deployments like Phala, Secret, and Crust by extracting attestation keys.
– Intel acknowledged the attack but noted it requires physical access, which falls outside their threat model.
– Mitigation strategies include avoiding deterministic memory encryption and improving encryption block entropy.