Friday, January 15, 22:33
Home security The SGAxe attack steals protected data from Intel SGX pockets

The SGAxe attack steals protected data from Intel SGX pockets

The processors Intel are vulnerable to a new attack known as SGAxe that violates the security guarantees of Intel Software Guard eXtensions (SGX) pockets. This attack specifically targets and steals - leaks data from Intel processors. The SGAxe attack is an evolution of the CacheOut attack, also known as the L1D Eviction Sampling, and was discovered in January 2020 by researchers at the University of Michigan, the University of Adelaide and Data61. The CacheOut attack is identified as CVE-2020-0549 and may allow authorized persons invaders that have local access to targeted machinery to disclose information due to clearing errors in the temporary data memory of some Intel processors. Intel Software Guard eXtensions (SGX) is a modern feature feature security of Intel processors that allows applications to run in pockets (isolated memory areas built into the CPU), providing encryption memory based on material that isolates it code and application data in μνήμη.

The SGAxe attack allows SGX authentication keys to be extracted from an Intel pocket, allowing network intruders to "cryptographically forge" legitimate Intel SGX machines. The researchers used attacks SGAxe and CacheOut to steal private keys from the up-to-date and reliable SGX machines, explaining that they can arbitrarily compile SGX receipts that are then legally considered by Intel's certification service.

CacheOut and SGAxe mitigation
Intel will mitigate CacheOut and SGAxe attacks by providing microcode updates CPU to suppliers OEM to correct the "root" of the problem. These updates will then be delivered to end users as BIOS updates, with Intel also performing a Trusted Compute Base (TCB) recovery to override all previous signature and certificate collection keys. This process ensures that a system is secure and can therefore re-use remote authentication. However, since these are errors in the processor silicon, the software may mitigate these issues in the cost of performance and / or performance.

Intel will have to release repairs to address these issues to newer generations of processors, so that these attacks are not as successful as software mitigation.

Most Intel processors are vulnerable to attack. The SGAxe attack can be used on machines that use 9th generation Intel Coffee Lake Refresh processors, which are fully updated with all the SGX countermeasures that Intel has published so far. SGAxe only affects Intel processors, as its platform is the only one that offers Intel SGX capability. The SGAxe attack will be mitigated in the same microcode update designed to mitigate the CacheOut speculative attack. The full list of processors that may be affected by SGAxe was published by PSIRT.


Please enter your comment!
Please enter your name here

Every accomplishment starts with the decision to try.


Android: How to see which apps have access to your site

It's no secret that smartphone apps have access to many permissions - if you let them. It is important to make sure ...

Canon lets you take pictures from space

Instead of releasing new cameras for CES 2021, Canon is doing something different: It lets you take pictures from space ....

Wikipedia vs Big tech: Who fights misinformation?

As Election Day turned into US Election Week, Facebook, Twitter and YouTube were trying to prevent ...

Tesla: It is called to recall cars due to problematic screens

The touch screen in some Tesla cars seems to have a problem, which could ...

Ransomware is responsible for half of all data breaches in hospitals

Almost half of the data breaches committed in hospitals and the wider healthcare sector are due to ransomware attacks, ...

Astronomers have just found the oldest oversized black hole

A quasar was discovered in a dark corner of space - over 13,03 billion light-years away - and contains a ...

What are the best and most affordable 5G phones for 2021

The market will soon be flooded with mid-range 5G devices. Everything that happens will be really exciting: you will be able to ...

Verified Twitter accounts in a cryptocurrency scam with the name of Elon Musk violated!

Lately, hackers have been violating verified Twitter accounts in a cryptocurrency giveaway scam, in which the name of the CEO is used ...

Classiscam: Fraudsters "fake" brands and deceive users of European markets!

Dozens of criminal gangs publish fake ads in popular online markets, to attract unsuspecting users to "fraudulent" commercial sites or phishing ...

iOS 14.4: Displays a notification for repairs with non-genuine cameras

Starting with the iPhone 11, Apple has added a notification to iOS that tells the user when the device has a ...