AMD SEV is a hardware feature designed for the secure encryption of virtual machines. SEV aims to protect virtual machine memory not only from other malicious guests and physical attackers, but also from a possibly malicious hypervisor. This relieves cloud and virtual server customers from fully trusting their server providers and the hypervisors they are using. We present the design and implementation of SEVered, an attack from a malicious hypervisor capable of extracting the full contents of main memory in plaintext from SEV-encrypted virtual machines. SEVered neither requires physical access nor colluding virtual machines, but only relies on a remote communication service, such as a web server, running in the targeted virtual machine. We verify the effectiveness of SEVered on a recent AMD SEV-enabled server platform running different services, such as web or SSH servers, in encrypted virtual machines.With these examples, we demonstrate that SEVered reliably and efficiently extracts all memory contents even in scenarios where the targeted virtual machine is under high load.
CCS CONCEPTS• Security and privacy → Virtualization and security; KEYWORDS AMD SEV, virtual machine encryption, page fault side channel, data extraction ACM Reference Format:
Today's computing devices keep considerable amounts of sensitive data unencrypted in RAM. When stolen, lost or simply unattended, attackers are capable of accessing the data in RAM with ease. Valuable and possibly classified data falling into the wrongs hands can lead to severe consequences, for instance when disclosed or reused to log in to accounts or to make transactions. We present a lightweight and hardware-independent mechanism to protect confidential data on suspended Linux devices against physical attackers. Our mechanism rapidly encrypts the contents of RAM during suspension and thereby prevents attackers from retrieving confidential data from the device. Existing systems can easily be extended with our mechanism while fully preserving the usability for end users.
In this paper, we propose a lightweight mechanism to isolate one or more Android userland instances from a trustworthy and secure entity. This entity controls and manages the Android instances and provides an interface for remote administration and management of the device and its software. We provide an administrative solution for dynamically modifying, removing or adding multiple Android instances remotely and locally. Furthermore, we present a secure device provisioning and enrollment solution for our system. Our approach includes several security extensions for secure network access, integrity protection of data on storage devices, and secure access to the touchscreen of mobile devices. Our implementation requires only minimal modification to the software stack of a typical Android-based smartphone, which allows easy porting to other devices when compared to other virtualization techniques. Practical tests show the feasibility of our approach regarding runtime overhead and battery lifetime impact
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.