A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP

Li, Mengyuan; Wilke, Luca; Wichelmann, Jan; Eisenbarth, Thomas; Teodorescu, Radu; Zhang, Yinqian

doi:10.1109/sp46214.2022.9833768

Cited by 14 publications

(3 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this work we chose to only compare virtualization-based TEE implementations. Our work complements earlier security analysis of individual technologies [44], [28].…”

Section: B Earlier Evaluationsmentioning

confidence: 52%

SoK: Confidential Quartet - Comparison of Platforms for Virtualization-Based Confidential Computing

Guanciale

Paladi

Vahidi

2022

2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED)

View full text Add to dashboard Cite

Confidential computing allows processing sensitive workloads in securely isolated spaces. Following earlier adoption of process-based approaches to isolation, vendors are now enabling hardware and firmware support for virtualizationbased confidential computing on several server platforms. Due to variations in the technology stack, threat model, implementation and functionality, the available solutions offer somewhat different capabilities, trade-offs and security guarantees. In this paper we review, compare and contextualize four virtualizationbased confidential computing technologies for enterprise server platforms -AMD SEV, ARM CCA, IBM PEF and Intel TDX.

show abstract

“…In this work we chose to only compare virtualization-based TEE implementations. Our work complements earlier security analysis of individual technologies [44], [28].…”

Section: B Earlier Evaluationsmentioning

confidence: 52%

SoK: Confidential Quartet - Comparison of Platforms for Virtualization-Based Confidential Computing

Guanciale

Paladi

Vahidi

2022

2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED)

View full text Add to dashboard Cite

show abstract

“…Besides, BBHs may conceal bugs or even submit fake ones, which is also ruled out by our protocol (see §VI). Although we consider denial of service (DoS), AGORA does not cover side-channel attacks such as those in [76]- [78].…”

Section: Threat Modelmentioning

confidence: 99%

Altered global signal topography in Alzheimer's disease

Chen¹,

Zhao²,

Zhang³

et al. 2023

eBioMedicine

View full text Add to dashboard Cite

“…The SE encryption scheme salts each ciphertext value with fresh randomness through the True Random Number Generator (TRNG) to ensure that ciphertexts are diversified to thwart cryptanalysis attacks and some side-channel attacks, i.e., CIPHERLEAKS [52]. This requirement is specified in the ISA and can be ensured by a structural RTL check.…”

Section: Se Enclave Implementationmentioning

confidence: 99%

Security Verification of Low-Trust Architectures

Tan,

Fisseha,

Chen

et al. 2023

Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security

View full text Add to dashboard Cite

Low-trust architectures work on, from the viewpoint of software, always-encrypted data, and significantly reduce the amount of hardware trust to a small software-free enclave component. In this paper, we perform a complete formal verification of a specific low-trust architecture, the Sequestered Encryption (SE) architecture, to show that the design is secure against direct data disclosures and digital side channels for all possible programs. We first define the security requirements of the ISA of SE low-trust architecture. Looking upwards, this ISA serves as an abstraction of the hardware for the software, and is used to show how any program comprising these instructions cannot leak information, including through digital side channels. Looking downwards this ISA is a specification for the hardware, and is used to define the proof obligations for any RTL implementation arising from the ISA-level security requirements. These cover both functional and digital side-channel leakage. Next, we show how these proof obligations can be successfully discharged using commercial formal verification tools. We demonstrate the efficacy of our RTL security verification technique for seven different correct and buggy implementations of the SE architecture. CCS CONCEPTS• Security and privacy → Formal methods and theory of security; Information flow control; Security requirements; Side-channel analysis and countermeasures.

show abstract

A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP

Cited by 14 publications

References 17 publications

SoK: Confidential Quartet - Comparison of Platforms for Virtualization-Based Confidential Computing

SoK: Confidential Quartet - Comparison of Platforms for Virtualization-Based Confidential Computing

Altered global signal topography in Alzheimer's disease

Security Verification of Low-Trust Architectures

Contact Info

Product

Resources

About