This site uses cookies. Browsing the site, you agree to the use of cookies. If you need more information, please visit the Cookies Policy page
Прямой эфир
Cryptocurrencies: 3568 / Markets: 20901
Market Cap: $ 175 462 541 340 / 24h Vol: $ 116 007 747 108 / BTC Dominance: 65.3072%

Н News

Intel SGX Vulnerability Discovered, Cryptocurrency Keys Threatened


Researchers have published a paper identifying a “Load Value Injection” proof-of-concept attack that targets Intel SGX processors.

A vulnerability has reportedly been discovered in Intel’s Software Guard eXtensions (SGX) allowing passwords, encrypted keys, and other sensitive data to be siphoned from a computer’s memory.

On March 10, computer researcher Daniel Gruss uploaded a video to YouTube describing how the proof-of-concept attack, dubbed a “Load Value Injection [LVI],” can be used to steal sensitive data from Intel SGXs — including encrypted keys for cryptocurrency exchanges and wallets. 

The attack is significant as SGX processors are designed to provide secure storage sensitive stored within a computer's memory, even when in the presence of a malicious operating system.

LVI discloses cryptocurrency keys from Intel SGX

The LVI works by getting a vulnerable system to run a script that could be hosted on a malicious website or application to launch a side-channel attack targeting the SGX. Once compromised, the attacker can access encrypted keys stored within the SGX. Gruss states:

“In a meltdown-type attack, the attacker deliberately tries to load secret data — causing the processor to cancel and reissue the load. The canceled load keeps on running for a short time — long enough for an attacker to perform operations on the secret data.” 

LVI attacks were first discovered by Jo Van Bulk during April 2019. He published an academic paper detailing the attack on March 10, which included contributions from Daniel Gruss and eight other researchers.

Attacks are not expected to target consumer computers

The paper describes LVI attacks as a reverse Meltdown attack, with the researchers noting that while LVI primarily targets Intel CPUs, other chips that are vulnerable to Meltdown are also susceptible to it.

However, the researchers conclude that it is unlikely that LVI attacks will be used to exploit consumer machines, citing the extreme difficulty of carrying out LVI, and the prevalence of easier means with which to compromise consumer-grade computer systems. 

The attack must also be carried out at the time that the malicious code is executed, further reducing the likelihood that the LVI exploit will be used to target consumer machines.

Intel publishes list of vulnerable processors

In response to the paper, Intel has published a list compiling all of its processors that are vulnerable to LVI, noting that all Intel chips with hardware fixed for Meltdown are not at risk. Intel stated:

“Researchers have identified a new mechanism referred to as Load Value Injection (LVI). Due to the numerous complex requirements that must be satisfied to successfully carry out, Intel does not believe LVI is a practical method in real-world environments where the OS and VMM are trusted.”


comments powered by Disqus