Intel’s SGX coughs up crypto keys when scientists tweak CPU voltage
To counter the growing sophistication of computer attacks, Intel and other chip makers have built digital vaults into CPUs to segregate sensitive computations and secrets from the main engine computers use. Now, scientists have devised an attack that causes the Software Guard Extensions—Intel's implementation of this secure CPU environment to divulge cryptographic keys and induce potentially dangerous memory errors.
Plundervault, as the attack has been dubbed, starts with the assumption that an attacker is able to run privileged software on a targeted computer. While that's a lofty prerequisite, it's precisely the scenario Intel's SGX feature is designed to protect against. The chipmaker bills SGX as a private region that uses hardware-based memory encryption to isolate sensitive computations and data from malicious processes that run with high privilege levels. Intel goes as far as saying that "Only Intel SGX offers such a granular level of control and protection."
But it turns out that subtle fluctuations in voltage powering the main CPU can corrupt the normal functioning inside the SGX. By subtly increasing or decreasing the current delivered to a CPU—operations known as "overvolting" and "undervolting"—a team of scientists has figured out how to induce SGX faults that leak cryptographic keys, break integrity assurances, and potentially induce memory errors that could be used in other types of attacks.