One Glitch to Rule them All: Fault Injection Attacks against AMD's Secure Encrypted Virtualization

15 December 2021
Presented by Robert Buhren (Technische Universität Berlin)


Abstract

In this talk, we present our voltage fault injection attack against the AMD Secure Processor (AMD-SP / PSP). The AMD-SP is an ARM core, embedded into modern AMD CPUs. It hosts the firmware implementing the SEV API and is a single point of failure for the SEV technology. Our attack allows us to deploy custom code on the AMD-SP on Zen 1, Zen 2 and Zen 3 CPUs. We present how our attack allows attackers to fully circumvent SEV’s protection guarantees. To the best of our knowledge, the presented attack cannot be mitigated and questions SEV’s security promises on all affected CPU generations.


See video on YouTube