One Glitch to Rule them All: Fault Injection Attacks against AMD's Secure Encrypted Virtualization
15 December 2021
Presented by
Robert Buhren
(Technische Universität Berlin)
Abstract
In this talk, we present our voltage fault injection attack against the AMD Secure Processor (AMD-SP / PSP). The AMD-SP is an ARM core, embedded into modern AMD CPUs. It hosts the firmware implementing the SEV API and is a single point of failure for the SEV technology. Our attack allows us to deploy custom code on the AMD-SP on Zen 1, Zen 2 and Zen 3 CPUs. We present how our attack allows attackers to fully circumvent SEV’s protection guarantees. To the best of our knowledge, the presented attack cannot be mitigated and questions SEV’s security promises on all affected CPU generations.
See video on YouTube