Sunday May 27, 2018

Epyc Fail? Researchers Say They Can Defeat AMD’s Virtual Machine Encryption

AMD's Epyc server chips utilize Secure Encrypted Virtualization (SEV) to automatically encrypt virtual machines on the fly while stored in memory, but researchers say that they can get around it with a technique dubbed SEVer: "miscreants at the host level can alter a guest's physical memory mappings, using standard page tables, so that the SEV mechanism fails to properly isolate and scramble parts of the VM in RAM."

News Image

This is not the first time eggheads have uncovered shortcomings in SEV's ability to lock down VMs: previous studies have examined how the memory management system can be exploited by hackers to poke inside encrypted guests. Fraunhofer AISEC's study, emitted on Thursday this week, takes this a step further, demonstrating that, indeed, the entire memory contents of a virtual machine could be pulled by a hypervisor even when SEV is active.

Discussion