Research Exposes Vulnerabilities in Memory Encryption for Confidential Computing

The video presents research by Yoan Bulck (KU Leuven University) and Yes Master on vulnerabilities in memory encryption technologies used in confidential computing, a security paradigm adopted by major cloud providers and processor vendors like Intel, AMD, IBM, and ARM. The study highlights that while confidential computing relies on processor-level isolation and memory encryption to protect data, industry implementations often sacrifice integrity and freshness protections for scalability, leaving systems vulnerable to physical attacks. Researchers demonstrated two attack methods: 'BadRAM,' which exploits writable Serial Presence Detect (SPD) chips on memory modules to create physical memory aliases, and 'Battering RAM,' a $50 interposer-based attack that flips address bits at runtime to bypass boot-time mitigations. These attacks enabled arbitrary read/write access to protected memory regions, including the extraction of Intel’s hardware provisioning keys from SGX enclaves, compromising the entire scalable SGX ecosystem. The findings were responsibly disclosed to AMD and Intel, though both vendors dismissed physical attacks as out of scope, aligning with a French cybersecurity agency’s assessment that users must implicitly trust cloud providers and their supply chains. The research underscores that hardware-based attacks on confidential computing are now feasible with minimal resources, challenging the security guarantees of widely deployed technologies.