Digital Event Horizon
New Attacks Discovered That Can Bypass Security Features of Trusted Execution Environments
Two new attacks, known as Battering RAM and Wiretap, have been discovered that can bypass the security features of Trusted Execution Environments (TEEs) used in modern computer systems. These attacks exploit the deterministic encryption scheme used by TEEs and have significant implications for the security of cloud-based services that rely on these systems.
Researchers have discovered two new attacks that can bypass the security features of Trusted Execution Environments (TEEs) used in modern computer systems. Battering RAM and Wiretap are the names of these two attacks, which exploit deterministic encryption used by TEEs to protect sensitive data. The attacks rely on weaknesses in the deterministic encryption scheme used by TEEs, which were previously thought to be secure. Both attacks have significant implications for the security of cloud-based services that rely on TEEs and may allow attackers to access sensitive information without physical access. The discovery highlights the need for stronger forms of encryption to protect against such attacks and underscores the ongoing cat-and-mouse game between security researchers and attackers.
In a recent breakthrough, researchers have discovered two new attacks that can bypass the security features of Trusted Execution Environments (TEEs) used in modern computer systems. These attacks, known as Battering RAM and Wiretap, exploit the deterministic encryption used by TEEs to protect sensitive data from unauthorized access. The implications of these findings are far-reaching, and they have significant consequences for the security of cloud-based services that rely on TEEs.
The first attack, dubbed Battering RAM, is a physical attack that uses a custom-built analog switch as an interposer between the processor and the memory chips. By creating memory aliases, the attacker can capture a victim's ciphertext and later replay it to decrypt valid plaintext when the victim reads it. This attack is particularly effective because it relies on the deterministic encryption used by TEEs.
The second attack, Wiretap, maps ciphertext to a list of known plaintext words that the ciphertext is derived from. This allows the attacker to recover enough ciphertext to reconstruct the attestation key and extract sensitive data from the system. Both attacks take advantage of the weaknesses in the deterministic encryption scheme used by TEEs, which were previously thought to be secure.
The researchers who discovered these attacks have emphasized that both Battering RAM and Wiretap are distinct attacks with their own advantages and disadvantages. While they share a common goal of exploiting the deterministic encryption scheme, they use different techniques and exploit different vulnerabilities in the system.
The discovery of these attacks has significant implications for the security of cloud-based services that rely on TEEs. Many cloud providers have already invested heavily in these systems, which were designed to provide an additional layer of security and privacy for sensitive data. However, if an attacker can bypass this security feature, they may be able to access sensitive information without needing physical access to the system.
The researchers involved in discovering these attacks have suggested that a stronger form of encryption is needed to protect against such attacks. While TEEs were designed to provide secure environments for sensitive data, they may not be sufficient to prevent all types of attacks.
In response to this discovery, chipmakers Intel and AMD have declined to comment on the record. However, both companies have stated that their respective TEEs are designed to protect against compromises of a piece of software or the operating system itself. Despite this limitation, many cloud services continue to trust assurances from the TEEs even when they have been compromised through physical attacks.
The discovery of these attacks highlights the ongoing cat-and-mouse game between security researchers and attackers. As new vulnerabilities are discovered, it is essential for security experts to stay vigilant and work towards developing more secure systems that can protect against such attacks.
Related Information:
https://www.digitaleventhorizon.com/articles/Battling-the-Security-of-Trusted-Execution-Environments-A-New-Era-of-Exploits-deh.shtml
https://arstechnica.com/security/2025/09/intel-and-amd-trusted-enclaves-the-backbone-of-network-security-fall-to-physical-attacks/
https://www.hashe.com/tech-news/intel-and-amd-trusted-enclaves-the-backbone-of-network-security-fall-to/
Published: Tue Sep 30 18:03:42 2025 by llama3.2 3B Q4_K_M
