Attestation mechanisms for trusted execution environments demystified
J Ménétrey, C Göttel, A Khurshid, M Pasin… - IFIP International …, 2022 - Springer
Attestation is a fundamental building block to establish trust over software systems. When
used in conjunction with trusted execution environments, it guarantees the genuineness of …
used in conjunction with trusted execution environments, it guarantees the genuineness of …
Hardware-based solutions for trusted cloud computing
O Demigha, R Larguet - Computers & Security, 2021 - Elsevier
The increasing number of threats targeting cloud computing and the exploitation of
specifically privileged software vulnerabilities have pushed the security managers of cloud …
specifically privileged software vulnerabilities have pushed the security managers of cloud …
Design and verification of the arm confidential compute architecture
The increasing use of sensitive private data in computing is matched by a growing concern
regarding data privacy. System software such as hypervisors and operating systems are …
regarding data privacy. System software such as hypervisors and operating systems are …
{CIPHERLEAKS}: Breaking Constant-time Cryptography on {AMD}{SEV} via the Ciphertext Side Channel
AMD's Secure Encrypted Virtualization (SEV) is a hardware extension available in AMD's
EPYC server processors to support confidential cloud computing. While various prior studies …
EPYC server processors to support confidential cloud computing. While various prior studies …
One glitch to rule them all: Fault injection attacks against amd's secure encrypted virtualization
R Buhren, HN Jacob, T Krachenfels… - Proceedings of the 2021 …, 2021 - dl.acm.org
AMD Secure Encrypted Virtualization (SEV) offers protection mechanisms for virtual
machines in untrusted environments through memory and register encryption. To separate …
machines in untrusted environments through memory and register encryption. To separate …
Exploiting unprotected {I/O} operations in {AMD's} secure encrypted virtualization
AMD's Secure Encrypted Virtualization (SEV) is an emerging technology to secure virtual
machines (VM) even in the presence of malicious hypervisors. However, the lack of trust in …
machines (VM) even in the presence of malicious hypervisors. However, the lack of trust in …
A systematic look at ciphertext side channels on AMD SEV-SNP
Hardware-assisted memory encryption offers strong confidentiality guarantees for trusted
execution environments like Intel SGX and AMD SEV. However, a recent study by Li et al …
execution environments like Intel SGX and AMD SEV. However, a recent study by Li et al …
Insecure until proven updated: analyzing AMD SEV's remote attestation
R Buhren, C Werling, JP Seifert - Proceedings of the 2019 ACM SIGSAC …, 2019 - dl.acm.org
Cloud computing is one of the most prominent technologies to host Internet services that
unfortunately leads to an increased risk of data theft. Customers of cloud services have to …
unfortunately leads to an increased risk of data theft. Customers of cloud services have to …
SEVered: Subverting AMD's virtual machine encryption
AMD SEV is a hardware feature designed for the secure encryption of virtual machines. SEV
aims to protect virtual machine memory not only from other malicious guests and physical …
aims to protect virtual machine memory not only from other malicious guests and physical …
Sevurity: No security without integrity: Breaking integrity-free memory encryption with minimal assumptions
One reason for not adopting cloud services is the required trust in the cloud provider: As they
control the hypervisor, any data processed in the system is accessible to them. Full memory …
control the hypervisor, any data processed in the system is accessible to them. Full memory …