A groundbreaking security research project dubbed TEE.fail has exposed critical vulnerabilities in modern Trusted Execution Environments (TEEs) from Intel, AMD, and Nvidia, revealing that attackers can extract cryptographic keys through physical memory bus interposition using off-the-shelf equipment.
The research demonstrates that despite hardware-level security protections, physical attackers can compromise confidential computing environments by intercepting DDR5 memory traffic.
Breaking TEE Protections Through DDR5 Memory Interposition
The researchers developed a DDR5 DRAM bus interposer device, constructed from commodity electronic components and hand-soldered together, capable of capturing all memory transactions between processors and memory modules.
What makes this attack particularly concerning is that it works against fully patched systems running Intel TDX and AMD SEV-SNP with Ciphertext Hiding enabled technologies specifically designed to protect virtual machine data and integrity from compromised hypervisors and root-level attackers.
The attack exploits a fundamental weakness in how Intel and AMD implement memory encryption. Both companies utilize deterministic encryption modes, meaning identical plaintext blocks encrypt to identical ciphertext blocks.
By observing patterns in encrypted memory traffic, such as repeated write operations, attackers can infer information about underlying data without decrypting it.
The researchers demonstrated this by showing how three memory write operations (zeros, ones, then zeros again) produce identical encrypted values for the first and third operations, allowing attackers to compare and analyze data relationships.
Most alarmingly, the team successfully extracted ECDSA attestation keys from Intel’s Provisioning Certification Enclave (PCE) in a single signing operation, then forged valid TDX attestation quotes that passed verification using Intel’s official DCAP Quote Verification Library.
These forged quotes carry the highest trust level designation, “UpToDate,” suggesting they originated from legitimate, up-to-date hardware a critical breakthrough that enables downstream attacks.
From CPUs to GPUs: Expanding Attack Surface
The vulnerability extends beyond CPU-based TEEs to Nvidia’s GPU Confidential Computing. By extracting attestation keys from Intel machines, researchers demonstrated how to compromise Nvidia’s GPU security, potentially allowing unauthorized execution of AI workloads without TEE protections.
This cross-platform compromise capability significantly amplifies the threat landscape. Perhaps most troubling, researchers developed a portable briefcase version of their interposer that fits under airplane seats, a sobering reminder of how straightforward physical access attacks have become.
The attack requires no software-level exploitation, making traditional patch-based mitigations ineffective.
Their analysis suggests that compromised attestation keys could be leveraged to extract significant financial value from cryptocurrency services and cloud computing platforms that rely on TEE-based security guarantees.
The research was conducted by teams from Georgia Tech and Purdue University with support from AFOSR.
This work fundamentally challenges assumptions about hardware-rooted security in cloud environments and suggests that physical access protections remain critically important despite technological advances in confidential computing.
Find this Story Interesting! Follow us on Google News , LinkedIn and X to Get More Instant Updates
