Attacks against AMD SEV

Supervisor(s):	Mathias Morbitzer
Status:	inprogress
Topic:	Software testing
Author:	Marko Dorfhuber
Type of Thesis:	Masterthesis
Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching
Description Motivation Recently, AMD introduced AMD SEV - a trusted execution environment that protects virtual machines from a malicious hypervisor. This is for example relevant in cloud environments, in which customers host their virtual machines in an environment controlled by another party. However, research has shown that the missing integrity protection in AMD SEV allows for attacks . An example is the so-called SEVered attack. (https://www.theregister.co.uk/2018/05/25/amd_epyc_sev_vm_encryption_bypass/) For this thesis we would like to analyze which additional attacks can be launched due to the missing integrity protection. Task description You will get in touch with the following topics: Trusted Execution Environments, such as Intel SGX, ARM TrustZone and AMD SEV Operating System basics Programming in C(++) Scripting in Bash/Python Existing in-depth knowledge in any of the areas is not required. Generation of own ideas is desired and creative work is encouraged. Contact Fraunhofer Institute for Applied and Integrated Security (AISEC) Mathias Morbitzer Email: mathias.morbitzer@aisec.fraunhofer.de Phone: +49 89 322-9986-164

Description