Description
Motivation
Recently, AMD introduced AMD SEV - a trusted execution environment that protects virtual machines from a malicious hypervisor. This is for example relevant in cloud environments, in which customers host their virtual machines in an environment controlled by another party.
However, research has shown that the missing integrity protection in AMD SEV allows for attacks . An example is the so-called SEVered attack.
(https://www.theregister.co.uk/2018/05/25/amd_epyc_sev_vm_encryption_bypass/)
For this thesis we would like to analyze which additional attacks can be launched due to the missing integrity protection.
Task description
You will get in touch with the following topics:
- Trusted Execution Environments, such as Intel SGX, ARM TrustZone and AMD SEV
- Operating System basics
- Programming in C(++)
- Scripting in Bash/Python
Existing in-depth knowledge in any of the areas is not required. Generation of own ideas is desired and creative work is encouraged.
Contact
Fraunhofer Institute for Applied and Integrated Security (AISEC) Mathias Morbitzer Email: mathias.morbitzer@aisec.fraunhofer.de Phone: +49 89 322-9986-164
|