Four researchers from the Fraunhofer Institute for Applied and Integrated Safety in Munich, Germany have published a research paper this week detailing a method of recovering data that is normally encrypted by AMD's Secure Encrypted Virtualization (SEV), a safety mechanism designed to encrypt the data of virtual machines running on servers with AMD CPUs.

The research team says their attack, which they named SEVered, is capable of recovering plaintext memory data from guest VMs running on the same server as the VM that's under attack, which should normally be encrypted by AMD SEV.

SEVered attack can recover data from encrypted VMs

"By repeatedly sending requests for the same resource to the service while re-mapping the identified memory pages, we extract all the VM’s memory in plaintext," researchers said in their paper, entitled "SEVered: Subverting AMD’s Virtual Machine Encryption."

SEVered attack

The attack is successful because the VM stores some of its data inside the main RAM memory, and "the page-wise encryption of main memory lacks integrity protection." This allows an attacker to map out the entire memory and then requests parts used by other nearby VMs, of which the attacked guest VM shouldn't be able to access, let alone in plaintext.

During tests of their attack, researchers said they were able to retrieve a test server's entire 2GB memory, including data from a guest VM.

Researchers achieved the best results by bombarding Apache and nginx with repeated requests, retrieving memory data at a speed of 79.4 KB/sec, while an attack on OpenSSH was slower, retrieving data at only 41.6 KB/sec.

SEV doesn't work as it was intended to work

A severe limitation that reduces the attack feasibility is the fact that an attacker needs admin rights to modify a server's hypervisor to carry out a SEVered attack, something that may be out of the reach of some intruders renting a guest VM if the server is kept up to date with security patches. But even if the attack requires admin access, SEVered is still worrisome because it reveals that SEV doesn't work as it was intended to work, as SEV was designed to protect against this types of attacks in the first place by encrypting data and putting it out of the reach of attackers with physical access or malicious apps running on the same system.

The research team also added that their SEVered attack isn't hindered by maxed out servers, being able to retrieve memory data even when the targeted VM is under a high load.

The team's work was showcased last month at the 11th European Workshop on Systems Security, held in Porto, Portugal.

For their test rig, researchers used an AMD Epyc 7251 processor, an AMD CPU meant for data centers, released in June 2017.

Related Articles:

Spectre and Meltdown Hardware Protection Added to Intel's 9th Gen CPUs

The Intel Microcode Boot Loader Protects Older CPUs From Spectre

Company Pretends to Decrypt Ransomware But Just Pays Ransom

Tech Support Scams Using Multiple Obfuscation Methods to Bypass Detection

Microsoft Releases Info on Protecting BitLocker From DMA Attacks