[gabeio]

(quote from link)

> The key is generated by the AMD Secure Processor at boot.

Wouldn't this key _also_ be accessible? Maybe not on the same _chip_ but it's still at some level in a memory chip somewhere, they would just need to find it?

[Cody-99]

It isn't nearly as easy since the key never leaves the inside of the CPU. The key never goes to main memory or is exposed outside of the part used to encrypt/decrypt memory inside the CPU. Attacking a specific register instead the 'secure' enclave of a CPU is much harder than attacks like the OP where your rip out the RAM.

This type of system has been used pretty successfully for nearly a decade on the AMD SOCs used in the XBOX consoles.

[wtallis]

Possibly, but now you have only one circuit to harden against such attacks, and you can continue using commodity DRAM ICs and modules.

[sneak]

It's stored inside the CPU of the secure element, in something like a register. Otherwise both the key and the ciphertext would be in the ram and the protection would be pointless.

[dhx]

Seemingly it'd be possible to attack an operating memory controller by etching with a laser, editing the circuit with a Focused Ion Beam (FIB) machine and putting some probes down to extract the key. But it's then an arms race with chip manufacturers who would try and bake in ever more sophisticated and complex tamper-detection to their chips.

Look up Christopher Tarnovsky talks from Black Hat 2009, Black Hat 2010, DEF CON 20, hardwear.io 2019.