Hacker News new | ask | show | jobs
by ongy 1033 days ago
Yes and no. Mostly no IMO

The memory encryption features are a solution to very specific problems.

If the CPU is able to access the memory, then any exploit that gains the execution context of the legitimate user can also access the memory. If it doesn't, the normal memory access control should be enough.

I'm iffy on how well they protect against the various side channels. Mostly because I haven't looked far enough into it.

IME it protects against cold boot attacks, a theoretic attack of a logic analyzer on the memory bus, and potentially to some degree unbounded reads. But the latter only with very limited gadgets.
2 comments
dlgeek 1032 days ago
Should protect against warm boot attacks since the key is supposed to be reset on CPU reboot.
link
brohee 1033 days ago
Yeah I was unclear, it's supposed to address the physical attacks part. If no key leaves the CPU unwrapped, it's down to software exploits and decapping the CPU...
link
ongy 1033 days ago
Gotcha. Yes

There's also this project https://www.cs1.tf.fau.de/research/system-security-group/tre... which reserves some CPU registers (iirc. A hardware aes accelerator on one core) to prevent key leakage.

link