
Plundering of crypto keys from ultrasecure SGX sends Intel scrambling again - ColinWright
https://arstechnica.com/information-technology/2020/06/new-exploits-plunder-crypto-keys-and-more-from-intels-ultrasecure-sgx/
======
robocat
The important part of the article comes half way through, under the heading
“But wait... there’s also CrossTalk“.

“The second SGX attack is notable because it’s based on a previously unknown
side channel created by an undocumented buffer that all Intel CPU cores use.
This ‘staging buffer,’ as researchers from Vrije University in Amsterdam and
ETH Zurich call it, retains the results of previously executed offcore
instructions across all CPU cores. [snip] First, the staging buffer retains
output from RDRAND and RDSEED“

“Equally important, the side channel provided by this newly discovered staging
buffer allowed the attackers to create the world’s first-known speculative
execution attack that works across CPU cores.” Disabling Intel SMT
(hyperthreading) does not protect from this attack.

I also like the comment: “Most of these attacks are targeted at the data
center.” riposte: “Even if you are completely unconcerned with your machine
being a security swiss cheese, [snip] every time Intel patches a mitigation,
performance tanks.”

