Researchers from Georgia Tech and Purdue have demonstrated that Intel SGX’s security guarantees can be bypassed on DDR4 systems using a physical interposer device called WireTap. This attack allows malicious actors to extract SGX attestation keys and compromise data confidentiality and integrity in trusted execution environments. #IntelSGX #WireTap
Keypoints
- SGX’s security can be bypassed through physical memory traffic interception with the WireTap device.
- The attack exploits deterministic memory encryption to recover cryptographic keys from SGX enclaves.
- WireTap and Battering RAM are two low-cost methods to break SGX’s confidentiality and integrity protections.
- The research outlines potential risks to blockchain platforms using SGX for secure transactions.
- Intel states this attack falls outside their threat model due to the requirement of physical access to hardware.
Read More: https://thehackernews.com/2025/10/new-wiretap-attack-extracts-intel-sgx.html