Researchers Question Security in AMD’s Upcoming Zen Chips

Two German researchers are calling into question the security afforded by AMD’s Secure Encrypted Virtualization feature debuting in the chip maker’s upcoming Zen server chips.

As more computing heads to the clouds, security researchers are questioning the security of virtual machine control panels called hypervisors. One of the first hardware-based solutions to address these concerns will be deployed by chip manufacturer AMD, called Secure Encrypted Virtualization. The feature is part of its upcoming x86 AMD Zen server family of microprocessors, slated to be released in the second quarter of 2017.

But two German researchers are calling into question the security afforded by SEV, which is a processor extension that encrypts (using AES) guest memory in order to prevent a potentially malicious hypervisor from accessing guest data on virtual machines.

“We found that the currently proposed version of SEV is not up to the task owing to three design shortcomings,” according to Felicitas Hetzelt and Robert Buhren of the Technical University of Berlin who recently co-authored a technical review of the technology.

Because the AMD Zen chips are not yet available, researchers based their conclusions on publicly available documentation of the feature provided by AMD (PDF). In their analysis, researchers stressed that they cannot say for sure how attacks might apply to SEV on a real system.

AMD, in a short statement to Threatpost regarding the research study, said: “There are no AMD products in market with SEV, so it’s important to understand there is no existing vulnerability.”

Researchers say similar security approaches exist to protect data from malicious hypervisors, such as HyperWall and HyperCoffer. AMD hopes to bring that protection to the chip level and at the same time gain an edge over arch rival Intel, which does not yet have a similar hardware-based solution.

However, in their academic paper, Hetzelt and Buhren challenge AMD’s security assumptions that the SEV feature can thwart a malicious hypervisor controlled by a hacker from attacking virtual machines. The researchers were able to create three successful proof-of-concept attacks against SEV. They maintain that the SEV security measure can be fully circumvented under three scenarios.

“First, as with standard (AMD virtualization), under SEV, the virtual machine control block is not encrypted and handled directly by the hypervisor, allowing him to bypass VM memory encryption by executing conveniently chosen gadgets. Secondly, the general purpose registers are not encrypted upon vmexit, leaking potentially sensitive data. Finally, the control of the nested pagetables allows a malicious hypervisor to closely control the execution of a VM and attack it with memory replay attacks.”

Researchers explain that a system that can ensure the confidentiality of encryption keys in a virtual machine independently of whether the hypervisor has been compromised or not has a great potential to become widely used. Hence, the reports attention to a yet-to-be released AMD product.

“Although we discovered serious design issues of AMD’s SEV, we still think that the technology is promising considering the mitigations discussed in this paper,” Hetzelt and Buhren wrote.

This story was updated at 5:30 p.m. ET 12/8 to reflect the use of Advanced Encryption Standard (AES) as the specification used to protect guest memory within AMD’s Secure Encrypted Virtualization feature.

Suggested articles


  • looncraz on

    They make a lot of assumptions about how the implementation will actually be exposed to software. GP registers, for example, would likely be cleared or encrypted by software rather than hardware merely for flexibility reasons.
  • freinn on

    Is Intel scared? Seems so
  • Kenmoji on

    Firstly the are no single encryption method that can stop all possible attacks. Secondly there are no current SEV systems inside of chips. And thirdly AMD's use of SEV doesn't have to stop all possible attacks, as the researchers noted that SEV nice to have, and Intel has yet to implement.
  • Virgillionaire on

    *Funded by Intel
  • Smartroad on

    The researchers weren't employed by Intel by any chance? Hehe ;)
  • Chris on

    Im sure.. no mater how good initially the security is, eventually someone will find a way to breach it. And then some website journalist will find reason to bash AMD's efforts..And then go on to say team blue has better etc etc. And to top it off 100's of website bots will say the same junk in unimaginatively different ways and w/e has been said will become the gospel.. Its always the same, no one ever waits to see whats what....the chip IS slower than team blue, but price for price in multi thread operations Team red are at it again on paper flattening the other team. WAIT AND SEE.. the real hype should be on whatever Zen + is about, and all it might bring to the table not Zen.. ZEN is the clutch the main drive is Zen+..GOOD LUCK TEAM RED, we look forward to ZEN+ and what team blue have to offer at the same time dollar for dollar.This security thing is better currently then what both teams have out there.. to note it doesn't even have to be used.
  • Jeff on

    SGX anyone?
  • simon on

    yep funded by intel i believe ,intel have exactly the same vulnerabilities, vurtual cores ie hyperthreading as intel calls it vertual machines are not exactly the same as actual cores not as flexible or as responsive ,so yes i believe intel are very worried serves them right really they ve had it good for too long in my book , ive been with amd for three years and zen will be fantastic , i will get zen straight away

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.