TEE.Fail Side-Channel Attack Targets Intel and AMD DDR5 Secure Enclaves
Summary
Hide ▲
Show ▼
A new side-channel attack, TEE.Fail, allows extraction of secrets from secure enclaves in Intel and AMD DDR5 systems. Researchers from Georgia Tech, Purdue University, and Synkhronix developed the attack, which uses an interposition device to inspect memory traffic and extract cryptographic keys. The attack affects Intel's SGX, TDX, and AMD's SEV-SNP with Ciphertext Hiding. The attack leverages the deterministic nature of AES-XTS encryption, enabling the extraction of data from confidential virtual machines (CVMs) and compromising attestation processes. The researchers demonstrated the attack's capability to undermine Nvidia's GPU Confidential Computing and extract private signing keys from OpenSSL's ECDSA implementation. Both AMD and Intel have stated that physical vector attacks are out of scope for their security measures, and no mitigations are planned.
Timeline
-
28.10.2025 21:16 1 articles · 13d ago
TEE.Fail Side-Channel Attack Disclosed for Intel and AMD DDR5 Systems
Researchers from Georgia Tech, Purdue University, and Synkhronix disclosed a new side-channel attack, TEE.Fail, targeting Intel and AMD DDR5 systems. The attack uses an interposition device to inspect memory traffic and extract cryptographic keys from secure enclaves. The attack affects Intel's SGX, TDX, and AMD's SEV-SNP with Ciphertext Hiding. The researchers demonstrated the attack's capability to compromise Nvidia's GPU Confidential Computing and extract private signing keys from OpenSSL's ECDSA implementation. Both AMD and Intel have stated that physical vector attacks are out of scope for their security measures, and no mitigations are planned.
Show sources
- New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves — thehackernews.com — 28.10.2025 21:16
Information Snippets
-
TEE.Fail is a side-channel attack targeting Intel's SGX, TDX, and AMD's SEV-SNP with Ciphertext Hiding.
First reported: 28.10.2025 21:161 source, 1 articleShow sources
- New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves — thehackernews.com — 28.10.2025 21:16
-
The attack uses an interposition device built with off-the-shelf equipment costing under $1,000.
First reported: 28.10.2025 21:161 source, 1 articleShow sources
- New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves — thehackernews.com — 28.10.2025 21:16
-
The attack exploits the deterministic nature of AES-XTS encryption used by Intel and AMD.
First reported: 28.10.2025 21:161 source, 1 articleShow sources
- New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves — thehackernews.com — 28.10.2025 21:16
-
TEE.Fail can extract cryptographic keys, including ECDSA attestation keys from Intel's PCE.
First reported: 28.10.2025 21:161 source, 1 articleShow sources
- New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves — thehackernews.com — 28.10.2025 21:16
-
The attack can compromise Nvidia's GPU Confidential Computing and extract private signing keys from OpenSSL's ECDSA implementation.
First reported: 28.10.2025 21:161 source, 1 articleShow sources
- New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves — thehackernews.com — 28.10.2025 21:16
-
AMD and Intel have stated that physical vector attacks are out of scope for their security measures.
First reported: 28.10.2025 21:161 source, 1 articleShow sources
- New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves — thehackernews.com — 28.10.2025 21:16