Plundervolt: How a Little Bit of Undervolting Can Create a Lot of Trouble

Kit Murdock; David Oswald; Flavio Garcia; Jo Van Bulck; Daniel Gruss; Frank Piessens

doi:10.1109/MSEC.2020.2990495

Plundervolt: How a Little Bit of Undervolting Can Create a Lot of Trouble

Kit Murdock, David Oswald, Flavio Garcia, Jo Van Bulck, Daniel Gruss, Frank Piessens

Computer Science

Research output: Contribution to journal › Article › peer-review

1 Citation (Scopus)

464 Downloads (Pure)

Abstract

Historically, fault injection was the realm of adversaries with physical access. This changed when research revealed that remote attackers could use software to inject faults. Plundervolt is a new software-based attack on Intel’s trusted execution technology (SGX). Plundervolt can break cryptography and inject memory-safety bugs into secure code.

Original language	English
Article number	9104908
Pages (from-to)	28-37
Journal	IEEE Security & Privacy Magazine
Volume	18
Issue number	5
Early online date	1 Jun 2020
DOIs	https://doi.org/10.1109/MSEC.2020.2990495
Publication status	Published - 1 Sept 2020

ASJC Scopus subject areas

Computer Networks and Communications
Electrical and Electronic Engineering
Law

Access to Document

10.1109/MSEC.2020.2990495

Plundervolt__How a little bitAccepted author manuscript, 498 KB

https://ieeexplore.ieee.org/document/9104908/

User-controlled hardware security anchors: evaluation and designs
Garcia, F. (Co-Investigator), Oswald, D. (Co-Investigator) & Ryan, M. (Principal Investigator)
Engineering & Physical Science Research Council, Hewlett-Packard Incorporated Uk Ltd
1/02/18 → 31/03/25
Project: Research

Cite this

@article{3df548306bd94a96bb20f5e5e7e9aeae,

title = "Plundervolt: How a Little Bit of Undervolting Can Create a Lot of Trouble",

abstract = "Historically, fault injection was the realm of adversaries with physical access. This changed when research revealed that remote attackers could use software to inject faults. Plundervolt is a new software-based attack on Intel{\textquoteright}s trusted execution technology (SGX). Plundervolt can break cryptography and inject memory-safety bugs into secure code.",

author = "Kit Murdock and David Oswald and Flavio Garcia and {Van Bulck}, Jo and Daniel Gruss and Frank Piessens",

year = "2020",

month = sep,

day = "1",

doi = "10.1109/MSEC.2020.2990495",

language = "English",

volume = "18",

pages = "28--37",

journal = "IEEE Security & Privacy Magazine",

issn = "1540-7993",

publisher = "Institute of Electrical and Electronics Engineers (IEEE)",

number = "5",

}

TY - JOUR

T1 - Plundervolt: How a Little Bit of Undervolting Can Create a Lot of Trouble

AU - Murdock, Kit

AU - Oswald, David

AU - Garcia, Flavio

AU - Van Bulck, Jo

AU - Gruss, Daniel

AU - Piessens, Frank

PY - 2020/9/1

Y1 - 2020/9/1

N2 - Historically, fault injection was the realm of adversaries with physical access. This changed when research revealed that remote attackers could use software to inject faults. Plundervolt is a new software-based attack on Intel’s trusted execution technology (SGX). Plundervolt can break cryptography and inject memory-safety bugs into secure code.

AB - Historically, fault injection was the realm of adversaries with physical access. This changed when research revealed that remote attackers could use software to inject faults. Plundervolt is a new software-based attack on Intel’s trusted execution technology (SGX). Plundervolt can break cryptography and inject memory-safety bugs into secure code.

UR - http://www.scopus.com/inward/record.url?scp=85086221616&partnerID=8YFLogxK

U2 - 10.1109/MSEC.2020.2990495

DO - 10.1109/MSEC.2020.2990495

M3 - Article

SN - 1540-7993

VL - 18

SP - 28

EP - 37

JO - IEEE Security & Privacy Magazine

JF - IEEE Security & Privacy Magazine

IS - 5

M1 - 9104908

ER -

Plundervolt: How a Little Bit of Undervolting Can Create a Lot of Trouble

Abstract

ASJC Scopus subject areas

Access to Document

Fingerprint

Projects

User-controlled hardware security anchors: evaluation and designs

Cite this