Presented at
Black Hat USA 2022,
Aug. 10, 2022, 3:20 p.m.
(40 minutes)
This session covers the tunable replica circuit (TRC), a fault-injection detection circuit that has been integrated into Intel® Converged Security and Management Engine (Intel® CSME) in the recent 12th Gen Intel® Core™ Processor. This is Intel's first foray into active fault-injection attack detection in high-volume products such as CPUs and chipsets.
Ultimately, since a timing failure is the primary goal of fault-injection attacks and has been shown as the vehicle to cause unsigned code to run on other security engines, using the TRC to explicitly detect timing failures is Intel's current approach to fault-injection detection in client security engines. Unlike traditional analog voltage and clock monitors, the TRC detects timing failures that result from voltage, clock, temperature, and other glitch attacks, such as electromagnetic radiation. This session will introduce the TRC technology, how the TRC was integrated into Intel CSME, the process for calibrating the TRC in high volume manufacturing (HVM), as well as the false-positive and fault-injection testing that occurred in our physical attack labs.
Presenters:
-
Carlos Tokunaga
- Principal Engineer, Intel Labs, Intel Corporation
Carlos Tokunaga is a principal engineer in Intel Labs specializing in circuit design. His expertise includes the invention of circuits to detect aging in silicon, timing failures as well as fault-injection detection circuits and countermeasures.
-
Daniel Nemiroff
- Senior Principal Engineer , Intel Corporation
Daniel Nemiroff is a senior principal engineer in Intel's Product Assurance and Security organization with 27 years of industry experience. In 2005, Daniel's primary role moved to security where he has been responsible for Intel's integrated and discrete graphics security controllers, Intel's integrated TPM (AKA Platform Trust Technology), Intel's DRM solutions, remote attestation and recovery protocols. At present, he is partnering with XPU teams to drive a common architecture for confidential compute and is responsible for the fault-injection detection technology strategy and integration into client platforms. Daniel holds 45 granted or pending patents in security and storage technologies. Outside work Daniel is a 2nd degree black-belt in Shotokan Karate, an amateur triathlete, and enjoys building tree houses for his children.
Links:
Similar Presentations: