Paper 2025/079

Uncovering Security Vulnerabilities in Intel Trust Domain Extensions

Upasana Mandal, Indian Institute of Technology Kharagpur
Shubhi Shukla, Indian Institute of Technology Kharagpur
Nimish Mishra, Indian Institute of Technology Kharagpur
Sarani Bhattacharya, Indian Institute of Technology Kharagpur
Paritosh Saxena, Intel (United States)
Debdeep Mukhopadhyay, Indian Institute of Technology Kharagpur
Abstract

Intel Trust Domain Extensions (TDX) has emerged as a crucial technology aimed at strengthening the isolation and security guarantees of virtual machines, especially as the demand for secure computation is growing largely. Despite the protections offered by TDX, in this work, we dig deep into the security claims and uncover an intricate observation in TDX. These findings undermine TDX's core security guarantees by breaching the isolation between the Virtual Machine Manager (VMM) and Trust Domains (TDs). In this work for the first time, we show through a series of experiments that these performance counters can also be exploited by the VMM to differentiate between activities of an idle and active TD. The root cause of this leakage is core contention. This occurs when the VMM itself, or a process executed by the VMM, runs on the same core as the TD. Due to resource contention on the core, the effects of the TD's computations become observable in the performance monitors collected by the VMM. This finding underscore the critical need for enhanced protections to bridge these gaps within these advanced virtualized environments.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
Microarchitecture attacksIntel TDXPerformance Counters
Contact author(s)
mandal up98 @ gmail com
shubhishukla @ kgpian iitkgp ac in
neelam nimish @ gmail com
sarani @ cse iitkgp ac in
paritosh saxena @ intel com
debdeep mukhopadhyay @ gmail com
History
2025-01-20: approved
2025-01-18: received
See all versions
Short URL
https://ia.cr/2025/079
License
Creative Commons Attribution-NonCommercial
CC BY-NC

BibTeX 

@misc{cryptoeprint:2025/079,
      author = {Upasana Mandal and Shubhi Shukla and Nimish Mishra and Sarani Bhattacharya and Paritosh Saxena and Debdeep Mukhopadhyay},
      title = {Uncovering Security Vulnerabilities in Intel Trust Domain Extensions},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/079},
      year = {2025},
      url = {https://eprint.iacr.org/2025/079}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.