07.05.2026
Past the Perimeter: Low-Cost Memory Interposer Attacks on Confidential Computing
Abstract
As cloud computing adoption grows, so do concerns about trust and data privacy. Confidential computing, powered by innovative hardware technologies like Intel SGX and AMD SEV, promises strong isolation and transparent memory encryption to protect against privileged attackers and physical threats such as bus snooping and cold boot attacks.
This talk overviews our recent work on BadRAM and BatteringRAM, showing that state-of-the-art memory encryption can be reliably bypassed with limited physical access and ~$50 of custom hardware. By introducing a novel form of runtime memory aliasing, we defeat even the firmware defenses deployed in response to our earlier findings; ultimately exposing fundamental limitations in today's scalable confidential computing designs.
Bio
Jo Van Bulck is a professor in the DistriNet lab at the Department of Computer Science of KU Leuven, Belgium. His research explores attacks and defenses at the hardware-software boundary, with particular attention to privileged side channels in trusted execution environments. Jo's research has uncovered several innovative attack vectors in commodity Intel x86 processors that have led to microcode and silicon mitigations in hardware, as well as software patches in major operating systems and compilers.
Photo provided by speaker
As cloud computing adoption grows, so do concerns about trust and data privacy. Confidential computing, powered by innovative hardware technologies like Intel SGX and AMD SEV, promises strong isolation and transparent memory encryption to protect against privileged attackers and physical threats such as bus snooping and cold boot attacks.
This talk overviews our recent work on BadRAM and BatteringRAM, showing that state-of-the-art memory encryption can be reliably bypassed with limited physical access and ~$50 of custom hardware. By introducing a novel form of runtime memory aliasing, we defeat even the firmware defenses deployed in response to our earlier findings; ultimately exposing fundamental limitations in today's scalable confidential computing designs.
Bio
Jo Van Bulck is a professor in the DistriNet lab at the Department of Computer Science of KU Leuven, Belgium. His research explores attacks and defenses at the hardware-software boundary, with particular attention to privileged side channels in trusted execution environments. Jo's research has uncovered several innovative attack vectors in commodity Intel x86 processors that have led to microcode and silicon mitigations in hardware, as well as software patches in major operating systems and compilers.
Photo provided by speaker