Secret Labs Response to TEE.Fail DDR5 Vulnerability

Earlier today, researchers disclosed tee.fail -  a new class of attacks targeting Intel SGX and Intel TDX (Trusted Domain Extensions) on 4th and 5th Gen Intel Xeon Scalable Processors and on Intel Xeon 6 Processors . In essence, this attack is an extension of wiretap.fail attack disclosed in September this year, which targets 3rd Gen Intel Xeon Scalable Processors.

This vulnerability may allow an attacker with physical access to forge SGX and TDX attestations on the affected systems.

After reviewing the report and evaluating our systems, we can state the following:

Secret Network

No action is required from users of node operators of Secret Network. 

Neither data nor funds are at risk.

This attack is essentially an extension of wiretap.fail attack to additional processor models.

Secret Network has already implemented mitigations against the wiretap.fail attack and laid out a plan on further network improvements, as was disclosed at length in our post here.

SecretAI and SecretVM Products

All systems continue to operate securely, and there are no mitigation steps required by users of SecretAI or SecretVM

Our infrastructure and threat model

All the SecretVM and SecretAI servers are operated by us currently and hosted in certified cloud service providers.

Outside attackers would not gain anything from mounting such an attack against SecretVM or SecretAI instances. Indeed, they would need to redirect the legitimate traffic from users to their fraudulent servers to get any unauthorized access to data whatsoever.

Physical access requirement

The attack requires direct physical access to a machine, soldering wires and connecting specialized equipment, something that is effectively impossible in a data center, where access is tightly controlled and monitored by certified cloud providers.

Defence in depth: introducing Proof of Cloud

For defence in depth, we partnered with Phala, Near, Oasis, Nillion and other leading TEE projects to launch Proof of Cloud: a consortium of TEE operators who will cross-verify the provenance of each other’s servers and attest that they are indeed located within cloud providers that prevent physical access. New providers will be able to join by verifying the provenance of their hardware and run SecretVMs securely.

This initiative will help strengthen the global confidential computing ecosystem through transparency and mutual verification. 

We’re working with Intel and leading TEE networks to standardize Proof-of-Cloud as an industry-wide trust framework.

Please visit www.proofofcloud.org for more information on the initiative and its growing list of members.

Summary

• No action items for customers, no data or funds are at risk.
  
  
  

• The attack requires physical access, which is essentially impossible in our cloud environments.
  
  
  

• The ProofOfCloud initiative adds cross-verification and transparency across TEE operators, ensuring that the servers are not susceptible to physical attacks
  
  
  

• We remain in close collaboration with Intel on long-term mitigations.