Masu haɓaka ƙungiyar Google Cloud sun gano yanayin rauni (CVE-2019-9836) a cikin aiwatar da fasahar AMD SEV (amintaccen ɓoyayyiyar hanya mai amfani), wanda zai iya daidaita bayanan kariya ta wannan fasaha.
AMD SEV a matakin kayan aikie yana samar da ɓoyayyen ƙwaƙwalwar ajiya na injunan kamala, inda kawai tsarin baƙi na yanzu ke da damar yin amfani da bayanan da aka ɓata, yayin da sauran injunan kama-da-wane da kuma mai kulawa da hypervisor suke samun ɓoyayyen bayanan lokacin da suka sami damar wannan ƙwaƙwalwar.
Matsalar da aka gano tana ba da damar dawo da abubuwan cikin maɓallin keɓaɓɓen maɓallin PDH wanda aka sarrafa a matakin mai sarrafa PSP guda ɗaya (AMD Security Processor) wanda ba shi da babban tsarin aiki.
Ta hanyar samun mabuɗin PDH, maharin na iya dawo da maɓallin zaman da jerin sirrin ƙayyade lokacin ƙirƙirar na'ura mai mahimmanci da samun damar ɓoyayyen bayanan.
Raunin yanayin ya faru ne saboda kurakurai a cikin aiwatar da lankwasassun elliptic (ECC) an yi amfani dashi don ɓoyewa, wanda ke ba da damar kai hari don dawo da sigogin ƙirar.
Yayin aiwatar da umarnin farawa na inji mai kariya, maharin na iya aika sigogin lanƙwasa waɗanda basu dace da sigogin da NIST ta ba da shawarar ba, wanda zai haifar da amfani da ƙimar mahimman tsari a cikin ayyukan haɓaka tare da bayanai daga madanni mai zaman kansa
An gano aiwatar da SEV na Elliptical Curve (ECC) mai saukin kamuwa da kai tsaye. A umarnin fara farawa, mai kawo hari zai iya aikawa
Orderaramar umarnin ECC ba su cikin layin NIST na hukuma, kuma suna tilasta wajan SEV firmware ya ninka ƙaramar ma'ana ta DH mai zaman kansa na ma'aunin tsafi.
Ta hanyar tattara isassun kayan shara, mai kai hari zai iya dawo da cikakken maɓallin keɓaɓɓen PDH. Tare da PDH, mai kai hari zai iya dawo da maɓallin zaman kuma ya ƙaddamar da sirrin inji mai kama da tsari. Wannan ya karya garantin sirrin da SEV ya bayar.
Tsaron yarjejeniyar ECDH ya dogara kai tsaye kan tsari na farkon farawa na kwana, wanda keɓaɓɓiyar logarithm aiki ne mai rikitarwa.
A ɗayan matakan don fara yanayin AMD SEV, ana amfani da sigogin da aka samo daga mai amfani a cikin lissafi tare da maɓallin keɓaɓɓe.
Ainihin, ana yin aikin ninka maki biyu, ɗayan yana dacewa da maɓallin keɓaɓɓe.
Idan aya ta biyu tana nuni da lambobi masu karancin tsari, to maharan na iya tantance sigogin maki na farko (raunin modulo da aka yi amfani da shi a cikin aiki modulo aiki) ta hanyar zayyana duk wasu dabi'u. Za'a iya haɗar da zaɓaɓɓun gutsuren lambobi don ƙayyade maɓallin keɓaɓɓu ta amfani da ka'idar Sinanci akan saura.
Harin kai tsaye mara inganci shine inda ake yin ninkin maki ECDH a kan lankwasa daban - sigogi daban-daban (a, b). Ana yin wannan a cikin gajeren aikin Weierstrass na maki tunda aikin 'b "ba shi da amfani.
A kan wannan ƙirar, ma'anar tana da ƙaramin tsari na farko. Ta hanyar gwada duk ƙimar da za a iya amfani da shi don ƙaramin tsari, mai kawo hari zai iya dawo da rarar ma'aunin masu zaman kansu (tsara tsarin).
AMD EPYC dandamali na uwar garken ta amfani da SEV firmware har zuwa version 0.17 gina 11 matsala ce.
AMD ya riga ya sake sabunta firmware, wanda ya ƙara makulli kan amfani da maki wanda bai yi daidai da ƙirar NIST ba.
A lokaci guda, takaddun takaddun da aka ƙirƙira a baya don maɓallan PDH suna nan suna aiki, suna ba maharin damar aiwatar da hari kan ƙaurawar inji mai ƙaura daga muhallin da ke da kariya daga rauni ga waɗanda ke ƙarƙashin matsalar.
Har ila yau, an ambaci yiwuwar yin samame a kan firmware wacce ta gabata, amma har yanzu ba a tabbatar da wannan fasalin ba.
Source: https://seclists.org/