“`html
A recently revealed flaw, dubbed the WireTap attack, permits individuals with direct physical access to compromise the defenses of Intel’s Software Guard eXtensions (SGX) on contemporary server CPUs and pilfer confidential data.
A research document published in October 2025 elaborates on how this technique can retrieve cryptographic keys from allegedly secure SGX enclaves utilizing an affordable configuration, questioning the fundamental trust established in these hardware-centric security frameworks.
This breach jeopardizes the confidentiality and integrity assurances of SGX, a technology commonly employed to safeguard sensitive information and computations, even against privileged software.
The researchers showcased that physical attacks, once thought to necessitate costly and specific apparatus, can now be conducted by enthusiasts with a budget under $1,000.
WireTap Attack
The essence of the WireTap attack involves a specially designed memory interposition probe that directly connects to the DRAM bus, enabling the assailant to monitor the data transmitted between the CPU and the system memory.
The researchers assembled this apparatus with readily accessible components sourced from used electronic marketplaces, featuring a simple DIMM riser board, tweezers, and a soldering device.
An important innovation involved decelerating the system’s high-speed DDR4 memory bus. By altering the DIMM’s metadata, the researchers compelled the system to function at a significantly reduced frequency.
This pivotal measure enabled the capture of data traffic using older and affordable logic analyzers not initially intended for contemporary hardware.
This strategy dismantles the long-standing belief that physical memory attacks on server-level systems were unattainable for anyone but the most financially endowed adversaries.
The assault specifically targets Scalable SGX, the variant utilized in Intel’s Xeon server processors, which depends on a deterministic memory encryption method known as AES-XTS.
In contrast to earlier SGX versions, this mechanism generates the same ciphertext whenever identical data is written to the same physical memory location.
The WireTap configuration permits assailants to monitor these encrypted memory exchanges in real time. By attentively managing an SGX enclave and compelling it to conduct cryptographic tasks, the researchers successfully executed a ciphertext side-channel breach.
They tracked the encrypted memory interactions during the creation of an ECDSA signature, a method utilized for SGX attestation. This enabled them to compile a dictionary of ciphertexts and retrieve the secret nonce employed in the signing process.
With both the nonce and the public signature, they effectively extracted the device’s private DCAP attestation key from a completely trusted server in less than 45 minutes.
The repercussions of obtaining an SGX attestation key are grave, especially for the blockchain and Web3 realms that depend on SGX for security.
Numerous decentralized networks, valued at hundreds of millions of dollars, leverage SGX to ensure private transactions and maintain computation integrity.
The researchers illustrated end-to-end attacks on various real-world SGX implementations. For privacy-first smart contract networks like Phala and Secret, a compromised key would empower an attacker to fabricate quotes, execute harmful enclaves, and extract master keys, thereby facilitating network-wide decryption of private transactions.
In decentralized storage networks like Crust, an attacker might counterfeit proof of storage, allowing them to claim financial incentives without genuinely storing any data, thus undermining the system’s integrity assurances. The researchers have shared their results with Intel and the impacted blockchain projects.
“`