Two teams of university researchers have recently uncovered new avenues for physical attacks directed at Intel and AMD's Trusted Execution Environment (TEE) chip technologies. Their research, published in peer-reviewed papers, uncovers vulnerabilities in the data encryption frameworks linking processors to main memory, effectively circumventing the security measures touted by the manufacturers.

A research group from institutions such as Graz University of Technology in Austria introduced an attack strategy termed CounterSEVeillance, aimed at AMD's Secure Encrypted Virtualization (SEV) technology. By employing performance counter side-channel attacks alongside single-step execution methods, they were able to swiftly extract a full RSA-4096 key from the Mbed TLS signing process in just minutes and also retrieve a six-digit time-based one-time password (TOTP).

Another study took advantage of dynamic voltage and frequency scaling (DVFS) capabilities, converting power analysis attacks into remote timing attacks. This approach successfully extracted cryptographic keys from Intel's Core microarchitectures spanning the 8th to 11th generations, as well as from AMD Ryzen processors. These attacks highlight inherent design flaws in TEE technologies when it comes to segregating virtual machine and operating system data, presenting potential risks to cloud service providers and potentially even to state-backed hacking entities.