Wei Peng, Yinshuai Li, and Yinqian Zhang, Southern University of Science and Technology
Hardware memory encryption serves as the foundation for TEE security, where processors transparently encrypt data bound for DRAM while maintaining plaintext within CPU boundaries—a critical defense against physical attacks like memory bus snooping and cold-boot attacks. Although ubiquitous in major TEE implementations (Intel SGX/TDX, AMD SEV), design flaws have introduced severe vulnerabilities including ciphertext replacement attacks, ciphertext replay attacks, and ciphertext side-channel attacks.
Our work makes three key contributions: First, we present the first comprehensive analysis of Hygon CSV's memory encryption engine, a prominent TEE in China's confidential computing market. Second, we identify a novel vulnerability class stemming from tweak value repetition within 64-byte blocks, causing identical 16-byte plaintexts to generate identical ciphertexts. Third, we demonstrate how this enables CipherShadow Attacks through: (1) an automated binary scanner detecting vulnerable code patterns, (2) end-to-end attacks demonstrating both OpenSSH authentication bypass and machine learning training data reconstruction.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Wei Peng and Yinshuai Li and Yinqian Zhang},
title = {Shadows in Cipher Spaces: Exploiting Tweak Repetition in Hardware Memory Encryption},
booktitle = {34th USENIX Security Symposium (USENIX Security 25)},
year = {2025},
isbn = {978-1-939133-52-6},
address = {Seattle, WA},
pages = {5759--5776},
url = {https://www.usenix.org/conference/usenixsecurity25/presentation/peng-wei},
publisher = {USENIX Association},
month = aug
}
