Intel Let Google Cloud Hack Its New Secure Chips and Found 10 Bugs

Google Cloud and Intel released results today from a nine-month audit of Intel’s new hardware security product: Trust Domain Extensions (TDX). The analysis revealed 10 confirmed vulnerabilities, including two that researchers at both companies flagged as significant, as well as five findings that led to proactive changes to further harden TDX’s defenses. The review and fixes were all completed before the production of Intel’s fourth-generation Intel Xeon processors, known as “Sapphire Rapids,” which incorporate TDX. 

Security researchers from Google Cloud Security and Google’s Project Zero bug-hunting team collaborated with Intel engineers on the assessment, which initially turned up 81 potential security issues that the group investigated more deeply. The project is part of Google Cloud’s Confidential Computing initiative, a set of technical capabilities to keep customers’ data encrypted at all times and ensure that they have full access controls.

The security stakes are incredibly high for massive cloud providers that run much of the world’s digital infrastructure. And while they can refine the systems they build, cloud companies still rely on proprietary hardware from chip manufacturers for their underlying computing power. To get deeper insight into the processors they’re depending on, Google Cloud worked with AMD on a similar audit last year and leaned on the longtime trusted relationship between Intel and Google to launch the initiative for TDX. The goal is to help chipmakers find and fix vulnerabilities before they create potential exposure for Google Cloud customers or anyone else.

“It’s not trivial because companies, we all have our own intellectual property. And in particular, Intel had a lot of IP in the technologies that they were bringing to this,” says Nelly Porter, group product manager of Google Cloud. “For us to be able to be incredibly open and trusting each other is valuable. The research that we’re doing will help everybody because Intel Trusted Domain Extension technology is going to be used not only in Google, but everywhere else as well.”

Researchers and hackers can always work on attacking hardware and online systems from the outside—and these exercises are valuable because they simulate the conditions under which attackers would typically be looking for weaknesses to exploit. But collaborations like the one between Google Cloud and Intel have the advantage of allowing outside researchers to conduct black box testing and then collaborate with engineers who have deep knowledge about how a product is designed to potentially uncover even more about how a product could be better secured.

After years of scrambling to remediate the security fallout from design flaws in the processor feature known as “speculative execution,” chipmakers have invested more in advanced security testing. For TDX, Intel’s in-house hackers conducted their own audits, and the company also put TDX through its security paces by inviting researchers to vet the hardware as part of Intel’s bug bounty program.

Anil Rao, Intel’s vice president and general manager of systems architecture and engineering, says the opportunity for Intel and Google engineers to work as a team was particularly fruitful. The group had regular meetings, collaborated to track findings jointly, and developed a camaraderie that motivated them to bore even deeper into TDX.