On Fri, 2018-12-07 at 14:57 +0300, Kirill A. Shutemov wrote: > > What is the threat model anyway for AMD and Intel technologies? > > > > For me it looks like that you can read, write and even replay > > encrypted pages both in SME and TME. > > What replay attack are you talking about? MKTME uses AES-XTS with physical > address tweak. So the data is tied to the place in physical address space and > replacing one encrypted page with another encrypted page from different > address will produce garbage on decryption. Just trying to understand how this works. So you use physical address like a nonce/version for the page and thus prevent replay? Was not aware of this. /Jarkko
