A group of University of Illinois researchers released recently they have developed a new side channel attack technique that allows to manipulate the information leakage through the ring interconnection of Intel processors.
About this new type of attack three exploits have been proposed that allow you to do the following:
- Retrieve individual bits encryption keys when using RSA and EdDSA implementations that are vulnerable to side channel attacks (if the computational delays depend on the data being processed). For example, individual bit leaks with information about the EdDSA nonce vector are sufficient to use attacks to sequentially retrieve the entire private key. The attack is difficult to implement in practice and can be carried out with a large number of reserves. For example, successful operation is shown by disabling SMT (HyperThreading) and segmenting the LLC cache between CPU cores.
- Define parameters on the delays between keystrokes. The delays depend on the position of the keys and allow, through statistical analysis, to recreate the data entered from the keyboard with some probability (for example, most people tend to type "s" after "a" a lot faster than "g" then "s").
- Organize a covert communication channel to transfer data between processes at a speed of approximately 4 megabits per second, which does not use shared memory, processor cache, or specific processor structures and CPU resources. It is observed that the proposed method of creating a covert channel is very difficult to block by the existing methods of protection against attacks through side channels.
Los investigadores they also report that the exploits do not require elevated privileges and can be used by regular users without privileges, they also mention that the attack can potentially be tailored to organize data leakage between virtual machines, but this problem was beyond the scope of the investigation and the virtualization systems were not tested.
The proposed code has been tested on an Intel i7-9700 CPU in an Ubuntu 16.04 environment. In general, the attack method has been tested on Intel Coffee Lake and Skylake desktop processors, and is potentially applicable to Broadwell Xeon server processors.
Ring Interconnect technology appeared in processors based on the Sandy Bridge microarchitecture and consists of several loopback buses that are used to connect computational and graphics cores, northbridge and cache. The essence of the attack method is that due to the limited bandwidth of the ring bus, memory operations in one process delay access to the memory of another process. Once the implementation details are reverse engineered, an attacker can generate a payload that leads to memory access delays in another process and use the delay data as a side channel to obtain information.
Attacks on internal CPU buses are hampered by a lack of information about the architecture and operating methods of the bus, as well as a high level of noise that makes it difficult to extract useful data. It was possible to understand the principles of the bus through reverse engineering of the protocols used when transferring data over the bus. To separate useful information from noise, a data classification model based on machine learning methods was applied.
The proposed model made it possible to organize the monitoring of computational delays in a specific process, under conditions in which several processes simultaneously access memory and a part of the data is returned from the processor caches.
Finally, if you want to know more about it, you can consult the next document.