|
Message-ID: <377cba1a-3a0a-214d-7dcc-3c7058ff9fbb@nebelwelt.net>
Date: Wed, 6 Mar 2019 21:35:17 +0100
From: Mathias Payer <mathias.payer@...elwelt.net>
To: oss-security@...ts.openwall.com
Subject: Transient execution attacks leveraging port contention
Hi there,
# Intro
We (a team of researchers from EPFL and IBM Research) are releasing details
about a new transient execution attack that leaks secrets from an uncooperating
process through a combination of speculative execution (we use branch target
injection) and port contention (for SMT threads).
# SMoTherSpecre
We introduce SMoTher, a port-based side channel that leaks information on what
instruction sequences were executed by the victim due to port contention. We
precisely characterize and measure this side channel.
Second, we combine SMoTher with a speculative execution attack to leak register
values or memory values (that are likely in caches). We call the combined side
channel SMoTherSpectre.
Our attack requires two gadgets: a BTI gadget that speculatively redirects
execution to a SMoTher gadgets that, through port contention, leaks which branch
was taken. By competing for execution ports, the attacker measures if the JCC in
the SMoTher gadget was either taken or not taken (based on the execution
profiles of either branch).
We first analyze the capabilities of this transient execution attack and find
that we can guess one bit with 60% probability (on one try) and 98% probability
(on 9 tries). Second, we target OpenSSL where we leverage an indirect call that
selects the cipher to encrypt/decrypt as BTI target to compare individual bytes
of the plaintext to zero (through a SMoTher gadget).
See the blog post for more details:
http://nebelwelt.net/blog/20190306-SMoTherSpectre.html
The paper draft is at: https://arxiv.org/abs/1903.01843
The PoC is at: https://github.com/HexHive/SMoTherSpectre
In our PoC we target Intel Skylake 6700 CPUs.
# Disclosure
We discovered SMoTher in June 2018 and SMoTherSpectre in November 2018. We
disclosed the details and PoC to Intel early December 2018. Our IBM research
collaborators finished the internal disclosure process on February 28.
# Credit
Atri Bhattacharyya, Alexandra Sandulescu, Matthias Neugschwandtner, Alessandro
Sorniotti, Babak Falsafi, Mathias Payer, and Anil Kurmus
As always, feedback, comments, and discussions are welcome.
Best,
Mathias (and all collaborators)
Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.