The PortSmash attack hits the Intel Hyper-Thread CPUs and leaves with encryption keys • The registry

Brainiacs in Cuba and Finland have discovered a new vulnerability of side channels in Intel x64 processors that could allow an attacker to detect cryptographic keys and other privileged information.

After Intel's breakthrough at the beginning of October, specialists from the Tampere University of Technology in Finland and the Technical University of Havana, Cuba, released the proof of concept that was published in October. they call PortSmash.

The research team used PoC to steal a P-384 OpenSSL private key (version 1.1.0h or lower) to a TLS server. (Later versions of OpenSSL are not likely.)

To perform this secret monitoring, the exploit code must be run on the attacked system, especially on the same processor core as the process you want to extract. This means that it can not be used to spy on software remotely or easily on the same host, but it might be useful to determined scoundrels and lunatics who have managed to infiltrate someone's computer. one of the others. Basically, you must already be able to run your own malicious code on a machine to be able to scramble it.

In a publication on a secure mailing list, Bill Brumley, an assistant professor in the generalized computer department at the Tampere University of Technology, said the leak of information had been made possible through the Intel's implementation of simultaneous multiprocessing, called Hyper-Threading.

SMT works by allowing, in general, two separate running programs to share the same core processor at about the same time: two threads in two independent processes can be run side by side in a single core of processor. If you have four cores and two of these hardware SMT threads by heart, it's actually eight cores per processor with respect to application software, which means that a larger one number of tasks can be executed per second. SMT therefore improves performance, but may in some cases reduce performance depending on the type of workload.

The disadvantage is that it is possible for one code in one hardware thread to look over the shoulder of code in the other hardware thread, on the same kernel, and determine what what does his partner do? To do this, he can study access patterns to cache or determine the time it takes to complete an operation. This is why cryptography software developers are encouraged to incorporate defenses to counter eavesdropping.

"We are detecting a port conflict to build a time channel to extract information from processes running in parallel on the same physical core," Brumley said.

Thus, the attack works by running the PortSmash process with a selected victim process, on the same core processor, each process using one of the two hardware threads of the kernel. The PortSmash code then measures the timing discrepancies to monitor the operations performed by the other process and gradually discern its protected data.

This means that if the spying process performs some kind of cryptography, the PortSmash process sharing the same processor core can extract secret information, such as a decryption key, from its victim program.

The fix, suggests Brumley, is to disable SMT / Hyper-Threading in the BIOS of the processor chip. OpenBSD already disables Intel's hyper-threading for security reasons.

PoC, says Brumley, works immediately with Intel's Skylake and Kaby Lake, although it has not been tested on other Intel chips. He suggests that it can work for other SMT architectures, such as the AMD Zen processor family, if changes are made to the code.

A VEC has been proposed, CVE-2018-5407. However, Intel does not seem to think that it deserves a fix. On the one hand, this has nothing to do with this year's speculative run-downs: Spectrum, Meltdown, and so on.

In a statement sent to The registerAn Intel spokesperson suggested that any risk could be mitigated by existing software protections, such as code writing resistant to SMT side channel attacks. Chipzilla, for the most part, resumes a suggested line in the discussion of the mailing list flaw regarding the flaw that it is not so much a vulnerability as a "fully anticipated of SMT.

"Intel has been informed of the results of the research," said the chip maker's spokesperson. "This problem does not depend on a speculative run and is therefore not related to Spectrum, Meltdown, or an L1 terminal fault." We expect that it is not peculiar to Intel platforms such as synchronization, shared hardware resources Software or software libraries can be protected against such problems by using safe development practices on side channels. "

Intel spokesman reiterated that the company took the data protection of customers very seriously and considered it a top priority.

An AMD spokesperson told us they were looking at the issue: "AMD, security is a top priority and we are working continuously to keep our users safe when new risks arise. we have just received, to understand any potential sensitivity to AMD products. "®