Guest_Jim_* Posted November 2, 2018 Posted November 2, 2018 The year is almost over, but we are not done yet with new vulnerabilities being discovered that exploit some design feature of CPUs. Today PortSmash has been revealed and this side-channel attack works by exploiting simultaneous multithreading (SMT) to leak information that could then be used to reconstruct encrypted data. While this was tested only with Intel CPUs (Skylake and Kaby Lake specifically), the researchers state all CPUs using a form of SMT may be vulnerable, which would many more Intel CPUs (Hyperthreading is Intel's name for its SMT solution) and many AMD Ryzen CPUs as the Zen architecture supports SMT. More specifically, PortSmash works by using port contention to learn some characteristics of information being run on the same physical core, but different logical core. Processors with SMT support are able to execute more than one instruction at the same time thanks to the many functions the execution engine within a physical core is capable of. This allows the scheduling portion of the processor to send two different set of instructions to the same execution engine, having both run in parallel. Port contention is when those two instructions would actually require the same work be done, so one has to wait for the other to complete (or at least get partway down the pipeline). This delay caused by the contention is measured by PortSmash, making it a timing side-channel attack and the researchers were able to use it to extract an OpenSSL ( A fix for this vulnerability is to disable the SMT implementation in a system's BIOS, and apparently at least one of the researchers hopes this discovery will lead to the eventual end of SMT in processors. Another fix, at least for protecting OpenSSL is to update it to version 1.1.1 or 1.1.0i. Source: ZDNet and GitHub Back to original news post Share this post Link to post Share on other sites More sharing options...
Guest_Jim_* Posted November 4, 2018 Posted November 4, 2018 I really need to check all of my email folders more often. Was sent the Intel statement on this a couple days ago and was asked to share: Intel received notice of the research. This issue is not reliant on speculative execution, and is therefore unrelated to Spectre, Meltdown or L1 Terminal Fault. We expect that it is not unique to Intel platforms. Research on side-channel analysis methods often focuses on manipulating and measuring the characteristics, such as timing, of shared hardware resources. Software or software libraries can be protected against such issues by employing side channel safe development practices. Protecting our customers Share this post Link to post Share on other sites More sharing options...
Braegnok Posted November 4, 2018 Posted November 4, 2018 (edited) Side channel attacks have been used for years, https://www.rambus.com/blogs/an-introduction-to-side-channel-attacks/ Edited November 4, 2018 by Braegnok Share this post Link to post Share on other sites More sharing options...
Recommended Posts