Newest Intel Side-Channel Attack Sniffs Out Sensitive Data

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
Intel processors are vulnerable to a new side-channel attack, which researchers said can allow attackers to steal sensitive information such as encryption keys or passwords.

Unlike previous side-channel attacks, this attack does not rely on sharing memory, cache sets and other former tactics. Instead it leverages a component called CPU ring interconnect contention. This component facilitates communication across various CPU units – including cores, the last-level cache, system agent, and graphics unit – on modern Intel processors, such as the Skylake and Coffee Lake CPUs.
Riccardo Paccagnella, one of the researchers with the University of Illinois at Urbana-Champaign who discovered the attack, told Threatpost that the side-channel attack could give attackers the means to infer “key bits” from both vulnerable cryptographic implementations and from the precise timing of keystrokes typed by a victim user.

“The attacker needs to be able to already run unprivileged code on the machine under attack,” Paccagnella told Threatpost. “This may be possible by either fooling the user into downloading some code (e.g. a malicious app/malware) and run it, stealing the credentials of an unprivileged user of the same machine (and then, e.g., SSH-ing into it), or exploiting remote code execution vulnerabilities.”

In their research paper [PDF]: “Lord of the Ring(s): Side Channel Attacks on the CPU On-Chip Ring Interconnect Are Practical,” researchers said the attack is unique because it works in spite of some previous side-channel defenses.

“In this paper, we present the first on-chip, cross-core side channel attack that works despite [previous] countermeasures,” said the team of University of Illinois at Urbana-Champaign researchers in their paper, which will be presented at USENIX Security 2021.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top