SPYING ON YOUR NEIGHBOR: CPU CACHE ATTACKS AND BEYOND spying on your neighbor: cpu cache attacks and

download SPYING ON YOUR NEIGHBOR: CPU CACHE ATTACKS AND BEYOND spying on your neighbor: cpu cache attacks and

of 148

  • date post

    23-Jul-2020
  • Category

    Documents

  • view

    3
  • download

    0

Embed Size (px)

Transcript of SPYING ON YOUR NEIGHBOR: CPU CACHE ATTACKS AND BEYOND spying on your neighbor: cpu cache attacks and

  • S P Y I N G O N Y O U R N E I G H B O R : 
 C P U C A C H E AT TA C K S A N D B E Y O N D

    B E N G R A S / @ B J G , K AV E H R A Z AV I , C R I S T I A N O G I U F F R I D A , H E R B E R T B O S 
 V R I J E U N I V E R S I T E I T A M S T E R D A M 
 
 B L A C K H AT U S A 2 0 1 8

  • A B O U T M E

  • A B O U T M E

    • PhD student in VUsec VU University Research group

  • A B O U T M E

    • PhD student in VUsec VU University Research group

    • Academic group researching systems software security

  • A B O U T M E

    • PhD student in VUsec VU University Research group

    • Academic group researching systems software security

    • We do software hardening, exploitation

  • A B O U T M E

    • PhD student in VUsec VU University Research group

    • Academic group researching systems software security

    • We do software hardening, exploitation

    • Hardware attacks, side channels

  • A B O U T M E

    • PhD student in VUsec VU University Research group

    • Academic group researching systems software security

    • We do software hardening, exploitation

    • Hardware attacks, side channels

    • Academic recognition but also hacker scene (Pwnies!)

  • A B O U T M E

    • PhD student in VUsec VU University Research group

    • Academic group researching systems software security

    • We do software hardening, exploitation

    • Hardware attacks, side channels

    • Academic recognition but also hacker scene (Pwnies!)

  • A B O U T M E

    • PhD student in VUsec VU University Research group

    • Academic group researching systems software security

    • We do software hardening, exploitation

    • Hardware attacks, side channels

    • Academic recognition but also hacker scene (Pwnies!)

  • O V E R V I E W

    • Side channels

    • Cache attacks

    • Cache defences

    • Hyperthreading

    • TLBleed

    • Evaluation

  • S I D E C H A N N E L S

  • S I D E C H A N N E L S

  • S I D E C H A N N E L S

    • Leak secrets outside the regular interface

  • S I D E C H A N N E L S

    • Leak secrets outside the regular interface

  • R I C H H I S T O R Y - S M A R T C A R D S

    • Power Consumption
 (FPGA Security by Shemal Shroff et al.)


    • EM radiation: leak ECC bits
 (FPGA Security by Shemal Shroff et al.)

    • Execution time: leak ECC, RSA bits
 (Timing Attacks on ECC by Shemal Shroff et al.)


    • Acoustic cryptanalysis
 (RSA Key Extraction [..] by Adi Shamir et al.)


  • R I C H H I S T O R Y - S M A R T C A R D S

    • Power Consumption
 (FPGA Security by Shemal Shroff et al.)


    • EM radiation: leak ECC bits
 (FPGA Security by Shemal Shroff et al.)

    • Execution time: leak ECC, RSA bits
 (Timing Attacks on ECC by Shemal Shroff et al.)


    • Acoustic cryptanalysis
 (RSA Key Extraction [..] by Adi Shamir et al.)


  • R I C H H I S T O R Y - S M A R T C A R D S

    • Power Consumption
 (FPGA Security by Shemal Shroff et al.)


    • EM radiation: leak ECC bits
 (FPGA Security by Shemal Shroff et al.)

    • Execution time: leak ECC, RSA bits
 (Timing Attacks on ECC by Shemal Shroff et al.)


    • Acoustic cryptanalysis
 (RSA Key Extraction [..] by Adi Shamir et al.)


  • R I C H H I S T O R Y - S M A R T C A R D S

    • Power Consumption
 (FPGA Security by Shemal Shroff et al.)


    • EM radiation: leak ECC bits
 (FPGA Security by Shemal Shroff et al.)

    • Execution time: leak ECC, RSA bits
 (Timing Attacks on ECC by Shemal Shroff et al.)


    • Acoustic cryptanalysis
 (RSA Key Extraction [..] by Adi Shamir et al.)


  • R I C H H I S T O R Y - S M A R T C A R D S

    • Power Consumption
 (FPGA Security by Shemal Shroff et al.)


    • EM radiation: leak ECC bits
 (FPGA Security by Shemal Shroff et al.)

    • Execution time: leak ECC, RSA bits
 (Timing Attacks on ECC by Shemal Shroff et al.)


    • Acoustic cryptanalysis
 (RSA Key Extraction [..] by Adi Shamir et al.)


  • C A C H E AT TA C K S

  • C A C H E : S O F T W A R E E Q U I VA L E N T

    • Computing processes ought to be compartmented

    • Different owners or privilege levels: trust boundaries

  • C A C H E : S O F T W A R E E Q U I VA L E N T

    • Computing processes ought to be compartmented

    • Different owners or privilege levels: trust boundaries

  • C A C H E : S O F T W A R E E Q U I VA L E N T

    • Computing processes ought to be compartmented

    • Different owners or privilege levels: trust boundaries

  • C A C H E : S O F T W A R E E Q U I VA L E N T

    • Computing processes ought to be compartmented

    • Different owners or privilege levels: trust boundaries

  • C A C H E : S O F T W A R E E Q U I VA L E N T

    • Computing processes ought to be compartmented

    • Different owners or privilege levels: trust boundaries

  • C A C H E : S O F T W A R E E Q U I VA L E N T

    • There are shared resources between processes

    • RAM, CPU cache, TLB, computational resources ..

    • Practically always: allows signaling: covert channel

    • Sometimes: allows side channel (spying)

  • • Shared RAM row
 (DRAMA paper, by Peter Peßl et al.)


    • Shared cache set 
 (FLUSH+RELOAD by Yuval Yarom et al.
 shown, many others exist)
 


    • Cache prefetch 
 (Prefetch Side-Channel Attacks,
 by Daniel Gruss et al.)

    C R O S S - P R O C E S S S H A R E D S TAT E

  • • Shared RAM row
 (DRAMA paper, by Peter Peßl et al.)


    • Shared cache set 
 (FLUSH+RELOAD by Yuval Yarom et al.
 shown, many others exist)
 


    • Cache prefetch 
 (Prefetch Side-Channel Attacks,
 by Daniel Gruss et al.)

    C R O S S - P R O C E S S S H A R E D S TAT E

  • • Shared RAM row
 (DRAMA paper, by Peter Peßl et al.)


    • Shared cache set 
 (FLUSH+RELOAD by Yuval Yarom et al.
 shown, many others exist)
 


    • Cache prefetch 
 (Prefetch Side-Channel Attacks,
 by Daniel Gruss et al.)

    C R O S S - P R O C E S S S H A R E D S TAT E

  • • Shared RAM row
 (DRAMA paper, by Peter Peßl et al.)


    • Shared cache set 
 (FLUSH+RELOAD by Yuval Yarom et al.
 shown, many others exist)
 


    • Cache prefetch 
 (Prefetch Side-Channel Attacks,
 by Daniel Gruss et al.)

    1 2 3 4 5

    11 12 13 14 15

    6 7 8 9 10

    16 17 18 19 20

    21 22 23 24 25 26 27 28 29 30

    C R O S S - P R O C E S S S H A R E D S TAT E

  • • Shared RAM row
 (DRAMA paper, by Peter Peßl et al.)


    • Shared cache set 
 (FLUSH+RELOAD by Yuval Yarom et al.
 shown, many others exist)
 


    • Cache prefetch 
 (Prefetch Side-Channel Attacks,
 by Daniel Gruss et al.)

    C R O S S - P R O C E S S S H A R E D S TAT E

  • • Shared RAM row
 (DRAMA paper, by Peter Peßl et al.)


    • Shared cache set 
 (FLUSH+RELOAD by Yuval Yarom et al.
 shown, many others exist)
 


    • Cache prefetch 
 (Prefetch Side-Channel Attacks,
 by Daniel Gruss et al.)

    C R O S S - P R O C E S S S H A R E D S TAT E

  • • Shared RAM row
 (DRAMA paper, by Peter Peßl et al.)


    • Shared cache set 
 (FLUSH+RELOAD by Yuval Yarom et al.
 shown, many others exist)
 


    • Cache prefetch 
 (Prefetch Side-Channel Attacks,
 by Daniel Gruss et al.)

    C R O S S - P R O C E S S S H A R E D S TAT E

  • C R O S S - P R O C E S S / V M S H A R E D S TAT E

    • This is only possible because of shared resources

  • C R O S S - P R O C E S S / V M S H A R E D S TAT E

    • This is only possible because of shared resources

  • E X A M P L E : F L U S H + R E L O A D

    • One of several cache attacks

    • Relies on shared memory

    • Can be shared object (mmap()ed shared libraries)

    • Or shared pages after deduplication (KSM in Linux)

  • E X A M P L E : F L U S H + R E L O A D

    • Work by Yuval Yarom, Katrina Falkner

    • Memory access patterns can betray secrets

    • Because access patterns frequently depend on secrets

    • Example: RSA keys. (n,e,d) Private: d. n=pq and d are 1024 bits or more

  • E X A M P L E : F L U S H + R E L O A D

    • Signing is: computing md (mod n)

    • Often square-and-multiply depending on bits in d

    • Shared cache activity betrays memory access patterns

    • Quickly probing the cache can betray the bits in d

  • E X A M P L E : F L U S H + R E L O A D

  • E X A M P L E : F L U S H + R E L O A D

  • E X A M P L E : F L U S H + R E L O A D

  • E X