Announcement

Collapse
No announcement yet.

Researchers Discover Intel CPU Ring Interconnects Vulnerable To Side Channel Attack

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • ms178
    replied
    Originally posted by milkylainen View Post
    Hardware has passed without much security scrutiny at all.
    Nobody has questioned design beside the blatantly obvious ones.

    Now as researchers turn their watchful eyes towards processors and hardware... yeah.
    Everything will start to look like the Swiss cheese it actually is...
    As security matters for some customers, it makes me wonder why secure hardware design hasn't been a priority for companies and researchers alike up until Spectre/Meltdown hit the surface. Maybe it was simply thought as beeing too hard to exploit?
    Last edited by ms178; 08 March 2021, 01:34 PM.

    Leave a comment:


  • milkylainen
    replied
    Hardware has passed without much security scrutiny at all.
    Nobody has questioned design beside the blatantly obvious ones.

    Now as researchers turn their watchful eyes towards processors and hardware... yeah.
    Everything will start to look like the Swiss cheese it actually is...

    Leave a comment:


  • AndyChow
    replied
    "encryption keys being leaked" That doesn't sound good. Not one bit.

    The paper is really good. Nice to see it's not being some paywall. From the paper "Our POC considers the worst-case scenario described above and leaks one key bit per run of the victim. To simplify the process of inferring a key bit from each resulting trace, our POC uses a Support Vector Machine classifier (SVC). Note that while the RSA and EdDSA implementations we consider are already known to be vulnerable to side channels, we are the first to show that they leak over the ring interconnect channel specifically".

    Leave a comment:


  • Sonadow
    replied
    Not that I care.

    Do Intel hardware enjoy greater availability than AMD hardware right now? Yes? Decision made.

    All these 'vulnerabilities' are nothing more than academic hot air. Spectre and Meltdown caused a big hooha, and yet even today there are boatloads of people and organizations disabling Spectre and Meltdown mitigations and hardly being worse off in any way.
    Last edited by Sonadow; 08 March 2021, 10:32 AM.

    Leave a comment:


  • numacross
    replied
    As far as I know Intel Xeons can be sorted into 2 groups:
    1. real Xeons
    2. "Xeons"
    1) Up until Broadwell they have been using a ring bus architecture (higher core parts use two buses). From Skylake-SP they are using an on-chip mesh network. So up until Xeon E3/E5/E7 v4 it's all ring bus. Xeon Bronze/Silver/Gold/Platinum is mesh. Some Xeons D also use ring, and some are Skylake-SP+ based.
    2) Those are just re-branded desktop parts that utilize the ring bus in even the latest models.

    It'll be interesting to see how Intel handles this.

    Leave a comment:


  • pipe13
    replied
    Originally posted by TemplarGR View Post
    At this point, buying Intel is a big no-no.
    Side-channel attack? Heck, even an Abacus is vulnerable

    Leave a comment:


  • ThoreauHD
    replied
    Looks like their high end coffee lake was tested. From the code, with key intercepts, this would probably need to be rolled into a rootkit for it to do any damage.

    I do find it strange that their research did not explore more than one coffee lake cpu. The computer lab guy at Uni is gonna have shelves full of crap in his storage closet. Not an intel fan, but this study seems a little hit and run. Guy dumps the code 12 hours ago, and has already scheduled a Usenix conference. This needs more eyeballs first.

    Leave a comment:


  • TemplarGR
    replied
    At this point, buying Intel is a big no-no.

    Leave a comment:


  • Researchers Discover Intel CPU Ring Interconnects Vulnerable To Side Channel Attack

    Phoronix: Researchers Discover Intel CPU Ring Interconnects Vulnerable To Side Channel Attack

    University of Illinois researchers have discovered that Intel's CPU ring interconnects are vulnerable to exploit by side-channel attacks. This opens a whole new can of worms with the cross-core interconnect now being vulnerable to exploit but so far Intel doesn't appear to be overly concerned and there are some open questions on whether this interconnect exploit would still work with the latest Intel Xeon processors...

    https://www.phoronix.com/scan.php?pa...ects-Side-Chan
Working...
X