Announcement

Collapse
No announcement yet.

Researchers Discover Intel CPU Ring Interconnects Vulnerable To Side Channel Attack

Collapse
X
Collapse
 
  • Page of 2
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 template Next
  • #1

    Researchers Discover Intel CPU Ring Interconnects Vulnerable To Side Channel Attack

    Phoronix: Researchers Discover Intel CPU Ring Interconnects Vulnerable To Side Channel Attack

    University of Illinois researchers have discovered that Intel's CPU ring interconnects are vulnerable to exploit by side-channel attacks. This opens a whole new can of worms with the cross-core interconnect now being vulnerable to exploit but so far Intel doesn't appear to be overly concerned and there are some open questions on whether this interconnect exploit would still work with the latest Intel Xeon processors...

    Researchers Discover Intel CPU Ring Interconnects Vulnerable To Side Channel Attack - Phoronix
    https://www.phoronix.com/scan.php?page=news_item&px=Intel-Interconnects-Side-Chan
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
  • #2
    At this point, buying Intel is a big no-no.
    • Likes 13

    Comment

    • #3
      Looks like their high end coffee lake was tested. From the code, with key intercepts, this would probably need to be rolled into a rootkit for it to do any damage.

      I do find it strange that their research did not explore more than one coffee lake cpu. The computer lab guy at Uni is gonna have shelves full of crap in his storage closet. Not an intel fan, but this study seems a little hit and run. Guy dumps the code 12 hours ago, and has already scheduled a Usenix conference. This needs more eyeballs first.
      • Likes 4

      Comment

      • #4
        Originally posted by TemplarGR View Post
        At this point, buying Intel is a big no-no.
        Side-channel attack? Heck, even an Abacus is vulnerable
        • Likes 2

        Comment

        • #5
          As far as I know Intel Xeons can be sorted into 2 groups:
          1. real Xeons
          2. "Xeons"
          1) Up until Broadwell they have been using a ring bus architecture (higher core parts use two buses). From Skylake-SP they are using an on-chip mesh network. So up until Xeon E3/E5/E7 v4 it's all ring bus. Xeon Bronze/Silver/Gold/Platinum is mesh. Some Xeons D also use ring, and some are Skylake-SP+ based.
          2) Those are just re-branded desktop parts that utilize the ring bus in even the latest models.

          It'll be interesting to see how Intel handles this.
          • Likes 2

          Comment

          • #6
            Not that I care.

            Do Intel hardware enjoy greater availability than AMD hardware right now? Yes? Decision made.

            All these 'vulnerabilities' are nothing more than academic hot air. Spectre and Meltdown caused a big hooha, and yet even today there are boatloads of people and organizations disabling Spectre and Meltdown mitigations and hardly being worse off in any way.
            Last edited by Sonadow; 08 March 2021, 10:32 AM.
            • Likes 2

            Comment

            • #7
              "encryption keys being leaked" That doesn't sound good. Not one bit.

              The paper is really good. Nice to see it's not being some paywall. From the paper "Our POC considers the worst-case scenario described above and leaks one key bit per run of the victim. To simplify the process of inferring a key bit from each resulting trace, our POC uses a Support Vector Machine classifier (SVC). Note that while the RSA and EdDSA implementations we consider are already known to be vulnerable to side channels, we are the first to show that they leak over the ring interconnect channel specifically".
              • Likes 3

              Comment

              • #8
                Hardware has passed without much security scrutiny at all.
                Nobody has questioned design beside the blatantly obvious ones.

                Now as researchers turn their watchful eyes towards processors and hardware... yeah.
                Everything will start to look like the Swiss cheese it actually is...
                • Likes 3

                Comment

                • #9
                  Originally posted by milkylainen View Post
                  Hardware has passed without much security scrutiny at all.
                  Nobody has questioned design beside the blatantly obvious ones.

                  Now as researchers turn their watchful eyes towards processors and hardware... yeah.
                  Everything will start to look like the Swiss cheese it actually is...
                  As security matters for some customers, it makes me wonder why secure hardware design hasn't been a priority for companies and researchers alike up until Spectre/Meltdown hit the surface. Maybe it was simply thought as beeing too hard to exploit?
                  Last edited by ms178; 08 March 2021, 01:34 PM.
                  • Likes 2

                  Comment

                  • #10
                    Originally posted by ms178 View Post

                    As security matters for some customers, it makes me wonder why hardware design hasn't been a priority for companies and researches alike up until Spectre/Meltdown hit the surface. Maybe it was simply thought as beeing too hard to exploit?
                    x86 is a joke ISA that Intel tricked IBM into buying. "Security" was hardly ever a concern until shit started hitting the fan, and even then it's security theater like Secure Boot.
                    • Likes 2

                    Comment

                    Previous 1 2 template Next
                    Working...
                    X