Security News > 2021 > March > Intel CPU interconnects can be exploited by malware to leak encryption keys and other info, academic study finds
Doctoral student Riccardo Paccagnella, master's student Licheng Luo, and assistant professor Christopher Fletcher, all from the University of Illinois at Urbana-Champaign, delved into the way CPU ring interconnects work, and found they can be abused for side-channel attacks.
"It is the first attack to exploit contention on the cross-core interconnect of Intel CPUs," Paccagnella told The Register.
In a paper [PDF] to be presented at USENIX Security 2021 in August - "Lord of the Ring(s): Side Channel Attacks on the CPU On-Chip Ring Interconnect Are Practical" - Paccagnella, Luo, and Fletcher recount how they managed to figure out the workings of Intel's ring interconnect, or bus, that passes information between CPU cores.
Paccagnella said the two attacks demonstrated involve a local attacker running unprivileged code on the victim's machine - such as malware hidden in a software library or application that snoops on other programs or users.
The cryptographic attack assumes that simultaneous multithreading has been disabled, that the last level cache has been partitioned to defend against multicore cache-based attacks, and memory sharing across security domains has been disabled.
The attacks were tested on Intel Coffee Lake and Skylake CPUs, client-class CPUs, and should work on server CPUs like Xeon Broadwell.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/03/08/intel_ring_flaw/
Related news
- New Spectre-Style 'Pathfinder' Attack Targets Intel CPU, Leak Encryption Keys and Data (source)
- Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs (source)
- Latest Intel CPUs impacted by new Indirector side-channel attack (source)
- New Intel CPU Vulnerability 'Indirector' Exposes Sensitive Data (source)