Security News > 2021 > March > Newest Intel Side-Channel Attack Sniffs Out Sensitive Data

Newest Intel Side-Channel Attack Sniffs Out Sensitive Data
2021-03-08 21:20

Intel processors are vulnerable to a new side-channel attack, which researchers said can allow attackers to steal sensitive information such as encryption keys or passwords.

In their research paper [PDF]: "Lord of the Ring(s): Side Channel Attacks on the CPU On-Chip Ring Interconnect Are Practical," researchers said the attack is unique because it works in spite of some previous side-channel defenses.

"In this paper, we present the first on-chip, cross-core side channel attack that works despite [previous] countermeasures," said the team of University of Illinois at Urbana-Champaign researchers in their paper, which will be presented at USENIX Security 2021.

The second attack targets keystroke timing information, which researchers said can be used to infer data like passwords.

Intel for its part pointed to existing security best practices for mitigating against the side-channel attack: "We appreciate the ongoing work and coordination with the research community," said Intel.

"The main novelty of our attack compared to previous 'traditional side channel' attacks is that our attack does not rely on sharing memory, cache sets, core-private resources or any specific uncore structures," Paccagnella told Threatpost.


News URL

https://threatpost.com/intel-side-channel-attack-data/164582/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Intel 6314 31 755 708 45 1539