Locked Collide+Power - Leaking Inaccessible Data with Software-based Power Side Channels

[dEEpEst]

Collide+Power

Leaking Inaccessible Data with Software-based Power Side Channels

Collide+Power is a novel method to exploit the fundamental way we build and share components in CPUs. We do not target specific programs but instead the underlying CPU hardware itself. This advance in software-based power side channels echoes the discovery of Meltdown and Spectre — where similarly, the underlying hardware provided unforeseen attack possibilities, leaking actual data values.

 

The root of the problem is that shared CPU components, like the internal memory system, combine attacker data and data from any other application, resulting in a combined leakage signal in the power consumption. Thus, knowing its own data, the attacker can determine the exact data values used in other applications. We present two attacks belonging to the Collide+Power attack family: The first attack breaks the isolation between CPU hyperthreads, leaking arbitrary data across programs. The second attack breaks the isolation between user programs and the operating system, leaking arbitrary data not just from the operating system but any security domain on the same computer.

 

The Collide+Power technique can enhance any side-channel signal related to power, such as RAPL

This is the hidden content, please

• Sign In
• or
• Sign Up

or frequency throttling

This is the hidden content, please

• Sign In
• or
• Sign Up

. While the leakage rates with current proof-of-concepts are comparably low, future attacks may be faster and indicate the necessity of security patches.

This is the hidden content, please

• Sign In
• or
• Sign Up