TY - GEN
T1 - Lord of the Ring(s)
T2 - 30th USENIX Security Symposium, USENIX Security 2021
AU - Paccagnella, Riccardo
AU - Luo, Licheng
AU - Fletcher, Christopher W.
N1 - Funding Information:
This work was partially supported by NSF grants 1954521 and 1942888 as well as by an Intel ISRA center. We thank our shepherd Yossi Oren and the anonymous reviewers for their valuable feedback. We also thank Gang Wang for his valuable suggestions on early drafts of this paper, and Ben Gras for the helpful discussions on the first side channel POC.
Publisher Copyright:
© 2021 by The USENIX Association. All rights reserved.
PY - 2021
Y1 - 2021
N2 - We introduce the first microarchitectural side channel attacks that leverage contention on the CPU ring interconnect. There are two challenges that make it uniquely difficult to exploit this channel. First, little is known about the ring interconnect's functioning and architecture. Second, information that can be learned by an attacker through ring contention is noisy by nature and has coarse spatial granularity. To address the first challenge, we perform a thorough reverse engineering of the sophisticated protocols that handle communication on the ring interconnect. With this knowledge, we build a cross-core covert channel over the ring interconnect with a capacity of over 4 Mbps from a single thread, the largest to date for a cross-core channel not relying on shared memory. To address the second challenge, we leverage the fine-grained temporal patterns of ring contention to infer a victim program's secrets. We demonstrate our attack by extracting key bits from vulnerable EdDSA and RSA implementations, as well as inferring the precise timing of keystrokes typed by a victim user.
AB - We introduce the first microarchitectural side channel attacks that leverage contention on the CPU ring interconnect. There are two challenges that make it uniquely difficult to exploit this channel. First, little is known about the ring interconnect's functioning and architecture. Second, information that can be learned by an attacker through ring contention is noisy by nature and has coarse spatial granularity. To address the first challenge, we perform a thorough reverse engineering of the sophisticated protocols that handle communication on the ring interconnect. With this knowledge, we build a cross-core covert channel over the ring interconnect with a capacity of over 4 Mbps from a single thread, the largest to date for a cross-core channel not relying on shared memory. To address the second challenge, we leverage the fine-grained temporal patterns of ring contention to infer a victim program's secrets. We demonstrate our attack by extracting key bits from vulnerable EdDSA and RSA implementations, as well as inferring the precise timing of keystrokes typed by a victim user.
UR - http://www.scopus.com/inward/record.url?scp=85114512870&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85114512870&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:85114512870
T3 - Proceedings of the 30th USENIX Security Symposium
SP - 645
EP - 662
BT - Proceedings of the 30th USENIX Security Symposium
PB - USENIX Association
Y2 - 11 August 2021 through 13 August 2021
ER -