CrossTalk: Speculative data leaks across cores are real

Hany Ragab, Alyssa Milburn, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

28 Downloads (Pure)

Abstract

Recent transient execution attacks have demonstrated that attackers may leak sensitive information across security boundaries on a shared CPU core. Up until now, it seemed possible to prevent this by isolating potential victims and attackers on separate cores. In this paper, we show that the situation is more serious, as transient execution attacks can leak data across different cores on many modern Intel CPUs.

We do so by investigating the behavior of x86 instructions, and in particular, we focus on complex microcoded instructions which perform offcore requests. Combined with transient execution vulnerabilities such as Micro-architectural Data Sampling (MDS), these operations can reveal internal CPU state. Using performance counters, we build a profiler, CrossTalk, to examine the number and nature of such operations for many x86 instructions, and find that some instructions read data from a staging buffer which is shared between all CPU cores.

To demonstrate the security impact of this behavior, we present the first cross-core attack using transient execution, showing that even the seemingly-innocuous CPUID instruction can be used by attackers to sample the entire staging buffer containing sensitive data – most importantly, output from the hardware random number generator (RNG) – across cores. We show that this can be exploited in practice to attack SGX enclaves running on a completely different core, where an attacker can control leakage using practical performance degradation attacks, and demonstrate that we can successfully determine enclave private keys. Since existing mitigations which rely on spatial or temporal partitioning are largely ineffective to prevent our proposed attack, we also discuss potential new mitigation techniques.
Original languageEnglish
Title of host publicationIEEE 2021 Symposium on Security and Privacy (SP)
Subtitle of host publicationProceedings
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1852-1867
Number of pages16
ISBN (Electronic)9781728189345
DOIs
Publication statusPublished - 26 Aug 2021
Event42nd IEEE Symposium on Security and Privacy, SP 2021 - Virtual, San Francisco, United States
Duration: 24 May 202127 May 2021

Publication series

NameProceedings - IEEE Symposium on Security and Privacy
Volume2021-May
ISSN (Print)1081-6011

Conference

Conference42nd IEEE Symposium on Security and Privacy, SP 2021
Country/TerritoryUnited States
CityVirtual, San Francisco
Period24/05/2127/05/21

Bibliographical note

Funding Information:
We thank our shepherd, Frank Piessens, and the anonymous reviewers for their valuable feedback. We would also like to thank Marius Muench for his help with the paper and Stephan van Schaik for his work on RIDL. This work was supported by the European Union’s Horizon 2020 research and innovation programme under grant agreements No. 786669 (ReAct) and No. 825377 (UNICORE), by Intel Corporation through the Side Channel Vulnerability ISRA, by the United States Office of Naval Research (ONR) under contract N00014-17-1-2782, and by the Netherlands Organisation for Scientific Research through grants NWO 639.021.753 VENI ”PantaRhei”, and NWO 016.Veni.192.262. This paper reflects only the authors’ view. The funding agencies are not responsible for any use that may be made of the information it contains.

Publisher Copyright:
© 2021 IEEE.

Keywords

  • Side channels
  • Transient execution attacks

Fingerprint

Dive into the research topics of 'CrossTalk: Speculative data leaks across cores are real'. Together they form a unique fingerprint.

Cite this