Buzz
By exploiting these attacks, security researchers can steal decryption keys from an OpenSSL thread running on the same core.
New PortSmash vulnerability alert: Decryption keys may be compromised
SMT/Hyper-threading is utilized when a physical CPU core is divided into 2 virtual logical cores capable of running 2 separate processes simultaneously. This method can enhance performance as the 2 threads effectively utilize idle CPU resources to execute commands faster.
Temporal side-channel attack is defined as when an attacker analyzes the speed at which a thread executes specific commands and uses that information to reverse-engineer, uncovering which data is used as input.
The PortSmash vulnerability was discovered by a group of researchers including Billy Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan, and Nicola Tuveri from Tampere University of Technology in Finland and Alejandro Cabrera Aldaya from Tecnologica de la Habana CUJAE University in Cuba. According to the researchers, their findings have been submitted and are awaiting review before being released.
In response to BleepingComputer, researcher Tuveri explained the contention over the ports used to measure the time OpenSSL executes an operation. By using these calculations, researchers can reverse-engineer to recover private keys.
In short, with SMT threads and 2 threads per core, each process running on a thread will have its own instructions and data, but will share some hardware resources with a process running on the identified thread.
Instructions are independently decoded in processors and simple data paths within the CPU to corresponding Execution Units. (Execution Unit - EU are actual silicon areas specialized in performing specific operations, such as some EUs dedicated to integer addition/subtraction, some for multiplication, ... ).
Each core has a complete set of EUs to support all instructions and threads on the same core accessing shared EUs. EU groups are bundled together into packages accessible through a port: instructions from 2 threads are assigned to available ports and microcomponents, core schedulers, performance optimizations from the same circuit may be assigned to different EUs on different ports.
These ports are the discussed entities. For instance, assuming port 5 is utilized by a process as the victim in a specific encryption process: the victim process not utilizing port 5, a spy process running on another thread will have access rights to commands not repeatedly executed on port 5, right after the victim process executes an operation on port 5, the scheduler will delay options from the spy process to ensure balance. Thus the spy process can calculate delays in executing commands on port 5 and determine when the victim process is using the same port. This is the ultimate processed signal for recovering private keys.
To make it easier to visualize, imagine two individuals each with a bag of beans, pouring their respective bags into funnels. One cannot know the contents of the other's bag and vice versa, but the speed at which one pours depends on the rate at which the other pours. If the other's rate is a secret, the remaining person can infer it by timing how quickly they pour their own beans into the funnel.
Here, the bag of beans corresponds to instructions. The wide portion represents the data path, and the narrow portion is the execution port.
Researchers are currently only testing this susceptibility on Intel Skylake and KabyLake processors, and will soon test it on AMD Ryzen processors in the future.
Additionally, the group shares a proof-of-concept targeting OpenSSL. OpenSSL was chosen as the target because it is a widely used and familiar codebase, however, the PortSmash technique does not operate on specific software.
The only issue is the time until researchers and attackers utilize PoC to steal information from other applications.
The fix for the attack is currently deployed for OpenSSL 1.1.1 and older versions, with patches available for versions 1.1.0i and above.
Limiting the PortSmash Vulnerability Attack
The only way to limit and minimize the impact of PortSmash vulnerability attacks is to disable SMT/Hyper-threading on computers, a measure OpenBSD implemented this summer upon detecting the time-side channel attack named TLBleed.
Intel has now removed hyper-threading from their 9th generation CPUs to mitigate Meltdown v3 and L1 Terminal Fault vulnerabilities. Since most games do not support it, the removal of hyper-threading does not significantly affect the computer's performance when gaming.
In the near future, it's highly likely that YouTube is about to land on the eShop next week? allowing Nintendo system users to experience video clips and movies from YouTube directly on their devices. However, there's still no official confirmation regarding this information.
