Paper 2015/1155
Cross Processor Cache Attacks
Gorka Irazoqui, Thomas Eisenbarth, and Berk Sunar
Abstract
Multi-processor systems are becoming the de-facto standard across different computing domains, ranging from high-end multi-tenant cloud servers to low-power mobile platforms. The denser integration of CPUs creates an opportunity for great economic savings achieved by packing processes of multiple tenants or by bundling all kinds of tasks at vari- ous privilege levels to share the same platform. This level of sharing carries with it a serious risk of leaking sensitive information through the shared microarchitectural compo- nents. Microarchitectural attacks initially only exploited core-private resources, but were quickly generalized to re- sources shared within the CPU. We present the first fine grain side channel attack that works across processors. The attack does not require CPU co- location of the attacker and the victim. The novelty of the proposed work is that, for the first time the directory protocol of high efficiency CPU interconnects is targeted. The directory protocol is common to all modern multi-CPU systems. Examples include AMD's HyperTransport, Intel's Quickpath, and ARM's AMBA Coherent Interconnect. The proposed attack does not rely on any specic characteristic of the cache hierarchy, e.g. inclusiveness. Note that in- clusiveness was assumed in all earlier works. Furthermore, the viability of the proposed covert channel is demonstrated with two new attacks: by recovering a full AES key in OpenSSL, and a full ElGamal key in libgcrypt within the range of seconds on a shared AMD Opteron server.
Metadata
- Available format(s)
- Publication info
- Published elsewhere. Minor revision. AsiaCCS 2016
- DOI
- 10.1145/2897845.2897867
- Keywords
- Invalidate+TransferCross-CPU attackHyperTransportcache attacks
- Contact author(s)
- teisenbarth @ wpi edu
- History
- 2016-03-11: last of 2 revisions
- 2015-11-30: received
- See all versions
- Short URL
- https://ia.cr/2015/1155
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2015/1155, author = {Gorka Irazoqui and Thomas Eisenbarth and Berk Sunar}, title = {Cross Processor Cache Attacks}, howpublished = {Cryptology {ePrint} Archive, Paper 2015/1155}, year = {2015}, doi = {10.1145/2897845.2897867}, url = {https://eprint.iacr.org/2015/1155} }