Paper 2023/1679

Plug Your Volt: Protecting Intel Processors against Dynamic Voltage Frequency Scaling based Fault Attacks

Nimish Mishra
Rahul Arvind Mool, Indian Institute of Technology Kharagpur
Anirban Chakraborty, Indian Institute of Technology Kharagpur
Debdeep Mukhopadhyay, Indian Institute of Technology Kharagpur
Abstract

The need for energy optimizations in modern systems forces CPU vendors to provide Dynamic Voltage Frequency Scaling (DVFS) interfaces that allow software to control the voltage and frequency of CPU cores. In recent years, the accessibility of such DVFS interfaces to adversaries has amounted to a plethora of fault attack vectors. In response, the current countermeasures involve either restricting access to DVFS interfaces or including additional compiler-based checks that let the DVFS fault occur but prevent an adversary from weaponizing it. However, such countermeasures are overly restrictive because (1) they prevent benign, non-SGX processes from utilizing DVFS, and (2) rely upon a less practical threat model than what is acceptable for Intel SGX. In this work, we hence put forth a new countermeasure perspective. We reason that all DVFS fault attacks are helped by system design decisions that allow an adversary to search through the entire space of frequency/voltage pairs which lead to DVFS faults on the victim system. Using this observation, we classify such frequency/voltage pairs causing DVFS faults as unsafe system states. We then develop a kernel module level countermeasure (in non-SGX execution context) that polls core frequency/voltage pairs to detect when the system is in an unsafe state, and force it back into a safe state. Our countermeasure completely prevents DVFS faults on three Intel generation CPUs: Sky Lake, Kaby Lake R, and Comet Lake, while allowing accessibility of DVFS features to benign non-SGX executions (something which prior works fail to achieve). Additionally, we also put forth the notion of maximal safe state, allowing our countermeasure to be implemented both as microcode (on the micro-architecture level) and as model-specific register (on the hardware level), as opposed to prior countermeasures which can not be implemented at the hardware level. Finally, we evaluate the overhead of our kernel module's execution on SPEC2017, observing an minuscule overhead of 0.28%.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint.
Keywords
Dynamic Voltage Frequency Scaling countermeasureSoftware-based fault attackSoftware Guard Extensions (SGX)Plundervolt
Contact author(s)
nimish mishra @ kgpian iitkgp ac in
rahulmool @ kgpian iitkgp ac in
anirban chakraborty @ iitkgp ac in
debdeep @ cse iitkgp ac in
History
2023-10-30: approved
2023-10-30: received
See all versions
Short URL
https://ia.cr/2023/1679
License
Creative Commons Attribution-NonCommercial
CC BY-NC

BibTeX 

@misc{cryptoeprint:2023/1679,
      author = {Nimish Mishra and Rahul Arvind Mool and Anirban Chakraborty and Debdeep Mukhopadhyay},
      title = {Plug Your Volt: Protecting Intel Processors against Dynamic Voltage Frequency Scaling based Fault Attacks},
      howpublished = {Cryptology ePrint Archive, Paper 2023/1679},
      year = {2023},
      note = {\url{https://eprint.iacr.org/2023/1679}},
      url = {https://eprint.iacr.org/2023/1679}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.