SomeTargets
3
• AES- Osvik,ShamirandTromer,CT-RSA2006- Gullasch,BangerterandKrenn,IEEES&P2011- Irazoqui,Inci,EisenbarthandSunar,RAID2014
• ElGamal- Zhang,Juels,ReiterandRistenpart,CCS2012- Liu,Yarom,Ge,HeiserandLee,IEEES&P2015
• RSA- Percival,2005- YaromandFalknerUSENIXSecurity2014- Bernstein,Genkin,GrootBruinderink,Heninger,Lange,vanVredendaalandYarom,CHES2017
• BLISS- GrootBruinderink,Hülsing,LangeandYarom,CHES2016
- Pessl,GrootBruinderinkandYarom,ePrint2017/490
SomeTargets
4
• DSA/ECDSA- Benger,vandePol,SmartandYarom,CHES2014- Pereida,BrumleyandYarom,CCS2016- PereidaandBrumley,USENIXSecurity2017
• ECDHonCurve25519- Genkin,ValentaandYarom,2017(insubmission)
Bridgingthegap
Cacheu@liseslocalitytobridgethegap
• Dividesmemoryintolines
• Storesrecentlyusedlines
• Inacachehit,dataisretrievedfromthecache
• Inacachemiss,dataisretrievedfrommemoryandinsertedtothecache
Processor
Memory
Cache
8
SetAssocia@veCaches
• Memorylinesmaptocachesets.Mul@plelinesmaptothesameset.
• Setsconsistofways.Amemorylinecanbestoredinanyofthewaysofthesetitmapsto.
• Whenacachemissoccurs,oneofthelinesinthesetisevicted.
Memory9
Ways
Sets
ThePrime+ProbeACack[Per05,OST06]
• Allocateacache-sizedmemorybuffer
• Prime:fillsthecachewiththecontentsofthebuffer
• Probe:measurethe@metoaccesseachcacheset
– Slowaccessindicatesvic@maccesstotheset
Memory10
Implementa@onProblems
• Theobservereffect
– Thespyalsomodifiesthestateofthecache
– Cachethrashing
• Op@misingcompiler
– Triestomaskmemorylatency
– Deletedeadcode
• Hardwareop@misa@ons
– Prefetchdatapredictedtobeneededsoon
11
Mas@k• Asidechanneltoolkit
• Implements6aCacktechniques(moretofollow)– Almostzerodocumenta@on,liCletes@ng
• BothAPIandcommandlineu@li@es
• AvailableathCp://cs.adelaide.edu.au/~yval/Mas@k/
13
TheRSAEncryp@onSystem• TheRSAencryp@onisapublickeycryptographicscheme
15
C = Me mod N
M
CM = Cd mod N
KeyGenera@on:• Selectrandomprimespandq • CalculateN = pq • Selectapublicexponente(=65537) • Computed=e-1 mod φ(N) • (N, e) isthepublickey• (p, q, d)istheprivatekey
GnuPG1.4.13Decryp@on
x ⟵1 for i ⟵|d|-1 downto 0 do x ⟵x2 mod n if (di =1) then x = xC mod n endif done return x
16
Example:115mod100= 161,051mod100=51
Opera)on x i di
1 2 101
Square 1 2 101
reduce 1 2 101
Mul@ply 11 2 101
reduce 11 2 101
Square 121 1 101
reduce 21 1 101
Square 441 0 101
reduce 41 0 101
Mul@ply 451 0 101
reduce 51 0 101
Theprivatekeyis
encodedinthesequenceofopera)ons
!!!
Limita@ons• Vic@mandspyrunonthesamecore
– Easytomi@gateintheopera@ngsystem
18
Core 0
Thread 0
L2 (unified)
256 KB
Thread 1
L1 Inst
32 KB
L1 Data
32 KB
L3 (unified) - 4MB
Core 1
Thread 2
L2 (unified)
256 KB
Thread 3
L1 Inst
32 KB
L1 Data
32 KB
TheFLUSH+RELOADTechnique
• Leaksinforma@ononvic@maccesstosharedmemory.
• Spymonitorsvic@m’saccesstosharedcode
– Spycandeterminewhatvic@mdoes
– Spycaninferthedatathevic@moperateson
19
Data(copied)
Data(copied)
Code(shared)
Code(shared)
Code Data
CodeSharing
• Toreduceitsmemoryfootprint,theopera@ngsystemsharescodebetweenprocesses
20
Programfile:
ProcessA
ProcessB
anddata
Someothercode
Data(copied)Code(shared)
Codemappedasdata
Code Data
CodeisData
• InVonNeumannarchitecturescodeisatypeofdata
21
Programfile:
ProcessA
ProcessB
CacheConsistency
• Memoryandcachecanbeininconsistentstates
– Rare,butpossible
• Solu@on:Flushingthecachecontents
– Ensuresthatthenextloadisservedfromthememory
Processor
Memory
Cache
22
FLUSH+RELOAD[GBK11,YF14]
• FLUSHmemoryline
• Waitabit
• Measure@metoRELOADline
– slow->noaccess
– fast->access
• Repeat
Processor
Memory
Cache
23
Limita@ons
• Requiressharedmemory
– Easytomi@gateinvirtualisedenvironment
• ModernhypervisorsdonotshareacrossVMs
– Hardertomi@gatewithintheopera@ngsystemorinPaaSplasorm
• Cannotmonitoraccesstodata
25
Prime+ProbeontheLastLevelCache
• Sometechnicalchallenges– SeeLiuetal.IEEES&P2015
– OrjustuseMas@k26
Core 0
Thread 0
L2 (unified)
256 KB
Thread 1
L1 Inst
32 KB
L1 Data
32 KB
L3 (unified) - 4MB
Core 1
Thread 2
L2 (unified)
256 KB
Thread 3
L1 Inst
32 KB
L1 Data
32 KB
Countermeasures-Hardware
• Re-designthecache
– Randomreplacement
– Cachepar@@oning
• Don'tholdyourbreath…
27
Countermeasures-System
• Detec@on
– Maybecircumvented
• Preven@on
– Allsuggestedmethodshavesubtlelimita@ons
28
Countermeasures-Sovware
• Blinding
– Notalwaysapplicable
– Notalwayswork
• Constant-@meprogramming
– Fragile
29