DeepAI AI Chat
Log In Sign Up

HyperDegrade: From GHz to MHz Effective CPU Frequencies

by   Alejandro Cabrera Aldaya, et al.

Performance degradation techniques are an important complement to side-channel attacks. In this work, we propose HyperDegrade – a combination of previous approaches and the use of simultaneous multithreading (SMT) architectures. In addition to the new technique, we investigate the root causes of performance degradation using cache eviction, discovering a previously unknown slowdown origin. The slowdown produced is significantly higher than previous approaches, which translates into an increased time granularity for Flush+Reload attacks. We evaluate HyperDegrade on different Intel microarchitectures, yielding significant slowdowns that achieve, in some cases, three orders of magnitude improvement over state-of-the-art. To evaluate the efficacy of performance degradation in side-channel amplification, we propose and evaluate leakage assessment metrics. The results evidence that HyperDegrade increases time granularity without a meaningful impact on trace quality. Additionally, we designed a fair experiment that compares three performance degradation strategies when coupled with Flush+Reload from a practical perspective. We developed an attack on an unexploited vulnerability in OpenSSL in which HyperDegrade excels – reducing by three times the number of required Flush+Reload traces to succeed. Regarding cryptography contributions, we revisit the recently proposed Raccoon attack on TLS-DH key exchanges, demonstrating its application to other protocols beyond legacy TLS cipher suites. Using HyperDegrade we developed an end-to-end attack that shows how a Raccoon-like attack can succeed in practice, filling a missing gap from previous research.


Timing the Transient Execution: A New Side-Channel Attack on Intel CPUs

The transient execution attack is a type of attack leveraging the vulner...

Layered Binary Templating: Efficient Detection of Compiler- and Linker-introduced Leakage

Cache template attacks demonstrated automated leakage of user input in s...

Hide and Seek with Spectres: Efficient discovery of speculative information leaks with random testing

Attacks like Spectre abuse speculative execution, one of the key perform...

NASCTY: Neuroevolution to Attack Side-channel Leakages Yielding Convolutional Neural Networks

Side-channel analysis (SCA) can obtain information related to the secret...

Virtual Triggering: a Technique to Segment Cryptographic Processes in Side Channel Traces

Side-Channel Attacks (SCAs) exploit data correla-tion in signals leaked ...