DeepAI AI Chat
Log In Sign Up

Practical Timing Side Channel Attacks on Memory Compression

by   Martin Schwarzl, et al.

Compression algorithms are widely used as they save memory without losing data. However, elimination of redundant symbols and sequences in data leads to a compression side channel. So far, compression attacks have only focused on the compression-ratio side channel, i.e., the size of compressed data,and largely targeted HTTP traffic and website content. In this paper, we present the first memory compression attacks exploiting timing side channels in compression algorithms, targeting a broad set of applications using compression. Our work systematically analyzes different compression algorithms and demonstrates timing leakage in each. We present Comprezzor,an evolutionary fuzzer which finds memory layouts that lead to amplified latency differences for decompression and therefore enable remote attacks. We demonstrate a remote covert channel exploiting small local timing differences transmitting on average 643.25 bit/h over 14 hops over the internet. We also demonstrate memory compression attacks that can leak secrets bytewise as well as in dictionary attacks in three different case studies. First, we show that an attacker can disclose secrets co-located and compressed with attacker data in PHP applications using Memcached. Second, we present an attack that leaks database records from PostgreSQL, managed by a Python-Flask application, over the internet. Third, we demonstrate an attack that leaks secrets from transparently compressed pages with ZRAM,the memory compression module in Linux. We conclude that memory-compression attacks are a practical threat.


Remote Memory-Deduplication Attacks

Memory utilization can be reduced by merging identical memory blocks int...

When Human cognitive modeling meets PINs: User-independent inter-keystroke timing attacks

This paper proposes the first user-independent inter-keystroke timing at...

Debreach: Mitigating Compression Side Channels via Static Analysis and Transformation

Compression is an emerging source of exploitable side-channel leakage th...

NetSpectre: Read Arbitrary Memory over Network

In this paper, we present NetSpectre, a generic remote Spectre variant 1...

Osiris: Automated Discovery of Microarchitectural Side Channels

In the last years, a series of side channels have been discovered on CPU...

Nethammer: Inducing Rowhammer Faults through Network Requests

A fundamental assumption in software security is that memory contents do...

Off-Path TCP Exploits of the Mixed IPID Assignment

In this paper, we uncover a new off-path TCP hijacking attack that can b...