Intel processors are vulnerable to new PortSmash side-channel vulnerability
Recently, five researchers at the Tampere Polytechnic University in Finland and the Havana Technical University in Cuba have discovered a new PortSmash side-channel vulnerability which can lead to the disclosure of encrypted information.
It is reported that the vulnerability belongs to the Side-Channel Attack type, which researchers say affects all processors using simultaneous multi-threading (SMT) architecture. They implement Hyper-Threading in Intel’s proprietary SMT (Hyper-Threading Technology HT). This vulnerability was confirmed.
An attacker can use Hyper-Threading technology to run a malicious process in parallel with a legitimate thread and then steal a small amount of data from the legitimate process, allowing the attacker to reconstruct the encrypted data in the legitimate process.
The only requirement for this type of attack is that the malicious process and the legitimate thread must run on the same physical core, but this is not difficult.
The research team has released proof-of-concept attack code on GitHub, which is valid on the 6th generation Coresky and 7th generation Core Kaby Lake. It successfully stole an OpenSSL P-384 private key from a TLS server, and if needed It can be used for any type of data.
Fortunately, this vulnerability does not affect the data in the cache and memory controllers. As for whether the AMD processor is also affected, the researchers are doing further work, but there is a strong suspicion of the existence, especially the Ryzen system family that also supports hyperthreading.
Intel officially responded to the original as follows:
Intel received notice of the research. This issue is not reliant on speculative execution, and is therefore unrelated to Spectre, Meltdown or L1 Terminal Fault. We expect that it is not unique to Intel platforms. Research on side-channel analysis methods often focuses on manipulating and measuring the characteristics, such as timing, of shared hardware resources. Software or software libraries can be protected against such issues by employing side channel safe development practices. Protecting our customers’ data and ensuring the security of our products is a top priority for Intel and we will continue to work with customers, partners and researchers to understand and mitigate any vulnerabilities that are identified.