Researchers discovered a vulnerability in a component of modern computer processors that allows different areas of the chip to communicate with one another. To extract secret information, such as a cryptographic key, an attacker can observe how traffic from two different cores on a processor interferes with each other.
According to MIT researchers, a component of computer processors that connects different parts of the chip can be exploited by malicious agents seeking to steal secret information from programs running on the computer.
Modern computer processors contain a large number of computing units known as cores that share the same hardware resources. The component that allows these cores to communicate with one another is the on-chip interconnect. However, when multiple cores run concurrently, there is a chance that they will delay one another when they use the interconnect to send data across the chip at the same time.
A malicious agent could conduct a “side-channel attack” and reconstruct secret information stored in a program, such as a cryptographic key or password, by monitoring and measuring these delays.
We hope that this work demonstrates how the on-chip interconnect, despite being such a large component of computer processors, remains an underutilized attack surface. We should not ignore the interconnect in the future as we build systems with better isolation properties.Paccagnella
MIT researchers reverse-engineered the on-chip interconnect to study how this kind of attack would be possible. Drawing on their discoveries, they built an analytical model of how traffic flows between the cores on a processor, which they used to design and launch surprisingly effective side-channel attacks. Then they developed two mitigation strategies that enable a user to improve security without making any physical changes to the computer chip.
A modern processor is like a two-dimensional grid, with multiple cores laid out in rows and columns. Each core has its own cache where data are stored, and there is also a larger cache that is shared across the entire processor. When a program located on one core needs to access data in a cache that is on another core or in the shared cache, it must use the on-chip interconnect to send this request and retrieve the data.
Though it is a large component of the processor, the on-chip interconnect remains understudied because it is difficult to attack, Dai explains. A hacker needs to launch the attack when traffic from two cores is actually interfering with each other, but since traffic spends so little time in the interconnect, it is difficult to time the attack just right. The interconnect is also complex, and there are multiple paths traffic can take between cores.
The MIT researchers designed programs that would intentionally access memory caches located outside their local cores in order to study how traffic flows on the interconnect.
“We can understand what the rules are behind traffic flows on the interconnect by testing out different situations, trying different placements, and swapping out locations of these programs on the processor,” Dai says.
They discovered that the interconnect functions similarly to a highway, with multiple lanes in each direction. When two traffic flows collide, the interconnect employs a priority arbitration policy to determine which traffic flow will proceed first. More “important” requests, such as those from programs critical to the operation of a computer, take precedence.
Using this information, the researchers built an analytical model of the processor that summarizes how traffic can flow on the interconnect. The model shows which cores would be most vulnerable to a side-channel attack. A core would be more vulnerable if it can be accessed through many different lanes. An attacker could use this information to select the best core to monitor to steal information from a victim program.
“If the attacker understands how the interconnect works, they can set themselves up so the execution of some sensitive code would be observable through interconnect contention. Then they can extract, bit by bit, some secret information, like a cryptographic key,” Paccagnella explains.
The researchers were surprised by how quickly the side-channel attacks worked when they used this model to launch them. They were successful in recovering complete cryptographic keys from two different victim programs. They used their analytical model to design two mitigation mechanisms after studying these attacks.
The system administrator in the first strategy would use the model to determine which cores are most vulnerable to attacks and then schedule sensitive software to run on less vulnerable cores. The administrator could reserve cores near a vulnerable program and run only trusted software on those cores for the second mitigation strategy.
The researchers discovered that both mitigation strategies significantly reduced the accuracy of side-channel attacks. Dai claims that because neither requires the user to make any changes to the physical hardware, the mitigations would be relatively simple to implement. Finally, Paccagnella hopes that their work will inspire other researchers to investigate the security of on-chip interconnects.
“We hope that this work demonstrates how the on-chip interconnect, despite being such a large component of computer processors, remains an underutilized attack surface. We should not ignore the interconnect in the future as we build systems with better isolation properties” he adds.