PortSmash side-channel Vulnerability discovered

Topic

New Reply

A new side-channel vulnerability has been discovered called ‘PortSmash’ that can steal decryption keys from PC’s using SMT/Hyper-threading. This seems to be of the same ilk as the Spectre flaws..

More Info from Lawrence Abrams over at: Bleeping Computer

Protecting yourself from the PortSmash vulnerability
The only way to mitigate this attack is to disable SMT/Hyper-threading on a computer, which OpenBSD has already done by default since this summer when another timing attack was released called TLBleed.
“We recommend disabling SMT/Hyper-threading as a countermeasure. OpenBSD, for example, already disables it by default since this summer.”

Windows - commercial by definition and now function...

2 users thanked author for this post.

Elly, OscarCP

Reply | Quote

Replies

Well, this does not sound like the good news I am always hopeful for at the start of a new week.

SMT/Hyperthread is a term of art for Intel’s implementation of “hyperthreading”, that is one way how many chips (known as computer processing units (CPUs), that are the ones that do the actual number crunching in a computer) process data in parallel to do it faster.

I have no idea of how one could disable a part of a CPU’s circuitry. I’ll probably be better off worrying about something else I can actually do, instead, and keep my fingers crossed (as usual). But I hope that is something less basic that one can do to fix this, preferably something maybe even I can do.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

HyperThreading (Intel’s version of SMT) can be disabled in the BIOS – expect a decrease of outright performance of up to ~20% but with less heat produced, the performance hit should be negligible at norm/average CPU usage.

3 users thanked author for this post.

Elly, OscarCP, Microfix

Reply | Quote

And note that some Intel Core processors don’t have HyperThreading. My (2011) i5 (Haswell, I think) desktop doesn’t. A quick Search of articles on the Core i-series indicates that the higher i-numbers do, the lower ones generally don’t. And Desktop vs Laptop versions differ too. Research of the specific processor of interest may be necessary. Caveat: This information may be misleading or archaic.

1 user thanked author for this post.

OscarCP

Reply | Quote

According to zdnet (and other sources), this vulnerability was considered of limited scope, affecting Skylake and Kaby Lake; an Intel response:

 
Intel CPUs impacted by new PortSmash side-channel vulnerability

Vulnerability confirmed on Skylake and Kaby Lake CPU series. Researchers suspect AMD processors are also impacted.

By Catalin Cimpanu | November 2, 2018

 

Intel received notice of the research. This issue is not reliant on speculative execution, and is therefore unrelated to Spectre, Meltdown or L1 Terminal Fault. We expect that it is not unique to Intel platforms. Research on side-channel analysis methods often focuses on manipulating and measuring the characteristics, such as timing, of shared hardware resources. Software or software libraries can be protected against such issues by employing side channel safe development practices. Protecting our customers’ data and ensuring the security of our products is a top priority for Intel and we will continue to work with customers, partners and researchers to understand and mitigate any vulnerabilities that are identified.

 
Read the full article here

3 users thanked author for this post.

OscarCP, Elly, Microfix

Reply | Quote

One of many informative related Twitter threads:

This is awesome research, but don't panic. ;] SMT isn't evil here…

Fundamentally, secret-dependent control flow has been specifically discouraged and avoided in "constant-time" crypto code for a while now. Upgrade your crypto libraries! The crypto community is really on this. https://t.co/NqzvGCPjL7

— Chandler Carruth (@chandlerc1024) 2 November 2018

2 users thanked author for this post.

OscarCP, Elly

Reply | Quote

I wonder if this problem is shared by all SMT architectures or just the “full 2-way” ones … AMD Bulldozer is a partial SMT, IBM POWER7 is 4-way, current Oracle SPARC is some weird 8/2 hybrid…

Also I wouldn’t consider this general category of vulnerability very surprising after Colin Percival’s paper in BSDCan 2005… anyone else?

Reply | Quote

Seems this vulnerability may not be something for the average user to lose sleep over. From Sofos: https://nakedsecurity.sophos.com/2018/11/05/portsmash-attack-steals-secrets-from-intel-chips-on-the-side/

“If you’re simply using a desktop or laptop PC for routine stuff like gaming, browsing and productivity apps, then not much. This attack involves executing code on your machine, and if an attacker is able to do that you’re already in trouble because they can use their code to get at your information in other, easier ways.

The real danger here is for those running lots of workloads from different people on the same machine. Multi-tenant cloud environments would be a key target. However, the attacker would still have to get their thread running on the same physical core as the program they wanted to snoop on.

Intel said in a statement widely issued to the press that it was up to developers to create more secure software to stop people abusing this feature:

Software or software libraries can be protected against such issues by employing side channel safe development practices.

Colin Percival, formerly security officer for the FreeBSD OS, tweeted more advice about this, explaining that this concept has been known about for years, and that good coding practices are crucial.

The defence against PortSmash is exactly the same as the defence against microarchitectural side channel attacks fr… twitter.com/i/web/status/1…

—
Colin Percival (@cperciva) November 02, 2018

OpenSSL has already issued a patch to solve the problem, and hopefully this will prompt other developers to ensure that they are coding securely to avoid dropping side-channel secrets.”

Win10 Pro x64 22H2, Win10 Home 22H2, Linux Mint + a cat with 'tortitude'.

1 user thanked author for this post.

OscarCP

Reply | Quote