Lord of the Ring (s): The New Vulnerability Discovered in Intel Processors

Today we ran into the Lord of the Ring (s) (LOTR) vulnerability in Intel processors, a nod to the Lord of the Rings movie, and this nod is due to a vulnerability linked to the interconnection rings of the processors of the blue company, although in this specific case, it is not critical due to the difficulties that attackers would have to face to access the information.

Those responsible for publicizing this vulnerability were Ph.D. student Riccardo Paccagnella, Master's student Licheng Luo, and Adjunct Professor Christopher Fletcher, all from the University of Illinois at Urbana-Champaign. Together, they investigated the operation of CPU ring interconnects and found that they can be abused for side-channel attacks. The result is that one application can deduce the private memory of another and sniff out the user's keystrokes.

"It is the first attack that takes advantage of the contention in the interconnection between the cores of Intel CPUs," Riccardo told The Register newspaper. "The attack is not based on memory sharing, cache pools, core-private resources, or any specific uncore structure. As a consequence, it is difficult to mitigate with existing side-channel defenses ."

With that knowledge, they discovered that they could leak cryptographic key bits from RSA and EdDSA implementations, which are already known to be vulnerable to side-channel attacks. They also showed that they could monitor keystrokes, which, based on previous research, can be used to reconstruct typed passwords, as well as a privacy breach.

The challenge faced by the researchers was twofold: First, Intel hasn't provided many details about how its CPU ring bus works. Therefore, significant reverse engineering work was required.

Second, its attack is based on contention, which in this case involves monitoring latency when different processes access memory at the same time. This observation is difficult because there is a lot of noise to identify and filter, and significant events, such as private cache leaks (when a system looks for data in a cache that is not there), are not as common.

Riccardo said the two attacks demonstrated to involve a local attacker running unprivileged code on the victim's machine, such as malware hidden in a software library or an application that spies on other programs or users. He said that a cloud-based scenario, where the adversary is an administrator or co-tenant of a shared system, may also be possible, but both he and his partners preferred not to make that claim because the demo attacks were run in an environment. not virtualized and have not been tested under other circumstances.

The cryptographic attack assumes that Simultaneous Multi-Threading (SMT) has been disabled, that the last-level cache (LLC) has been partitioned to defend against multi-core cache-based attacks, and that memory sharing between security domains has been deactivated. It also assumes that the system is configured to clear the target's cache footprint to prevent cache-based preemptive scheduling attacks.

"Intel classified our attack as a 'traditional side channel' (like TLBleed, Portsmash, etc.)," ​​said Paccagnella. "They treat this class of attacks differently than the class of 'speculative execution / transient execution attacks' (such as Specter, Meltdown, etc.). That is, they do not consider traditional side-channel attacks as a significant value for an attacker and already published their suggested guide on how to mitigate them. "

"True constant-time code can be difficult to implement in practice. Additionally, additional hardware support will be needed to achieve 'domain isolation' in the ring interconnect."