In order to develop defense mechanisms, MIT researchers studied the weak point of Intel Xeon and Intel Core X server processors. They discovered how to attack the component that manages the interconnection between the cores to steal data like keys cryptographic.
In recent years, manywere discovered within forcing manufacturers to review their architecture for subsequent generations, and also to work in particular with to set up a workaround directly at the operating system level. However, one of the elements of the processors, which is however connected to all the components on the chip, is rather little studied.
for multicore servers are complex chips, with many elements. Each core is actually a processor in itself, with its own . The chip also has a common cache for all cores. When one of the cores needs information in the common cache memory, or that of one of the other cores, it must go through the interconnect, a dedicated component to regulate the traffic.
A sophisticated but very real attack
Until now, cybersecurity researchers have judged any possibility of an attack targeting the interconnection as unlikely because it is too complex. However, researchers from in the United States have just discovered that it is possible to use the Mesh Interconnect Architecture which replaced the previous interconnect (Ring Architecture) in 2017, to steal sensitive data from such as a password or cryptographic key.
It is by measuring this latency that they manage to extract information from the software running on these cores.
Whenever two cores simultaneously attempt to access information that is not in their own cache memory, the interconnect will have to prioritize one or the other, creating delays. It is by measuring this latency that they manage to extract information from the software running on these cores.
Researchers first had to create programs that intentionally access cache memory located outside the cores on which they run. This allowed them to map the interconnect, and thus create an operating model, and even determine which cores are most vulnerable to. They can then steal information bit by bit and have managed to extract the of two different programs.
An attack that only targets servers?
The good news is that this study focused on Intel server processors that have a different architecture than theGeneral public. The same attack should therefore not work on a simple PC where the Mesh Interconnect Architecture is not present. However, if a server is affected, criminals could of a large number of users.
The researchers used their model to find two methods that administrators can put in place to limit the risk of attack. The first is to determine which cores are most exposed to this kind of attack, and to run the most sensitive programs on the less vulnerable cores. The second strategy is to reserve the cores located around the one executing a sensitive program. By only running approved programs on these cores, an intruder will not be able to attempt to monitor the sensitive program.