In other words, an attacker who obtains access to the OS kernel's memory does not also gain access to the SGX memory. Intel SGX is meant to protect cryptographic keys at all times because operations using those keys are performed in the secure environment that is completely separate from the OS and has its own isolated memory space. Intel SGX is a memory isolation technology present in modern Intel CPUs that implements a trusted execution environment (TEE) that's supposed to keep certain data secure even in the case of a complete OS compromise. However, there is one scenario where PLATYPUS has a devastating impact, even when privileged access is required to execute it: the Intel SGX secure enclave.
Intel power gadget linux install#
On Windows and macOS, reading measurements from RAPL requires users to install the Intel Power Gadget so the risk of leaking data from the kernel memory space by unprivileged applications is mitigated by default.
Intel power gadget linux update#
In response to PLATYPUS, which is tracked as CVE-2020-8694 and CVE-2020-8695, the Linux kernel developers released a security update that revokes unprivileged access to energy consumption data. The attack was particularly bad on Linux systems, because the powercap framework of the Linux kernel allowed unprivileged access to the RAPL interface, which means any malicious application could potentially abuse it. While PLATYPUS was developed for and confirmed on Intel CPUs, processors from other manufacturers might also be vulnerable to some variation of this attack method. It also exists in AMD CPUs since the Zen microarchitecture and CPUs from ARM and NVIDIA also have on-board energy meters. RAPL is the equivalent of a built-in power meter and is present in Intel CPUs starting with Sandy Bridge (second generation) microarchitecture. This type of attack usually requires physical access to the target system, but that's not the case for PLATYPUS because it relies on Intel's Running Average Power Limit (RAPL) interface, which is accessible through OS drivers. One side-channel method is called differential power analysis and involves analyzing the variations in a system's power consumption when performing operations. Side-channel attacks can be slow because they require many observations and their success depends on the amount of input/output noise in the measurements. Similarly, keystrokes can be reconstructed by analyzing the sounds between key presses. For example, differences in the timings between cryptographic operations can be used to reconstruct secret keys bit by bit. Side-channel attacks involve analyzing differences in how computers systems and their components behave when performing various operations on different types of data. Over the past several years researchers have identified several features in modern CPUs that can be used as a side channel to extract sensitive information from computers. "PLATYPUS can further infer intra-cacheline control flow of applications, break KASLR, leak AES-NI keys from Intel SGX enclaves and the Linux kernel, and establish a timing-independent covert channel." Power consumption as side channel
"Using PLATYPUS, we demonstrate that we can observe variations in the power consumption to distinguish different instructions and different Hamming weights of operands and memory loads, allowing inference of loaded values," the team of researchers from the Graz University of Technology, the University of Birmingham in UK, and CISPA Helmholtz Center for Information Security said on a website dedicated to the attack. The attack, dubbed PLATYPUS, abuses a legitimate CPU interface for monitoring and controlling the power consumption. Researchers have devised a new method that allows potential attackers to leak sensitive information such as encryption keys from the Linux kernel's memory and Intel SGX enclaves.
0 kommentar(er)
