IACR News item: 30 November 2015
Gorka Irazoqui, Thomas Eisenbarth, Berk Sunar
ePrint Reportacross dierent computing domains, ranging from high-end
multi-tenant cloud servers to low-power mobile platforms.
The denser integration of CPUs creates an opportunity for
great economic savings achieved by packing processes of
multiple tenants or by bundling all kinds of tasks at vari-
ous privilege levels to share the same platform. This level
of sharing carries with it a serious risk of leaking sensitive
information through the shared microarchitectural compo-
nents. Microarchitectural attacks initially only exploited
core-private resources, but were quickly generalized to re-
sources shared within the CPU.
We present the first fine grain side channel attack that works
across processors. The attack does not require CPU co-
location of the attacker and the victim. The novelty of
the proposed work is that, for the first time the directory
protocol of high efficiency CPU interconnects is targeted.
The directory protocol is common to all modern multi-CPU
systems. Examples include AMD\'s HyperTransport, Intel\'s
Quickpath, and ARM\'s AMBA Coherent Interconnect. The
proposed attack does not rely on any specic characteristic
of the cache hierarchy, e.g. inclusiveness. Note that in-
clusiveness was assumed in all earlier works. Furthermore,
the viability of the proposed covert channel is demonstrated
with two new attacks: by recovering a full AES key in
OpenSSL, and a full ElGamal key in libgcrypt within the
range of seconds on a shared AMD Opteron server.
Additional news items may be found on the IACR news page.