International Association
for Cryptologic Research

Multi-processor systems are becoming the de-facto standard

across dierent computing domains, ranging from high-end

multi-tenant cloud servers to low-power mobile platforms.

The denser integration of CPUs creates an opportunity for

great economic savings achieved by packing processes of

multiple tenants or by bundling all kinds of tasks at vari-

ous privilege levels to share the same platform. This level

of sharing carries with it a serious risk of leaking sensitive

information through the shared microarchitectural compo-

nents. Microarchitectural attacks initially only exploited

core-private resources, but were quickly generalized to re-

sources shared within the CPU.

We present the first fine grain side channel attack that works

across processors. The attack does not require CPU co-

location of the attacker and the victim. The novelty of

the proposed work is that, for the first time the directory

protocol of high efficiency CPU interconnects is targeted.

The directory protocol is common to all modern multi-CPU

systems. Examples include AMD\'s HyperTransport, Intel\'s

Quickpath, and ARM\'s AMBA Coherent Interconnect. The

proposed attack does not rely on any specic characteristic

of the cache hierarchy, e.g. inclusiveness. Note that in-

clusiveness was assumed in all earlier works. Furthermore,

the viability of the proposed covert channel is demonstrated

with two new attacks: by recovering a full AES key in

OpenSSL, and a full ElGamal key in libgcrypt within the

range of seconds on a shared AMD Opteron server.