New AMD processor bug breaks encryption


AMD processors have yet another flaw, it has been revealed. Researchers say they have shown “Take A Way” techniques to steal private AES keys, leak kernel memory, set up hidden cloud channels, and other dirty and dark acts.

AMD seems to have its head in the sand: It’s just telling people that there is nothing to see here. But the team that discovered the flaw says the chipmaker’s response is hokum.

These are not just any old researchers. These are the same academics behind Meltdown, Specter, ZombieLoad, etc.

“Use safe IT practices”, is AMD’s ostrich-like advice. In today’s SB Blogwatch, we try not to panic (again).

Your humble blogger has curated these pieces of blogging for your entertainment. Without forgetting: the DIY ASMR.

What is the craic? Paul Alcorn Reports: “New AMD Side Channel Attacks Discovered”:

A new article … details two new “Take A Way” attacks … which can reveal secret data from AMD processors by manipulating the L1D cache predictor. The researchers claim [it] impacts all AMD processors from 2011 to 2019.

AMD’s two vulnerabilities focus on side channel approaches, in this case a Specter-based attack. … Researchers exploited the vulnerability through JavaScript running on Chrome and Firefox browsers, and… gained access to AES encryption keys.

The university says it disclosed the vulnerabilities to AMD on August 23, 2019 … but there is no solution yet. … AMD responded to [my] requests with notice [that] is a bit nebulous [and] does not indicate any mitigation measures for the attack in question. [AMD] says there are no new mitigation measures required [but] researchers disagree.

And Catalin Cimpanu adds: “Academics reveal new Collide + Probe and Load + Reload attacks”:

The two new attacks impact the security of data processed inside the CPU and allow the theft of sensitive information or the degradation of security features. … The company has not released any firmware updates … claiming that these “are not new attacks based on speculation,” a statement the research team disagrees with.

The two new attacks were discovered after a team of six academics reverse engineered [the] hash function that AMD processors use to handle μTag entries in the L1D cache way prediction mechanism. … Introduced in AMD processors in 2011 [it] reduces power consumption by improving the way the processor handles data cached in its memory.

But attacks against CPUs and their caches have been detailed for many years now. What makes them really dangerous is if they can be exploited in the wild. … The Collide + Probe and Load + Reload bugs… can be exploited in real world scenarios… without the need for physical access.

The researchers said they broke the ASLR kernel on a fully updated Linux system, but also ASLR for operating systems and applications running inside hypervisors. … They said… the data exfiltration speed was clocked at 588.9 kB / s.

It’s pretty fast. Article by Moritz Lipp et al on vulnerabilities – “Exploring the Security Implications of AMD’s Cache Way Predictors”:

We reverse engineered AMD’s L1D cache path predictor… resulting in two new attack techniques. … Collide + Probe makes it possible to monitor memory accesses on the current logic core without knowing the physical addresses or the shared memory.

With Load + Reload, we exploit the predictor in order to obtain very precise memory access traces of victims on the same physical core. Although Load + Reload relies on shared memory, this does not invalidate the
cache line, allowing more stealthy attacks that do not induce any last-level cache eviction.

And Daniel Gruss—@lavados wash the details:[You’re fired—Ed.]

I am one of the authors. … This statement from AMD denies something we have never claimed.

Predictors are dangerous if an opponent can observe speculative trading. Way predictors seem less dangerous than branch predictors at the moment. But also, branch predictors seemed much less dangerous before Specter’s discovery.

Meltdown was a much stronger attack and have you heard of anyone attacked with it? I do not have.

Meltdown and Specter use secondary channels as their communication channel. There are many different side channels. Meltdown and Spectrum can use any wholesale side channel. This is a new secondary channel. It is not a variation of Meltdown or Specter.

Take A Way is a side channel, it’s not a weaker form of transient execution attack, it’s just something orthogonal.

Intel has funded part of my research group for the past 2 years. During this time, we have published over 14 articles with a co-author funded in this way. Of these, 10 find flaws in Intel processors. … I am happy that my funding sources do not restrict my academic freedom and independence.

So should we be worried? spth analyzes three of the researchers’ case studies:

“Secret Channel”… allows entities to communicate that should not (for example, communication between two virtual machines on the same host). … Could be a staple in other attacks.

Breaking the randomization of the address space layout… doesn’t seem dangerous in itself, but negates an important countermeasure against… attacks, so useful as a building block.

“Attacking AES T-Tables”… seems like a big deal to me. … They were able to recover 99.7% of the bits of an AES key from OpenSSL… which means that for all practical purposes, they got the key. And I guess the attack will be used in the same way in the future to further attack crypto.

OK now I’m worried. Don’t be, says atq2119:

I kind of agree with AMD’s assessment. … The attacks described in the document all take the form of setting up an L1 cache structure in some way or another to induce collisions with other threads (or with the kernel running in the same thread), then measure when the collisions occurred in order to deduce bits from the memory addresses accessed by the other thread (or the kernel).

This type of attack has been known for a long time. … It seems generally accepted that it is the responsibility of the software to guard against this kind of attack.

Making it easier to break the ASLR seems to be the biggest potential issue here, and I’m not sure that’s really a problem.

And here is AMD’s fanbois. For example, Metal Messiah is there to shave us:

In fact, the vast majority of “speculative execution” attacks do not impact AMD, with a few exceptions. … AMD processors seem to have considerably upper resiliency against speculative execution attacks compared to Intel.

Ho hum. Spectramax has seen it all:

Aside from the marketing of Intel (horrible) and that of AMD (horrible again) and their fan bases (toxic), can we recognize the fact that working on an IT architecture is an extraordinarily complex task… which requires brilliant people all working together?

During this time, EETech1 looks to the future:

Soon you will be able to order different references for the same processor; one will impose hard limits on everything, the other will be 10 times faster while potentially giving access to your data to optimize calculations per second / watt.

And finally:


Previously in And finally

have you read SB Blogwatch by Richi Jennings. Richi curates the best blogs, the best forums, and the weirdest websites… so you don’t have to. Hate mail can be addressed to @RiCHi Where [email protected]. Ask your doctor before reading. Your mileage may vary. E&OE.

Image source: Open Grid Scheduler (PD)

– Richi Jennings


Leave A Reply