Hyperthreading under scrutiny with new TLBleed crypto key leak

by
Peter Bright
from Ars Technica - All content on (#3SZSD)
8th-Gen-Intel-Core-wafer-800x534.jpg

Enlarge / A shiny wafer full of Kaby Lake refresh parts. (credit: Intel)

Last week, developers on OpenBSD-the open source operating system that prioritizes security-disabled hyperthreading on Intel processors. Project leader Theo de Raadt said that a research paper due to be presented at Black Hat in August prompted the change, but he would not elaborate further.

The situation has since become a little clearer. The Register reported on Friday that researchers at Vrije Universiteit Amsterdam in the Netherlands have found a new side-channel vulnerability on hyperthreaded processors that's been dubbed TLBleed. The vulnerability means that processes that share a physical core-but which are using different logical cores-can inadvertently leak information to each other.

In a proof of concept, researchers ran a program calculating cryptographic signatures using the Curve 25519 EdDSA algorithm implemented in libgcrypt on one logical core and their attack program on the other logical core. The attack program could determine the 256-bit encryption key used to calculate the signature with a combination of two milliseconds of observation, followed by 17 seconds of machine-learning-driven guessing and a final fraction of a second of brute-force guessing.

Read 20 remaining paragraphs | Comments

index?i=C1FN1mCp7Hs:QO02swQSdlw:V_sGLiPB index?i=C1FN1mCp7Hs:QO02swQSdlw:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments