Student Raises the Specter of an Attack on Intel Chips

 
 
By John G. Spooner  |  Posted 2005-05-16 Print this article Print
 
 
 
 
 
 
 

Updated: A computer science researcher uncovers a new type of attack that could hit servers running Intel processors with Hyperthreading.

Companies running servers based on certain Intel Corp. chips could come under attack from the inside, due to a new type of software timing attack. A research paper released on Friday by Oxford University computer science student Colin Percival details a method by which an attacker could heist cryptography keys on servers running Intel processors with Hyperthreading.
Hyperthreading technology runs two threads or streams of data, making computer software view a single processor as two.
The exploit Percival details takes advantage of the threads shared access to memory caches within the processor to interpret data thats being processed and thus lift the keys. A software timing attack basically watches the behavior of a computer in an effort to expose protected information. "We demonstrate that this shared access to memory caches provides not only an easily used high bandwidth covert channel between threads, but also permits a malicious thread (operating, in theory, with limited privileges) to monitor the execution of another thread, allowing in many cases for theft of cryptographic keys," Percival writes in an abstract explaining the paper, which was posted to his Web site. Percivals paper, based around his tests of a 2.8GHz Pentium 4 processor with Hyperthreading, outlines a new type of software timing attack that could be used to divine cryptographic keys on at least one type of specifically configured Intel-processor machine, Intel spokesman Howard High acknowledged. Percival contends in the paper that the exploit should work on any type chip with a similar, multi-thread and memory cache design. Intel, with which High said Percival shared a draft of the paper, has been working with operating system vendors to add safeguards against the type of attack, the Intel spokesman said. Software timing attacks, and particularly the method discovered by Percival, could harbor somewhat dangers for companies, said Rick Fleming, chief technology officer at Digital Defense Inc., in San Antonio, Texas. Instead of being executed from the outside, such an attack is more likely to be mounted from the inside, such as by a company employee attempting to winnow away cryptographic keys and use them to pilfer other data from a specific server. Next Page: A technically feasible approach.



 
 
 
 
John G. Spooner John G. Spooner, a senior writer for eWeek, chronicles the PC industry, in addition to covering semiconductors and, on occasion, automotive technology. Prior to joining eWeek in 2005, Mr. Spooner spent more than four years as a staff writer for CNET News.com, where he covered computer hardware. He has also worked as a staff writer for ZDNET News.
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel