[Cryptography] 33C3: cash :-) attacks !

Ian G iang at iang.org
Sat Jan 14 07:46:04 EST 2017 

On 10/01/2017 01:29, Kevin W. Wall wrote:

> On Sun, Jan 8, 2017 at 2:27 PM, Henry Baker <hbaker1 at pipeline.com> wrote:
>> FYI --
>>
>> https://media.ccc.de/v/33c3-8044-what_could_possibly_go_wrong_with_insert_x86_instruction_here
>>
>> https://cdn.media.ccc.de/congress/2016/h264-hd/33c3-8044-eng-What_could_possibly_go_wrong_with_insert_x86_instruction_here.mp4
>>
>> (55 mins; 327 MBytes)
>>
>> "What could possibly go wrong with <insert x86 instruction here>?
>> Side effects include side-channel attacks and bypassing kernel ASLR"
>>
>> Clémentine Maurice and Moritz Lipp
> So I just finished watching this. My initial thought is that between
> this, rowhammer, FBI Rule 41, and NSLs, we are all pretty much screwed
> as TLAs and nation states are pretty much always going to be able to
> do this.
>
> It still seems like a pretty esoteric attack that is unlikely to be most
> attacker's _first_ choice, but as I don't see any simple mitigation for this--
> short of disabling cache, which no one is likely to do except in very
> rare cases--it seems like this is always going to be available as a last
> resort and AV is not going to be able to detect it.
>
> So what, if anything, do we do? Timing attacks are rare IRL, but
> usually that's because there's almost always some easier way in. Since
> I work in appsec, I'm always more interested in what we can do to
> manage the risk. Any ideas?
>
> -kevin

55 minutes of fun!

Two of the attacks (at least) rely on shared libraries which results in 
a shared cache area in LLC (last level cache), and the dramatic 
difference between a cache hit and a cache miss for memory access. The 
attacker can watch what happens to his view of the cash.  Or, the 
attacker can pre-load the cache and see how the victim responds.

   ==> So, if we turn off shared libraries ... does that mitigate those 
attacks?

Their target attack focussed on AES T-Tables which have pre-computed 
look-up tables, which turn keys into indexes.  Listen and profit!

   ==> Back to pure code algorithms?

The attack(s) are statistically measurable by looking at the high cache 
activity.  But they were able to slow down the attack and tune for 
stealth, and avoid the detection.

The attack on the android keyboard/password is again a table-lookup.  By 
identifying the table in the code, they were able to attack the 
addressing and reverse the locations of the key presses, leading to the 
letters being pressed.

   ==> passwords without table look-ups?

The covert channel description of delivering 0s and 1s via cache 
stuffing "prime & probe" is really fun.  I'm not convinced it is 
realistic but it's a great example of sexing up a presentation. 
40-75KBps between AWS vms allowed them to mount an SSH connection over 
the covert channel.

They also exploited direct kernel direct memory mapping to reverse out 
the physical addresses from virtual addresses.  Allows attacker to find 
kernel drivers.  Point of this was not clear to me, it related to other 
attacks.

And a bunch of other attacks related to other instructions.  Their 
conclusion was that there is so much leakage going on with many 
instructions that simple instruction level mitigations won't help.

   == Don't use VMs?

Not sure how well this will work with mobile phones...



iang

More information about the cryptography mailing list