News this year surrounding the Meltdown and Spectre CPU vulnerabilities has sparked a wider discussion on side channel attacks. These threats are difficult to mitigate and hard to detect, which makes them especially attractive to criminals. They are also likely to remain a threat for a long time.
A side channel attack targets security flaws in a computer’s physical implementation, rather than targeting a flaw in the processes running on a computer. A criminal probably won’t attempt every possible lock combination to open a bank’s vault door. Instead, he might try melting the hinges off with a blowtorch or drilling through a weak point in the door. These tactics completely bypass the security mechanism. These are obviously not the intended means of accessing the vault, hence it is a side channel.
Similarly, clever hackers rarely attack a computer security mechanism directly. Brute forcing a strong password by attempting every possible combination is a mathematically daunting task. Cracking an encrypted message—even with an exceptionally powerful computer—could take thousands of years. Finding insecurely stored passwords or dumping credentials would be a less time-consuming strategy with a greater chance of success.
Side channel attacks that target hardware take this line of thinking a step further. Computers have physical components that emit heat, discharge electricity, radiate radio waves, and generate sound during normal use. These emissions can signal the underlying processes running on the machine. If those processes handle sensitive information, that can undermine the confidentiality of the system. Similarly, if those emissions can be manipulated somehow, then an attacker could gain access through unconventional means.
These are some examples of how the physical implementation of a machine can be abused by criminals:
The time it takes for a computer to complete a task can sometimes give away sensitive information. Timing attacks leverage limits in processing speed to undermine security. Here’s an example: Suppose you are a criminal and you have a banking app you want to break into. You don’t know the PIN, but you understand the authentication mechanism and that the PIN is only nine digits. There are 10^9 possible combinations, which is 1 billion possibilities. This bank app compares the number you enter with the real PIN one digit at time from left to right. If the first digit is correct, it will move on to the second, then third, and so on. The first mismatch it hits will result in an authentication failure. This means that the longer it takes for an authentication failure, the closer you are to guessing the correct PIN. This drastically reduces the combinations you would need to attempt, since all you would have to do is measure the time it takes to get a failure. This shrinks the number of possible combinations from 1 billion to a mere 900.
Computer components rely on electricity to function. As these components grow smaller and ever closer together it becomes more difficult to prevent their electrical discharges from affecting one another. Rowhammer exploits are a class of side channel attacks that leverage this technical problem to undermine security. Put simply, computer memory consists of tiny cells tightly packed together in rows. A rowhammer attack rapidly flips—or hammers—these cells between states. This causes an electrical discharge that might change the state of surrounding memory cells. This can cause an escalation of privilege where an attacker can access parts of the system that are typically forbidden. Nethammer, the most recent evolution of this exploit, can be accomplished over a network connection.
Computers make a lot of noise. Between the humming of the drive and the tapping of the keyboard, these sounds can give away what is happening on the system. In 2004, researchers at Berkeley demonstrated how to differentiate the sounds of individual keys on a keyboard and recognize which keys are being pressed. In 2010, German researchers assessing the acoustic quality of dot matrix printers found they could uncover what they were printing. This is called acoustic cryptanalysis, and if you think that sounds like a James Bond-esque spying technique, it is. In 1956, the British intelligence agency MI5 intercepted encrypted communications between Egypt and Soviet Union by analyzing the sounds their encoding machines were making.
There are some defenses that can mitigate these kinds of attacks. For example, randomizing the time intervals of certain processes would frustrate a timing attack. Similarly, deliberately adding processes to create random noise would make acoustic cryptanalysis more difficult. Hardening the physical components of memory against electrical discharge would foil a rowhammer attack.
The uncomfortable truth about side channel attacks is that they are here to stay. Save a drastic and expensive effort to overhaul how computers are made, there is never going to be a day where the physical level is completely bulletproof. This underscores the importance of a defense-in-depth (DID) approach towards cybersecurity. A DID approach assumes at least two levels of defense will fail. This mitigates for unpredicted and subtle attacks like these.
Author: Louis Papa
Silent Storm Security Contributor | Security Engineer