From bottom to top: Exploiting hardware side channels in web - PowerPoint PPT Presentation

DRAM side channels? • row buffers are caches • we can observe timing differences • how to exploit these timing differences? • target addresses in the same channel, rank and bank • but DRAM mapping functions are undocumented 12

DRAM side channels? • row buffers are caches • we can observe timing differences • how to exploit these timing differences? • target addresses in the same channel, rank and bank • but DRAM mapping functions are undocumented → we reverse-engineered them! � https://github.com/IAIK/drama P. Pessl et al. “DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks”. In: USENIX Security Symposium . 2016 12

DRAMA: DRAM Addressing attacks • infer behavior from memory accesses similarly to cache attacks 13

DRAMA: DRAM Addressing attacks • infer behavior from memory accesses similarly to cache attacks • works across VMs, across cores, across CPUs 13

DRAMA: DRAM Addressing attacks • infer behavior from memory accesses similarly to cache attacks • works across VMs, across cores, across CPUs • covert channels and side-channel attacks 13

DRAMA: DRAM Addressing attacks • infer behavior from memory accesses similarly to cache attacks • works across VMs, across cores, across CPUs • covert channels and side-channel attacks • covert channel: two processes communicating with each other • not allowed to do so, e.g., across VMs 13

DRAMA: DRAM Addressing attacks • infer behavior from memory accesses similarly to cache attacks • works across VMs, across cores, across CPUs • covert channels and side-channel attacks • covert channel: two processes communicating with each other • not allowed to do so, e.g., across VMs • side-channel attack: one malicious process spies on benign processes • e.g., spies on keystrokes 13

DRAMA covert channel DRAM bank sender and receiver agree on one bank receiver continuously accesses a row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ... 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 14

DRAMA covert channel DRAM bank sender and receiver agree on one bank receiver continuously accesses a row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 activate 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ... copy 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 0 0 0 0 0 0 0 0 14

DRAMA covert channel DRAM bank sender and receiver agree on one bank receiver continuously accesses a row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 case #1: sender transmits 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ... 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 0 0 0 0 0 0 0 0 14

DRAMA covert channel DRAM bank sender and receiver agree on one bank receiver continuously accesses a row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 activate 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 case #1: sender transmits 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 sender accesses row j � = i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ... copy 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 0 0 0 0 0 0 0 0 14

DRAMA covert channel DRAM bank sender and receiver agree on one bank receiver continuously accesses a row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 case #1: sender transmits 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 sender accesses row j � = i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ... 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 0 0 0 0 0 0 0 0 14

DRAMA covert channel DRAM bank sender and receiver agree on one bank receiver continuously accesses a row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 case #1: sender transmits 1 activate 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 sender accesses row j � = i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 next receiver access → copy row buffer ... copy 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 0 0 0 0 0 0 0 0 14

DRAMA covert channel DRAM bank sender and receiver agree on one bank receiver continuously accesses a row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 case #1: sender transmits 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 sender accesses row j � = i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 next receiver access → copy row buffer ... → slow 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 0 0 0 0 0 0 0 0 14

DRAMA covert channel DRAM bank sender and receiver agree on one bank receiver continuously accesses a row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 case #2: sender transmits 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ... 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 0 0 0 0 0 0 0 0 14

DRAMA covert channel DRAM bank sender and receiver agree on one bank receiver continuously accesses a row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 case #2: sender transmits 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 sender does nothing 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ... 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 0 0 0 0 0 0 0 0 14

DRAMA covert channel DRAM bank sender and receiver agree on one bank receiver continuously accesses a row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 case #2: sender transmits 0 activate 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 sender does nothing 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 next receiver access → already in buffer ... 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 0 0 0 0 0 0 0 0 14

DRAMA covert channel DRAM bank sender and receiver agree on one bank receiver continuously accesses a row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 case #2: sender transmits 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 sender does nothing 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 next receiver access → already in buffer ... → fast 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 0 0 0 0 0 0 0 0 14

Two applications can covertly communicate with each other But can we use that for spying?

DRAMA side-channel attacks DRAM bank spy and victim share a row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ... 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 16

DRAMA side-channel attacks DRAM bank spy and victim share a row i activate 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 case #1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 spy accesses row j � = i , copy to row buffer 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ... 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 16

DRAMA side-channel attacks DRAM bank spy and victim share a row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 case #1 activate 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 spy accesses row j � = i , copy to row buffer 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 victim accesses row i , copy to row buffer 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ... 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 16

DRAMA side-channel attacks DRAM bank spy and victim share a row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 case #1 activate 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 spy accesses row j � = i , copy to row buffer 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 victim accesses row i , copy to row buffer 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 spy accesses row i , no copy ... 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 16

DRAMA side-channel attacks DRAM bank spy and victim share a row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 case #1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 spy accesses row j � = i , copy to row buffer 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 victim accesses row i , copy to row buffer 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 spy accesses row i , no copy ... → fast 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 16

DRAMA side-channel attacks DRAM bank spy and victim share a row i activate 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 case #2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 spy accesses row j � = i , copy to row buffer 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ... 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 16

DRAMA side-channel attacks DRAM bank spy and victim share a row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 case #2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 spy accesses row j � = i , copy to row buffer 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 no victim access on row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ... 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 16

DRAMA side-channel attacks DRAM bank spy and victim share a row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 case #2 activate 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 spy accesses row j � = i , copy to row buffer 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 no victim access on row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 spy accesses row i , copy to row buffer ... 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 16

DRAMA side-channel attacks DRAM bank spy and victim share a row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 case #2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 spy accesses row j � = i , copy to row buffer 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 no victim access on row i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 spy accesses row i , copy to row buffer ... → slow 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 row buffer 16

Spying on keystrokes on the Firefox URL bar • side-channel: template attack • allocate a large fraction of memory to be in a row with the victim • profile memory and record row-hit ratio for each address 300 Access time 250 200 w w w . f a c e b o o k . c o m 150 0 2 4 10 12 14 6 8 Time in seconds 17

I’m sure we’ll need to write a lot of C code At least we’re safe with JavaScript!

Member Rowhammer.js?

DRAM covert channels in JavaScript?

Why JavaScript? • JavaScript is code executed in a sandbox 20

Why JavaScript? • JavaScript is code executed in a sandbox • can’t do anything nasty since it is in a sandbox, right? 20

Why JavaScript? • JavaScript is code executed in a sandbox • can’t do anything nasty since it is in a sandbox, right? • except side channels are only doing benign operations 20

Why JavaScript? • JavaScript is code executed in a sandbox • can’t do anything nasty since it is in a sandbox, right? • except side channels are only doing benign operations 1. accessing their own memory 20

Why JavaScript? • JavaScript is code executed in a sandbox • can’t do anything nasty since it is in a sandbox, right? • except side channels are only doing benign operations 1. accessing their own memory 2. measuring time 20

Challenges with JavaScript 1. No knowledge about 2. No instruction to 3. No high-resolution physical addresses flush the cache timers 21

#1. No knowledge about physical addresses • OS optimization: use Transparent Huge Pages (THP, 2MB pages) • = last 21 bits (2MB) of physical address • = last 21 bits (2MB) of virtual address 22

#1. No knowledge about physical addresses • OS optimization: use Transparent Huge Pages (THP, 2MB pages) • = last 21 bits (2MB) of physical address • = last 21 bits (2MB) of virtual address → which JS array indices? 22

#1. Obtaining the beginning of a THP Access time [ns] 10 6 10 4 10 2 0 2 4 10 12 14 6 8 Array index [MB] • physical pages for these THPs are mapped on-demand → page fault when an allocated THP is accessed for the first time D. Gruss et al. “Practical Memory Deduplication Attacks in Sandboxed JavaScript”. In: ESORICS’15 . 2015. 23

#1. Choosing physical addresses • we now know the last 21 bits of physical addresses • enough for most systems, e.g., Sandy Bridge with DDR3 BA0 BA1 BA2 Rank ... 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 ... Ch. 24

#2. No instruction to flush the cache CPU core • measure DRAM timing CPU • only non-cached accesses reach DRAM cache • no clflush instruction → evict data with other memory accesses DRAM 25

#2. Bypassing the CPU cache: Basic idea • evicting cache line only using memory accesses cache set D. Gruss et al. “Rowhammer.js: A Remote Sofware-Induced Fault Attack in JavaScript”. In: DIMVA’16 . 2016. 26

#2. Bypassing the CPU cache: Basic idea • evicting cache line only using memory accesses load cache set D. Gruss et al. “Rowhammer.js: A Remote Sofware-Induced Fault Attack in JavaScript”. In: DIMVA’16 . 2016. 26

#2. Bypassing the CPU cache: Basic idea • evicting cache line only using memory accesses cache set • it’s a bit more complicated than that: replacement policy is not LRU D. Gruss et al. “Rowhammer.js: A Remote Sofware-Induced Fault Attack in JavaScript”. In: DIMVA’16 . 2016. 26

From bottom to top: Exploiting hardware side channels in web - PowerPoint PPT Presentation

From bottom to top: Exploiting hardware side channels in web browsers Cl ementine Maurice, Graz University of Technology July 4, 2017RMLL, Saint- Etienne, France Rennes Graz Cl ementine Maurice now postdoc at TU Graz, Austria PhD

Screaming Ch Channels When Electromagnetic Side Channels Meet Radio Transceivers Giovanni

Exploiting Out-of-Order-Execution Processor Side Channels to Enable Cross VM Code Execution Sophia

Non-transient Side Channels Mengjia Yan Fall 2020 6.888 L5-Non-transient Side Channels 1 Lab

Non-transient Side Channels Mengjia Yan Fall 2020 6.888 L5-Non-transient Side Channels 1 Lab

Side Channels and Covert Channels Daniel Bosk Department of Information and Communication Systems

Hardware Security Organisational stuff Digital Security Radboud University Nijmegen 1 Other

CPU Side-Channel Attacks the Meltdown Attack Heechul Yun 1 This Week: Hardware Security

Covert and Side Channels Robert Brotzman-Smith Covert Channels Any communication channel that

FUCHSIA: Data-Driven Debugging for Functional Side Channels Saeid Tizpaz-Niari* , Pavol Cerny,

for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1

Side Channels CS 161: Computer Security Prof. David Wagner April 23, 2013 UI Side Channel

Breaking and Fixing VoLTE: Exploiting Hidden Data Channels and Mis-implementations Hongil Kim* ,

CSE 127: I ntroduction to Security Lecture 16: Side Channels and Constant-Time Code Nadia

Reducing Dynamic Power in Streaming CNN Hardware Accelerators by Exploiting Computational

Nomad : Mitigating Arbitrary Cloud Side Channels via Provider-Assisted Migration Soo-Jin Moon,

Abusing hardware for fun and profit Agenda Cache-based Covert channels w/ demo Spectre

FIDES: Lightweight Authentication Cipher with Side-Channel Resistance for Constrained Hardware

Loose Ends: Side Channels, Government Surveillance & Targeted

Exploiting Modern Hardware Features via Lightweight Profiling Probir Roy Scalable Tools

Outline Side and covert channels Transient execution CSci 5271 Introduction to Computer

Exploiting High-Performance Heterogeneous Hardware for Java Programs using Graal James Clarkson

Ionospheric Measurement Bottom Side Ionospheric Sounding Presentation to Brown University

EXPLOITING LOCALITY IN GRAPH ANALYTICS THROUGH HARDWARE ACCELERATED TRAVERSAL SCHEDULING Anurag

Bottom-Up Database Hardware Benchmarking Greg Smith 2ndQuadrant US 04/13/2011 Greg Smith

From bottom to top: Exploiting hardware side channels in web - PowerPoint PPT Presentation

From bottom to top: Exploiting hardware side channels in web browsers Cl ementine Maurice, Graz University of Technology July 4, 2017RMLL, Saint- Etienne, France Rennes Graz Cl ementine Maurice now postdoc at TU Graz, Austria PhD

Screaming Ch Channels When Electromagnetic Side Channels Meet Radio Transceivers Giovanni

Exploiting Out-of-Order-Execution Processor Side Channels to Enable Cross VM Code Execution Sophia

Non-transient Side Channels Mengjia Yan Fall 2020 6.888 L5-Non-transient Side Channels 1 Lab

Non-transient Side Channels Mengjia Yan Fall 2020 6.888 L5-Non-transient Side Channels 1 Lab

Side Channels and Covert Channels Daniel Bosk Department of Information and Communication Systems

Hardware Security Organisational stuff Digital Security Radboud University Nijmegen 1 Other

CPU Side-Channel Attacks the Meltdown Attack Heechul Yun 1 This Week: Hardware Security

Covert and Side Channels Robert Brotzman-Smith Covert Channels Any communication channel that

FUCHSIA: Data-Driven Debugging for Functional Side Channels Saeid Tizpaz-Niari* , Pavol Cerny,

for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1

Side Channels CS 161: Computer Security Prof. David Wagner April 23, 2013 UI Side Channel

Breaking and Fixing VoLTE: Exploiting Hidden Data Channels and Mis-implementations Hongil Kim* ,

CSE 127: I ntroduction to Security Lecture 16: Side Channels and Constant-Time Code Nadia

Reducing Dynamic Power in Streaming CNN Hardware Accelerators by Exploiting Computational

Nomad : Mitigating Arbitrary Cloud Side Channels via Provider-Assisted Migration Soo-Jin Moon,

Abusing hardware for fun and profit Agenda Cache-based Covert channels w/ demo Spectre

FIDES: Lightweight Authentication Cipher with Side-Channel Resistance for Constrained Hardware

Loose Ends: Side Channels, Government Surveillance &amp; Targeted

Exploiting Modern Hardware Features via Lightweight Profiling Probir Roy Scalable Tools

Outline Side and covert channels Transient execution CSci 5271 Introduction to Computer

Exploiting High-Performance Heterogeneous Hardware for Java Programs using Graal James Clarkson

Ionospheric Measurement Bottom Side Ionospheric Sounding Presentation to Brown University

EXPLOITING LOCALITY IN GRAPH ANALYTICS THROUGH HARDWARE ACCELERATED TRAVERSAL SCHEDULING Anurag

Bottom-Up Database Hardware Benchmarking Greg Smith 2ndQuadrant US 04/13/2011 Greg Smith

Loose Ends: Side Channels, Government Surveillance & Targeted