Periodic Reporting for period 4 - SCARE (Side-Channel Aware Engineering)
Reporting period: 2023-06-01 to 2023-11-30
We discovered PortSmash (CVE-2018-5407), a novel microarchitecture SCA technique exploiting port contention in architectures featuring Simultaneous Multi-Threading (SMT). PortSmash constructs a high-resolution timing side channel based on port contention by utilizing SMT execution engine sharing as a source of side-channel leakage. This method is inherently covert because it is not dependent on the memory subsystem.
Outside of research articles, the PortSmash attack attracted considerable public interest.
Intel noted "On November 2nd, researchers from Tampere University of Technology in Finland and Technical University of Havana, Cuba published details and a proof of concept exploit they called PortSmash.”
https://www.intel.com/content/www/us/en/developer/articles/news/more-information-portsmash.html
The attack code is available on GitHub; it has 468 stars and 66 forks.
https://github.com/bbbrumley/portsmash
News magazines published stories, i.e. “The new attack method -- named PortSmash -- was discovered by the team of Billy Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan and Nicola Tuveri, based at the Tampere University of Technology in Finland, and Alejandro Cabrera Aldaya of the Universidad Tecnológica de la Habana CUJAE in Cuba.”
https://www.techtarget.com/searchsecurity/news/252452053/PortSmash-side-channel-attack-targets-Intel-Hyper-Threading
The analysis of Mozilla's NSS library represents a significant achievement.
CVE-2020-12401: Timing-attack on ECDSA signature generation. During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data.
CVE-2020-6829: P-384 and P-521 vulnerable to an electro-magnetic side channel attack on signature generation. When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used, which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed.
CVE-2020-12400: P-384 and P-521 vulnerable to a side channel attack on modular inversion. When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack.
CVE-2020-12399: Timing attack on DSA signatures in the NSS library. NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys.
CVE-2020-12402: RSA Key Generation vulnerable to side-channel attack. During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm, which entailed a significantly input-dependent flow. This allowed an attacker to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes.
Our primary contribution to this work package is Triggerflow, a dynamic utility designed to track software application execution paths. Triggerflow employs debugger analysis to evaluate the binary code dynamically, aided by source annotations. It's a versatile tool initially created for regression testing in software development as part of Continuous Integration (CI) procedures. Triggerflow was applied to the OpenSSL open-source software project, enabling automated testing to verify that the control flow at runtime adheres to the specified parameters.
Triggerflow is an execution path tracking tool. Originally developed for dynamic analysis of software for SCA vulnerabilities, it is a development tool automating the debugger to allow contextual inspection of breakpoints, with false positive considerations to facilitate automated regression testing. Additionally for OpenSSL, we have a Continuous Integration system powered by Triggerflow, watching for known execution paths vulnerable to SCA. We also submitted two security-related PRs based on the results, now merged in OpenSSL.
We discovered PortSmash (CVE-2018-5407), a novel microarchitecture SCA technique exploiting port contention in architectures featuring Simultaneous Multi-Threading (SMT). We applied PortSmash to steal the private key of an OpenSSL-linked TLS server. We also produced a proof-of-concept artifact, demonstrating PortSmash in action against a vulnerable OpenSSL version performing non-constant-time scalar multiplications. We backported the security fix to OpenSSL, now merged.