The SCARE Project accomplished its objective of advancing the comprehension of side-channel attacks and vulnerabilities in contemporary computer systems. The project, which was divided into three distinct Work Packages (WP), not only increased our understanding of extant and emerging side-channel leakage, but also investigated the exploitability of these channels and developed countermeasures for them. The important results, such as the discovery of the PortSmash technique, the vulnerability analysis of Mozilla's NSS library, and the creation of the Triggerflow tool, have significantly advanced the field. We discovered Common Vulnerabilities and Exposures (CVE) span multiple vendors of security-critical real-world products. They also serve as a foundation for future research while actively enhancing the security of extensively used open-source software.
We discovered PortSmash (CVE-2018-5407), a novel microarchitecture SCA technique exploiting port contention in architectures featuring Simultaneous Multi-Threading (SMT). PortSmash constructs a high-resolution timing side channel based on port contention by utilizing SMT execution engine sharing as a source of side-channel leakage. This method is inherently covert because it is not dependent on the memory subsystem.
Outside of research articles, the PortSmash attack attracted considerable public interest.
Intel noted "On November 2nd, researchers from Tampere University of Technology in Finland and Technical University of Havana, Cuba published details and a proof of concept exploit they called PortSmash.”
https://www.intel.com/content/www/us/en/developer/articles/news/more-information-portsmash.html(s’ouvre dans une nouvelle fenêtre) The attack code is available on GitHub; it has 468 stars and 66 forks.
https://github.com/bbbrumley/portsmash(s’ouvre dans une nouvelle fenêtre) News magazines published stories, i.e. “The new attack method -- named PortSmash -- was discovered by the team of Billy Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan and Nicola Tuveri, based at the Tampere University of Technology in Finland, and Alejandro Cabrera Aldaya of the Universidad Tecnológica de la Habana CUJAE in Cuba.”
https://www.techtarget.com/searchsecurity/news/252452053/PortSmash-side-channel-attack-targets-Intel-Hyper-Threading(s’ouvre dans une nouvelle fenêtre) The analysis of Mozilla's NSS library represents a significant achievement.
CVE-2020-12401: Timing-attack on ECDSA signature generation. During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data.
CVE-2020-6829: P-384 and P-521 vulnerable to an electro-magnetic side channel attack on signature generation. When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used, which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed.
CVE-2020-12400: P-384 and P-521 vulnerable to a side channel attack on modular inversion. When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack.
CVE-2020-12399: Timing attack on DSA signatures in the NSS library. NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys.
CVE-2020-12402: RSA Key Generation vulnerable to side-channel attack. During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm, which entailed a significantly input-dependent flow. This allowed an attacker to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes.
Our primary contribution to this work package is Triggerflow, a dynamic utility designed to track software application execution paths. Triggerflow employs debugger analysis to evaluate the binary code dynamically, aided by source annotations. It's a versatile tool initially created for regression testing in software development as part of Continuous Integration (CI) procedures. Triggerflow was applied to the OpenSSL open-source software project, enabling automated testing to verify that the control flow at runtime adheres to the specified parameters.