• United States



john_mello jr

Researchers find new way to neutralize side-channel memory attacks

News Analysis
Mar 07, 20224 mins

The method, developed by MIT, improves on performance of alternative schemes to mitigate side-channel memory attack risks.

rambleed ram memory card hardware hack breach binary by 13threephotography getty
Credit: 13threephotography / Getty Images

Researchers at the Massachusetts Institute of Technology have discovered a way to foil memory-timing side-channel attacks that’s more efficient than other methods. The attacks can be used to steal secrets such as cryptographic keys or user passwords stored in a computer’s memory.

According to a report by the researchers, the attacks are enabled by shared computer resources. “Through these shared resources, an attacker can seek out even very fine-grained information,” Mengjia Yan, an assistant professor in the electrical engineering and computer science department at MIT, said in a statement.

During the attack, a malicious program can glean a program’s secrets by interpreting information about delays it experiences when it tries to access memory resources at the same time as another program. “The attacker is poking at the memory controller, the library doors, to say, ‘is it busy now?’” EECS Professor Joel Emer explained in a statement. “If they get blocked because the library door is opening already—because the victim program is already using the memory controller—they are going to get delayed. Noticing that delay is the information that is being leaked.”

“Shaping” memory requests to hide secrets

Historically, addressing this attack vector has had a big downside. “In the past, people have mitigated these types of side-channel attacks by partitioning the resource so the attacker and victim can’t use the resource at the same time, but that’s very bad for performance,” Peter Deutsch, a graduate student and an author of the report, tells CSO.

The researchers’ solution to the problem is to “shape” memory requests by running them through a “request shaper,” called DAGuise, that uses a graph structure to process requests and send them to the memory controller on a fixed schedule.

“Our solution takes a victim’s accesses to the memory controller to DRAM and shaping them in such a way that they are independent of the secret,” Deutsch explains. “So, no matter how many times the attacker observes the victim, they will never learn anything about the secret that they’re trying to keep.”

He acknowledged that DAGuise has an impact on system performance, but it’s 12% faster than other security solutions.

Side-channel memory attacks uncommon

Deutsch noted that DAGuise needs to be implemented by a chipmaker. That could be a tough sell. “These kinds of attacks are very uncommon,” says Karl Sigler, manager of SpiderLabs Threat Intelligence at Trustwave, a network security company. “In fact, outside of a lab environment or scholarly write-up, I don’t think there’s any record of public exploitation of any of these types of vulnerabilities.”

Sigler notes that side-channel attacks require a great degree of sophistication. “They would require custom applications as well as a deep knowledge of how electric signaling works inside a computer and can be manipulated,” he explains. “They would likely require different techniques and applications from system to system depending on the actual target.”

However, Sigler adds that while side-channel attacks shouldn’t be at the top of a security team’s to-do list, they shouldn’t be entirely ignored, either. “There is the possibility that very targeted attacks against high profile or valuable victims have or could occur,” he says. “Despite the unlikely event of exploitation, organizations should still apply patches for these vulnerabilities whenever one is available, like the one for CVE-2018-0737—an OpenSSL SCA vulnerability.”

In a related matter, researchers at North Carolina State University have announced that they have found a way to compromise homomorphic encryption via a side-channel attack. “Basically, by monitoring power consumption in a device that is encoding data for homomorphic encryption, we are able to read the data as it is being encrypted,” Aydin Aysu, one of the authors of the study, said in a news release. “This demonstrates that even next-generation encryption technologies need protection against side-channel attacks.”