PORTSMASH SIDE CHANNEL VULNERABILITY

Intel_logoIt seems that more problems for Intel processors now that a new problem called Portsmash has been identified. Vulnerability confirmed on Skylake and Kaby Lake CPU series. Researchers suspect AMD processors are also impacted.

The work was done by Tampere University of Technology in Finland and Technical University of Havana, Cuba.

Researchers say they’ve already confirmed that PortSmash impacts Intel CPUs which support the company’s Hyper-Threading (HT) technology, Intel’s proprietary implementation of SMT.

The Proof of Concept steals an OpenSSL (<= 1.1.0h) P-384 private key from a TLS server by successfully exploiting PortSmash, but the attack can be modified to target any type of data. The PortSmash PoC also requires malicious code to be running on the same physical core as the victim, but this isn’t such a big hurdle for attackers.

We suspect that this sort of exploit may find its way into government malware who want to gain access to personal computers that are seized.

INTEL COMMENTS

Intel received notice of the research. This issue is not reliant on speculative execution, and is therefore unrelated to Spectre, Meltdown or L1 Terminal Fault. We expect that it is not unique to Intel platforms. Research on side-channel analysis methods often focuses on manipulating and measuring the characteristics, such as timing, of shared hardware resources. Software or software libraries can be protected against such issues by employing side channel safe development practices. Protecting our customers’ data and ensuring the security of our products is a top priority for Intel and we will continue to work with customers, partners and researchers to understand and mitigate any vulnerabilities that are identified.