New research paper titled “Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on x86” from researchers at UT Austin, University of Illinois Urbana-Champaign (UIUC) and University of Washington can be found here. (preprint). This paper will be presented at the 31st USENIX Security Symposium (Boston, 10–12 August 2022).
Summary explanation of the Hertzbleed side-channel attack can be found here.
According to the Hertzbleed.com site:
“First, Hertzbleed shows that on modern x86 CPUs, power side-channel attacks can be turned into (even remote!) timing attacks—lifting the need for any power measurement interface. The cause is that, under certain circumstances, periodic CPU frequency adjustments depend on the current CPU power consumption, and these adjustments directly translate to execution time differences (as 1 hertz = 1 cycle per second).
Second, Hertzbleed shows that, even when implemented correctly as constant time, cryptographic code can still leak via remote timing analysis. The result is that current industry guidelines for how to write constant-time code (such as Intel’s one) are insufficient to guarantee constant-time execution on modern processors.”
The vulnerability is listed under CVE-2022-23823 and CVE-2022-24436 in the Common Vulnerabilities and Exposures (CVE) system
Source: Hertzbleed site.
Leave a Reply