![Page 1: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/1.jpg)
Software-based Microarchitectural Attacks
Daniel Gruss
July 8, 2018
Graz University of Technology
1 Daniel Gruss — Graz University of Technology
![Page 2: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/2.jpg)
![Page 3: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/3.jpg)
Trusted Execution Environment www.tugraz.at
Application
Untrusted part
Operating System
2 Daniel Gruss — Graz University of Technology
![Page 4: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/4.jpg)
Trusted Execution Environment www.tugraz.at
Application
Untrusted part
Create Enclave
Operating System
2 Daniel Gruss — Graz University of Technology
![Page 5: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/5.jpg)
Trusted Execution Environment www.tugraz.at
Application
Trusted part
Cal
lG
ate
Untrusted part
Create Enclave
Trusted Fnc.
Operating System
2 Daniel Gruss — Graz University of Technology
![Page 6: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/6.jpg)
Trusted Execution Environment www.tugraz.at
Application
Trusted part
Cal
lG
ate
Untrusted part
Create Enclave
Call Trusted Fnc.
Trusted Fnc.
Operating System
2 Daniel Gruss — Graz University of Technology
![Page 7: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/7.jpg)
Trusted Execution Environment www.tugraz.at
Application
Trusted part
Cal
lG
ate
Untrusted part
Create Enclave
Call Trusted Fnc.
Trusted Fnc.
Operating System
2 Daniel Gruss — Graz University of Technology
![Page 8: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/8.jpg)
Trusted Execution Environment www.tugraz.at
Application
Trusted part
Cal
lG
ate
Untrusted part
Create Enclave
Call Trusted Fnc.
Trusted Fnc.
Operating System
2 Daniel Gruss — Graz University of Technology
![Page 9: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/9.jpg)
Trusted Execution Environment www.tugraz.at
Application
Trusted part
Cal
lG
ate
Untrusted part
Create Enclave
Call Trusted Fnc.
Trusted Fnc.
Return
Operating System
2 Daniel Gruss — Graz University of Technology
![Page 10: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/10.jpg)
Trusted Execution Environment www.tugraz.at
Application
Trusted part
Cal
lG
ate
Untrusted part
Create Enclave
Call Trusted Fnc.
Trusted Fnc.
Return
Operating System
2 Daniel Gruss — Graz University of Technology
![Page 11: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/11.jpg)
Trusted Execution Environment www.tugraz.at
Application
Trusted part
Cal
lG
ate
Untrusted part
Create Enclave
Call Trusted Fnc.
. . .
Trusted Fnc.
Return
Operating System
2 Daniel Gruss — Graz University of Technology
![Page 12: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/12.jpg)
Trusted Execution Environment www.tugraz.at
Application
Trusted part
Cal
lG
ate
Untrusted part
Create Enclave
Call Trusted Fnc.
. . .
Trusted Fnc.
Return
Operating System
2 Daniel Gruss — Graz University of Technology
![Page 13: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/13.jpg)
Stealing Bitcoins? www.tugraz.at
SGX
3 Daniel Gruss — Graz University of Technology
![Page 14: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/14.jpg)
Stealing Bitcoins? www.tugraz.at
SGX
3 Daniel Gruss — Graz University of Technology
![Page 15: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/15.jpg)
Stealing Bitcoins? www.tugraz.at
SGX
3 Daniel Gruss — Graz University of Technology
![Page 16: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/16.jpg)
Stealing Bitcoins? www.tugraz.at
SGX
3 Daniel Gruss — Graz University of Technology
![Page 17: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/17.jpg)
Stealing Bitcoins? www.tugraz.at
SGX
3 Daniel Gruss — Graz University of Technology
![Page 18: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/18.jpg)
Stealing Bitcoins? www.tugraz.at
SGX
3 Daniel Gruss — Graz University of Technology
![Page 19: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/19.jpg)
Intel SGX Developer Guide www.tugraz.at
Protection from Side-Channel Attacks
Intel SGX does not provide explicit protection from side-channel attacks. It is the
enclave developer’s responsibility to address side-channel attack concerns.
4 Daniel Gruss — Graz University of Technology
![Page 20: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/20.jpg)
Intel SGX Developer Guide www.tugraz.at
Protection from Side-Channel Attacks
Intel SGX does not provide explicit protection from side-channel attacks. It is the
enclave developer’s responsibility to address side-channel attack concerns.
4 Daniel Gruss — Graz University of Technology
![Page 21: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/21.jpg)
Intel SGX Developer Guide www.tugraz.at
Protection from Side-Channel Attacks
Intel SGX does not provide explicit protection from side-channel attacks.
It is the
enclave developer’s responsibility to address side-channel attack concerns.
4 Daniel Gruss — Graz University of Technology
![Page 22: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/22.jpg)
Intel SGX Developer Guide www.tugraz.at
Protection from Side-Channel Attacks
Intel SGX does not provide explicit protection from side-channel attacks. It is the
enclave developer’s responsibility to address side-channel attack concerns.
4 Daniel Gruss — Graz University of Technology
![Page 23: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/23.jpg)
![Page 24: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/24.jpg)
SGX Wallets www.tugraz.at
• Ledger SGX Enclave for blockchain applications
• BitPay Copay Bitcoin wallet
• Teechain payment channel using SGX
Teechain
[...] We assume the TEE guarantees to hold and do not
consider side-channel attacks [5, 35, 46] on the TEE. Such
attacks and their mitigations [36, 43] are outside the scope of
this work. [...]
5 Daniel Gruss — Graz University of Technology
![Page 25: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/25.jpg)
SGX Wallets www.tugraz.at
• Ledger SGX Enclave for blockchain applications
• BitPay Copay Bitcoin wallet
• Teechain payment channel using SGX
Teechain
[...] We assume the TEE guarantees to hold
and do not
consider side-channel attacks [5, 35, 46] on the TEE. Such
attacks and their mitigations [36, 43] are outside the scope of
this work. [...]
5 Daniel Gruss — Graz University of Technology
![Page 26: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/26.jpg)
SGX Wallets www.tugraz.at
• Ledger SGX Enclave for blockchain applications
• BitPay Copay Bitcoin wallet
• Teechain payment channel using SGX
Teechain
[...] We assume the TEE guarantees to hold and do not
consider side-channel attacks [5, 35, 46] on the TEE.
Such
attacks and their mitigations [36, 43] are outside the scope of
this work. [...]
5 Daniel Gruss — Graz University of Technology
![Page 27: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/27.jpg)
SGX Wallets www.tugraz.at
• Ledger SGX Enclave for blockchain applications
• BitPay Copay Bitcoin wallet
• Teechain payment channel using SGX
Teechain
[...] We assume the TEE guarantees to hold and do not
consider side-channel attacks [5, 35, 46] on the TEE. Such
attacks and their mitigations [36, 43] are outside the scope of
this work. [...]
5 Daniel Gruss — Graz University of Technology
![Page 28: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/28.jpg)
Attacking a weak RSA implementation inside SGX www.tugraz.at
Raw Prime+Probe trace...1
1M. Schwarz, D. Gruss, S. Weiser, C. Maurice, and S. Mangard. Malware Guard Extension: Using
SGX to Conceal Cache Attacks. In: DIMVA. 2017.
6 Daniel Gruss — Graz University of Technology
![Page 29: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/29.jpg)
Attacking a weak RSA implementation inside SGX www.tugraz.at
...processed with a simple moving average...2
2M. Schwarz, D. Gruss, S. Weiser, C. Maurice, and S. Mangard. Malware Guard Extension: Using
SGX to Conceal Cache Attacks. In: DIMVA. 2017.
7 Daniel Gruss — Graz University of Technology
![Page 30: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/30.jpg)
Attacking a weak RSA implementation inside SGX www.tugraz.at
...allows to clearly see the bits of the exponent3
1 1 1 00 1 1 1 01 1 1 00000001 000 1 0 1 00 1 1 00 1 1 01 1 1 1 1 0 1 1 1 1 0 1 000 1 00 1 1 1 0 1 000 1 1 1 0000 1 1 1
3M. Schwarz, D. Gruss, S. Weiser, C. Maurice, and S. Mangard. Malware Guard Extension: Using
SGX to Conceal Cache Attacks. In: DIMVA. 2017.
8 Daniel Gruss — Graz University of Technology
![Page 31: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/31.jpg)
![Page 32: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/32.jpg)
![Page 33: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/33.jpg)
Microarchitectural Attacks - Threat Model www.tugraz.at
• Usually no physical access
• Local code
• Co-located code
• Different meanings of “remote”
1. Attacker controls code in browser sandbox (e.g., [Ore+15;
GMM16])
2. Attacker cannot control any code on the system
9 Daniel Gruss — Graz University of Technology
![Page 34: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/34.jpg)
Microarchitectural Attacks - Threat Model www.tugraz.at
• Usually no physical access
• Local code
• Co-located code
• Different meanings of “remote”
1. Attacker controls code in browser sandbox (e.g., [Ore+15;
GMM16])
2. Attacker cannot control any code on the system
9 Daniel Gruss — Graz University of Technology
![Page 35: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/35.jpg)
Microarchitectural Attacks - Threat Model www.tugraz.at
• Usually no physical access
• Local code
• Co-located code
• Different meanings of “remote”
1. Attacker controls code in browser sandbox (e.g., [Ore+15;
GMM16])
2. Attacker cannot control any code on the system
9 Daniel Gruss — Graz University of Technology
![Page 36: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/36.jpg)
Microarchitectural Attacks - Threat Model www.tugraz.at
• Usually no physical access
• Local code
• Co-located code
• Different meanings of “remote”
1. Attacker controls code in browser sandbox (e.g., [Ore+15;
GMM16])
2. Attacker cannot control any code on the system
9 Daniel Gruss — Graz University of Technology
![Page 37: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/37.jpg)
Microarchitectural Attacks - Threat Model www.tugraz.at
• Usually no physical access
• Local code
• Co-located code
• Different meanings of “remote”
1. Attacker controls code in browser sandbox (e.g., [Ore+15;
GMM16])
2. Attacker cannot control any code on the system
9 Daniel Gruss — Graz University of Technology
![Page 38: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/38.jpg)
Microarchitectural Attacks - Threat Model www.tugraz.at
• Usually no physical access
• Local code
• Co-located code
• Different meanings of “remote”
1. Attacker controls code in browser sandbox (e.g., [Ore+15;
GMM16])
2. Attacker cannot control any code on the system
9 Daniel Gruss — Graz University of Technology
![Page 39: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/39.jpg)
Microarchitectural Attacks - Threat Model www.tugraz.at
• Usually no physical access
• Local code
• Co-located code
• Different meanings of “remote”
1. Attacker controls code in browser sandbox (e.g., [Ore+15;
GMM16])
2. Attacker cannot control any code on the system
9 Daniel Gruss — Graz University of Technology
![Page 40: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/40.jpg)
![Page 41: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/41.jpg)
![Page 42: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/42.jpg)
![Page 43: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/43.jpg)
![Page 44: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/44.jpg)
![Page 45: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/45.jpg)
1337 4242
Revolutionary concept!
Store your food at home, never go to the grocery store during cooking.
Can store ALL kinds of food.
ONLY TODAY INSTEAD OF $1,300
ORDER VIA PHONE: +555 12345
![Page 46: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/46.jpg)
CPU Cache www.tugraz.at
10 Daniel Gruss — Graz University of Technology
![Page 47: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/47.jpg)
CPU Cache www.tugraz.at
10 Daniel Gruss — Graz University of Technology
![Page 48: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/48.jpg)
CPU Cache www.tugraz.at
10 Daniel Gruss — Graz University of Technology
![Page 49: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/49.jpg)
CPU Cache www.tugraz.at
10 Daniel Gruss — Graz University of Technology
![Page 50: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/50.jpg)
CPU Cache www.tugraz.at
10 Daniel Gruss — Graz University of Technology
![Page 51: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/51.jpg)
CPU Cache www.tugraz.at
10 Daniel Gruss — Graz University of Technology
![Page 52: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/52.jpg)
CPU Cache www.tugraz.at
10 Daniel Gruss — Graz University of Technology
![Page 53: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/53.jpg)
CPU Cache www.tugraz.at
10 Daniel Gruss — Graz University of Technology
![Page 54: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/54.jpg)
Flush+Reload www.tugraz.at
11 Daniel Gruss — Graz University of Technology
![Page 55: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/55.jpg)
Flush+Reload www.tugraz.at
11 Daniel Gruss — Graz University of Technology
![Page 56: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/56.jpg)
Flush+Reload www.tugraz.at
11 Daniel Gruss — Graz University of Technology
![Page 57: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/57.jpg)
Flush+Reload www.tugraz.at
11 Daniel Gruss — Graz University of Technology
![Page 58: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/58.jpg)
Flush+Reload www.tugraz.at
11 Daniel Gruss — Graz University of Technology
![Page 59: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/59.jpg)
Flush+Reload www.tugraz.at
11 Daniel Gruss — Graz University of Technology
![Page 60: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/60.jpg)
Flush+Reload www.tugraz.at
11 Daniel Gruss — Graz University of Technology
![Page 61: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/61.jpg)
Flush+Reload www.tugraz.at
11 Daniel Gruss — Graz University of Technology
![Page 62: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/62.jpg)
Temporal Component: Timestamps www.tugraz.at
Physical Side Channels
• theoretical maximum accuracy of 5.4 · 10−44s
• feasible today: 850 · 10−21s
Microarchitectural Attacks
• often around nanoseconds
• sometimes much lower
12 Daniel Gruss — Graz University of Technology
![Page 63: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/63.jpg)
Temporal Component: Timestamps www.tugraz.at
Physical Side Channels
• theoretical maximum accuracy of 5.4 · 10−44s
• feasible today: 850 · 10−21s
Microarchitectural Attacks
• often around nanoseconds
• sometimes much lower
12 Daniel Gruss — Graz University of Technology
![Page 64: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/64.jpg)
Temporal Component: Timestamps www.tugraz.at
Physical Side Channels
• theoretical maximum accuracy of 5.4 · 10−44s
• feasible today: 850 · 10−21s
Microarchitectural Attacks
• often around nanoseconds
• sometimes much lower
12 Daniel Gruss — Graz University of Technology
![Page 65: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/65.jpg)
Temporal Component: Timestamps www.tugraz.at
Physical Side Channels
• theoretical maximum accuracy of 5.4 · 10−44s
• feasible today: 850 · 10−21s
Microarchitectural Attacks
• often around nanoseconds
• sometimes much lower
12 Daniel Gruss — Graz University of Technology
![Page 66: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/66.jpg)
Temporal Component: Timestamps www.tugraz.at
Physical Side Channels
• theoretical maximum accuracy of 5.4 · 10−44s
• feasible today: 850 · 10−21s
Microarchitectural Attacks
• often around nanoseconds
• sometimes much lower
12 Daniel Gruss — Graz University of Technology
![Page 67: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/67.jpg)
Temporal Component: Timestamps www.tugraz.at
Physical Side Channels
• theoretical maximum accuracy of 5.4 · 10−44s
• feasible today: 850 · 10−21s
Microarchitectural Attacks
• often around nanoseconds
• sometimes much lower
12 Daniel Gruss — Graz University of Technology
![Page 68: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/68.jpg)
Temporal Component: Sampling Rate www.tugraz.at
Physical Side Channels
• in the range of multiple GHz
Microarchitectural Attacks
• usually varying frequency (depending on the attack)
• between a few ns (< 1 GHz) and multiple seconds (< 1 Hz) (or
even worse)
• strongly dependent on the specific attack
• device under test = measurement device
• observer effect
13 Daniel Gruss — Graz University of Technology
![Page 69: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/69.jpg)
Temporal Component: Sampling Rate www.tugraz.at
Physical Side Channels
• in the range of multiple GHz
Microarchitectural Attacks
• usually varying frequency (depending on the attack)
• between a few ns (< 1 GHz) and multiple seconds (< 1 Hz) (or
even worse)
• strongly dependent on the specific attack
• device under test = measurement device
• observer effect
13 Daniel Gruss — Graz University of Technology
![Page 70: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/70.jpg)
Temporal Component: Sampling Rate www.tugraz.at
Physical Side Channels
• in the range of multiple GHz
Microarchitectural Attacks
• usually varying frequency (depending on the attack)
• between a few ns (< 1 GHz) and multiple seconds (< 1 Hz) (or
even worse)
• strongly dependent on the specific attack
• device under test = measurement device
• observer effect
13 Daniel Gruss — Graz University of Technology
![Page 71: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/71.jpg)
Temporal Component: Sampling Rate www.tugraz.at
Physical Side Channels
• in the range of multiple GHz
Microarchitectural Attacks
• usually varying frequency (depending on the attack)
• between a few ns (< 1 GHz) and multiple seconds (< 1 Hz) (or
even worse)
• strongly dependent on the specific attack
• device under test = measurement device
• observer effect
13 Daniel Gruss — Graz University of Technology
![Page 72: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/72.jpg)
Temporal Component: Sampling Rate www.tugraz.at
Physical Side Channels
• in the range of multiple GHz
Microarchitectural Attacks
• usually varying frequency (depending on the attack)
• between a few ns (< 1 GHz) and multiple seconds (< 1 Hz) (or
even worse)
• strongly dependent on the specific attack
• device under test = measurement device
• observer effect
13 Daniel Gruss — Graz University of Technology
![Page 73: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/73.jpg)
Temporal Component: Sampling Rate www.tugraz.at
Physical Side Channels
• in the range of multiple GHz
Microarchitectural Attacks
• usually varying frequency (depending on the attack)
• between a few ns (< 1 GHz) and multiple seconds (< 1 Hz) (or
even worse)
• strongly dependent on the specific attack
• device under test = measurement device
• observer effect
13 Daniel Gruss — Graz University of Technology
![Page 74: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/74.jpg)
Temporal Component: Sampling Rate www.tugraz.at
Physical Side Channels
• in the range of multiple GHz
Microarchitectural Attacks
• usually varying frequency (depending on the attack)
• between a few ns (< 1 GHz) and multiple seconds (< 1 Hz) (or
even worse)
• strongly dependent on the specific attack
• device under test = measurement device
• observer effect
13 Daniel Gruss — Graz University of Technology
![Page 75: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/75.jpg)
Temporal Component: Sampling Rate www.tugraz.at
Physical Side Channels
• in the range of multiple GHz
Microarchitectural Attacks
• usually varying frequency (depending on the attack)
• between a few ns (< 1 GHz) and multiple seconds (< 1 Hz) (or
even worse)
• strongly dependent on the specific attack
• device under test = measurement device
• observer effect
13 Daniel Gruss — Graz University of Technology
![Page 76: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/76.jpg)
Microarchitectural Observer Effect www.tugraz.at
device under test = measurement device
• measuring time takes some time
• limits the resolution
• measuring cache hits/misses manipulates the cache state
• virtually all measurements are destructive
14 Daniel Gruss — Graz University of Technology
![Page 77: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/77.jpg)
Measurement Noise www.tugraz.at
Flush+Reload has no noise except for:
• Race condition between attacker and victim (observer effect)
• Speculative execution
• Prefetching
• ...
→ Typically > 99.99% precision and recall
15 Daniel Gruss — Graz University of Technology
![Page 78: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/78.jpg)
Measurement Noise www.tugraz.at
Flush+Reload has no noise except for:
• Race condition between attacker and victim (observer effect)
• Speculative execution
• Prefetching
• ...
→ Typically > 99.99% precision and recall
15 Daniel Gruss — Graz University of Technology
![Page 79: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/79.jpg)
Measurement Noise www.tugraz.at
Flush+Reload has no noise except for:
• Race condition between attacker and victim (observer effect)
• Speculative execution
• Prefetching
• ...
→ Typically > 99.99% precision and recall
15 Daniel Gruss — Graz University of Technology
![Page 80: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/80.jpg)
Measurement Noise www.tugraz.at
Flush+Reload has no noise except for:
• Race condition between attacker and victim (observer effect)
• Speculative execution
• Prefetching
• ...
→ Typically > 99.99% precision and recall
15 Daniel Gruss — Graz University of Technology
![Page 81: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/81.jpg)
Measurement Noise www.tugraz.at
Flush+Reload has no noise except for:
• Race condition between attacker and victim (observer effect)
• Speculative execution
• Prefetching
• ...
→ Typically > 99.99% precision and recall
15 Daniel Gruss — Graz University of Technology
![Page 82: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/82.jpg)
Measurement Noise www.tugraz.at
Flush+Reload has no noise except for:
• Race condition between attacker and victim (observer effect)
• Speculative execution
• Prefetching
• ...
→ Typically > 99.99% precision and recall
15 Daniel Gruss — Graz University of Technology
![Page 83: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/83.jpg)
Measurement Noise www.tugraz.at
Flush+Reload has no noise except for:
• Race condition between attacker and victim (observer effect)
• Speculative execution
• Prefetching
• ...
→ Typically > 99.99% precision and recall
15 Daniel Gruss — Graz University of Technology
![Page 84: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/84.jpg)
Measurement Noise www.tugraz.at
Flush+Reload has no noise except for:
• Race condition between attacker and victim (observer effect)
• Speculative execution
• Prefetching
• ...
→ Typically > 99.99% precision and recall
15 Daniel Gruss — Graz University of Technology
![Page 85: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/85.jpg)
Measuring Processor Operations
![Page 86: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/86.jpg)
Timing Measurements www.tugraz.at
• Very short timings
• rdtsc instruction: “cycle-accurate” timestamps
[...]
rdtsc
function()
rdtsc
[...]
16 Daniel Gruss — Graz University of Technology
![Page 87: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/87.jpg)
What are we measuring? www.tugraz.at
• Do you measure what you think you measure?
• Out-of-order execution → what is really executed
rdtsc
function()
[...]
rdtsc
rdtsc
[...]
rdtsc
function()
rdtsc
rdtsc
function()
[...]
17 Daniel Gruss — Graz University of Technology
![Page 88: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/88.jpg)
![Page 89: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/89.jpg)
Accurate Microarchitecture Timing www.tugraz.at
• use pseudo-serializing instruction rdtscp (recent CPUs)
• and/or use serializing instructions like cpuid
• and/or use fences like mfence
Intel, How to Benchmark Code Execution Times on Intel IA-32 and IA-64 Instruction Set Architectures
White Paper, December 2010.
18 Daniel Gruss — Graz University of Technology
![Page 90: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/90.jpg)
Accurate Microarchitecture Timing www.tugraz.at
• use pseudo-serializing instruction rdtscp (recent CPUs)
• and/or use serializing instructions like cpuid
• and/or use fences like mfence
Intel, How to Benchmark Code Execution Times on Intel IA-32 and IA-64 Instruction Set Architectures
White Paper, December 2010.
18 Daniel Gruss — Graz University of Technology
![Page 91: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/91.jpg)
Accurate Microarchitecture Timing www.tugraz.at
• use pseudo-serializing instruction rdtscp (recent CPUs)
• and/or use serializing instructions like cpuid
• and/or use fences like mfence
Intel, How to Benchmark Code Execution Times on Intel IA-32 and IA-64 Instruction Set Architectures
White Paper, December 2010.
18 Daniel Gruss — Graz University of Technology
![Page 92: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/92.jpg)
Accurate Microarchitecture Timing www.tugraz.at
• use pseudo-serializing instruction rdtscp (recent CPUs)
• and/or use serializing instructions like cpuid
• and/or use fences like mfence
Intel, How to Benchmark Code Execution Times on Intel IA-32 and IA-64 Instruction Set Architectures
White Paper, December 2010.
18 Daniel Gruss — Graz University of Technology
![Page 93: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/93.jpg)
![Page 94: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/94.jpg)
Memory Access Latency www.tugraz.at
50 100 150 200 250 300 350 400
101
104
107
Access time [CPU cycles]
Nu
mb
erof
acce
sses
Cache Hits
19 Daniel Gruss — Graz University of Technology
![Page 95: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/95.jpg)
Memory Access Latency www.tugraz.at
50 100 150 200 250 300 350 400
101
104
107
Access time [CPU cycles]
Nu
mb
erof
acce
sses
Cache Hits Cache Misses
19 Daniel Gruss — Graz University of Technology
![Page 96: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/96.jpg)
Temporal Component www.tugraz.at
• Flush+Reload had beautifully nice timings, right?
• Well... steps of 2-4 cycles
• only 35-70 steps between hits and misses
• On some devices only 1-2 steps!
20 Daniel Gruss — Graz University of Technology
![Page 97: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/97.jpg)
Temporal Component www.tugraz.at
• Flush+Reload had beautifully nice timings, right?
• Well... steps of 2-4 cycles
• only 35-70 steps between hits and misses
• On some devices only 1-2 steps!
20 Daniel Gruss — Graz University of Technology
![Page 98: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/98.jpg)
Temporal Component www.tugraz.at
• Flush+Reload had beautifully nice timings, right?
• Well... steps of 2-4 cycles
• only 35-70 steps between hits and misses
• On some devices only 1-2 steps!
20 Daniel Gruss — Graz University of Technology
![Page 99: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/99.jpg)
Temporal Component www.tugraz.at
• Flush+Reload had beautifully nice timings, right?
• Well... steps of 2-4 cycles
• only 35-70 steps between hits and misses
• On some devices only 1-2 steps!
20 Daniel Gruss — Graz University of Technology
![Page 100: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/100.jpg)
Temporal Component www.tugraz.at
• Flush+Reload had beautifully nice timings, right?
• Well... steps of 2-4 cycles
• only 35-70 steps between hits and misses
• On some devices only 1-2 steps!
20 Daniel Gruss — Graz University of Technology
![Page 101: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/101.jpg)
Temporal Component www.tugraz.at
• Flush+Reload had beautifully nice timings, right?
• Well... steps of 2-4 cycles
• only 35-70 steps between hits and misses
• On some devices only 1-2 steps!
20 Daniel Gruss — Graz University of Technology
![Page 102: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/102.jpg)
Temporal Component www.tugraz.at
• Flush+Reload had beautifully nice timings, right?
• Well... steps of 2-4 cycles
• only 35-70 steps between hits and misses
• On some devices only 1-2 steps!
20 Daniel Gruss — Graz University of Technology
![Page 103: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/103.jpg)
Timer www.tugraz.at
• We can build our own timer [Lip+16; Sch+17]
• Start a thread that continuously increments a global variable
• The global variable is our timestamp
21 Daniel Gruss — Graz University of Technology
![Page 104: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/104.jpg)
Timer www.tugraz.at
• We can build our own timer [Lip+16; Sch+17]
• Start a thread that continuously increments a global variable
• The global variable is our timestamp
21 Daniel Gruss — Graz University of Technology
![Page 105: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/105.jpg)
Timer www.tugraz.at
• We can build our own timer [Lip+16; Sch+17]
• Start a thread that continuously increments a global variable
• The global variable is our timestamp
21 Daniel Gruss — Graz University of Technology
![Page 106: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/106.jpg)
![Page 107: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/107.jpg)
![Page 108: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/108.jpg)
Self-built Timer www.tugraz.at
CPU cycles one increment takes
Optimized
Assembly
C
rdtsc 3
4.7
4.67
0.87
3 1 t imestamp = r d t s c ( ) ;
22 Daniel Gruss — Graz University of Technology
![Page 109: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/109.jpg)
Self-built Timer www.tugraz.at
CPU cycles one increment takes
Optimized
Assembly
C
rdtsc 3
4.7
4.67
0.87
3 1 whi le (1 ) {2 t imestamp++;
3 }
22 Daniel Gruss — Graz University of Technology
![Page 110: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/110.jpg)
Self-built Timer www.tugraz.at
CPU cycles one increment takes
Optimized
Assembly
C
rdtsc 3
4.7
4.67
0.87
3
4.7
22 Daniel Gruss — Graz University of Technology
![Page 111: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/111.jpg)
Self-built Timer www.tugraz.at
CPU cycles one increment takes
Optimized
Assembly
C
rdtsc 3
4.7
4.67
0.87
3
4.7
1 mov ×tamp , %rcx
2 1 : i n c l (% rcx )
3 jmp 1b
22 Daniel Gruss — Graz University of Technology
![Page 112: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/112.jpg)
Self-built Timer www.tugraz.at
CPU cycles one increment takes
Optimized
Assembly
C
rdtsc 3
4.7
4.67
0.87
3
4.7
4.67
22 Daniel Gruss — Graz University of Technology
![Page 113: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/113.jpg)
Self-built Timer www.tugraz.at
CPU cycles one increment takes
Optimized
Assembly
C
rdtsc 3
4.7
4.67
0.87
3
4.7
4.67
1 mov ×tamp , %rcx
2 1 : i n c %rax
3 mov %rax , (% rcx )
4 jmp 1b
22 Daniel Gruss — Graz University of Technology
![Page 114: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/114.jpg)
Self-built Timer www.tugraz.at
CPU cycles one increment takes
Optimized
Assembly
C
rdtsc 3
4.7
4.67
0.87
3
4.7
4.67
0.87
22 Daniel Gruss — Graz University of Technology
![Page 115: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/115.jpg)
![Page 116: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/116.jpg)
![Page 117: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/117.jpg)
Spatial Component www.tugraz.at
• physical: different offsets on the chip
• microarchitectural:
• different microarchitectural elements
• more significant: huge virtual adress space
• 248 different virtual memory locations
• the location is often (part of) the secret
23 Daniel Gruss — Graz University of Technology
![Page 118: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/118.jpg)
Spatial Component www.tugraz.at
• physical: different offsets on the chip
• microarchitectural:
• different microarchitectural elements
• more significant: huge virtual adress space
• 248 different virtual memory locations
• the location is often (part of) the secret
23 Daniel Gruss — Graz University of Technology
![Page 119: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/119.jpg)
Spatial Component www.tugraz.at
• physical: different offsets on the chip
• microarchitectural:
• different microarchitectural elements
• more significant: huge virtual adress space
• 248 different virtual memory locations
• the location is often (part of) the secret
23 Daniel Gruss — Graz University of Technology
![Page 120: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/120.jpg)
Spatial Component www.tugraz.at
• physical: different offsets on the chip
• microarchitectural:
• different microarchitectural elements
• more significant: huge virtual adress space
• 248 different virtual memory locations
• the location is often (part of) the secret
23 Daniel Gruss — Graz University of Technology
![Page 121: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/121.jpg)
Spatial Component www.tugraz.at
• physical: different offsets on the chip
• microarchitectural:
• different microarchitectural elements
• more significant: huge virtual adress space
• 248 different virtual memory locations
• the location is often (part of) the secret
23 Daniel Gruss — Graz University of Technology
![Page 122: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/122.jpg)
Spatial Component www.tugraz.at
• physical: different offsets on the chip
• microarchitectural:
• different microarchitectural elements
• more significant: huge virtual adress space
• 248 different virtual memory locations
• the location is often (part of) the secret
23 Daniel Gruss — Graz University of Technology
![Page 123: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/123.jpg)
Spatial Component www.tugraz.at
• physical: different offsets on the chip
• microarchitectural:
• different microarchitectural elements
• more significant: huge virtual adress space
• 248 different virtual memory locations
• the location is often (part of) the secret
23 Daniel Gruss — Graz University of Technology
![Page 124: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/124.jpg)
Spatial Component www.tugraz.at
• physical: different offsets on the chip
• microarchitectural:
• different microarchitectural elements
• more significant: huge virtual adress space
• 248 different virtual memory locations
• the location is often (part of) the secret
23 Daniel Gruss — Graz University of Technology
![Page 125: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/125.jpg)
Spatial Component www.tugraz.at
• physical: different offsets on the chip
• microarchitectural:
• different microarchitectural elements
• more significant: huge virtual adress space
• 248 different virtual memory locations
• the location is often (part of) the secret
23 Daniel Gruss — Graz University of Technology
![Page 126: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/126.jpg)
Cache Template Attack Demo
![Page 127: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/127.jpg)
Cache Template4 www.tugraz.at
Address
Keyg h i j k l m n o p q r s t u v w x y z
0x7c6800x7c6c00x7c7000x7c7400x7c7800x7c7c00x7c8000x7c8400x7c8800x7c8c00x7c9000x7c9400x7c9800x7c9c00x7ca000x7cb800x7cc400x7cc800x7ccc00x7cd00
4D. Gruss, R. Spreitzer, and S. Mangard. Cache Template Attacks: Automating Attacks on Inclusive
Last-Level Caches. In: USENIX Security Symposium. 2015.
25 Daniel Gruss — Graz University of Technology
![Page 128: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/128.jpg)
Page Cache www.tugraz.at
• Managed by operating system
• Buffers pages in RAM for faster accesses
• State of pages is tracked:
• No write access → clean → no write back
• Write access → dirty → write back
• Implemented by all major operating systems
26 Daniel Gruss — Graz University of Technology
![Page 129: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/129.jpg)
Page Cache www.tugraz.at
• Managed by operating system
• Buffers pages in RAM for faster accesses
• State of pages is tracked:
• No write access → clean → no write back
• Write access → dirty → write back
• Implemented by all major operating systems
26 Daniel Gruss — Graz University of Technology
![Page 130: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/130.jpg)
Page Cache www.tugraz.at
• Managed by operating system
• Buffers pages in RAM for faster accesses
• State of pages is tracked:
• No write access → clean → no write back
• Write access → dirty → write back
• Implemented by all major operating systems
26 Daniel Gruss — Graz University of Technology
![Page 131: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/131.jpg)
Page Cache www.tugraz.at
• Managed by operating system
• Buffers pages in RAM for faster accesses
• State of pages is tracked:
• No write access → clean → no write back
• Write access → dirty → write back
• Implemented by all major operating systems
26 Daniel Gruss — Graz University of Technology
![Page 132: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/132.jpg)
Page Cache www.tugraz.at
• Managed by operating system
• Buffers pages in RAM for faster accesses
• State of pages is tracked:
• No write access → clean → no write back
• Write access → dirty → write back
• Implemented by all major operating systems
26 Daniel Gruss — Graz University of Technology
![Page 133: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/133.jpg)
Page Cache www.tugraz.at
• Managed by operating system
• Buffers pages in RAM for faster accesses
• State of pages is tracked:
• No write access → clean → no write back
• Write access → dirty → write back
• Implemented by all major operating systems
26 Daniel Gruss — Graz University of Technology
![Page 134: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/134.jpg)
Page Cache Attacks www.tugraz.at
OS
Disk
Victim Attacker
Address space
foo.so#2foo.so#1
foo.so#3foo.so#4
eviction#2eviction#3eviction#4eviction#5
eviction#1
foo.so#1foo.so#2foo.so#3foo.so#4
Address space
RAM
page cache
27 Daniel Gruss — Graz University of Technology
![Page 135: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/135.jpg)
Page Cache Attacks www.tugraz.at
OS
Disk
Victim Attacker
Address space
foo.so#2foo.so#1
foo.so#3foo.so#4
eviction#2eviction#3eviction#4eviction#5
eviction#1
foo.so#1foo.so#2foo.so#3foo.so#4
Address space
RAM
page cache
foo.so#2
faults
fetches foo.so#2
buffers foo.so#2
accesses
slow
28 Daniel Gruss — Graz University of Technology
![Page 136: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/136.jpg)
Page Cache Attacks www.tugraz.at
OS
Disk
Victim Attacker
Address space
foo.so#2foo.so#1
foo.so#3foo.so#4
eviction#2eviction#3eviction#4eviction#5
eviction#1
foo.so#1foo.so#2foo.so#3foo.so#4
Address space
RAM
page cache
foo.so#2
29 Daniel Gruss — Graz University of Technology
![Page 137: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/137.jpg)
Page Cache Attacks www.tugraz.at
OS
Disk
Victim Attacker
Address space
foo.so#2foo.so#1
foo.so#3foo.so#4
eviction#2eviction#3eviction#4eviction#5
eviction#1
foo.so#1foo.so#2foo.so#3foo.so#4
Address space
RAM
page cache
foo.so#2
accesses
fast
30 Daniel Gruss — Graz University of Technology
![Page 138: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/138.jpg)
Page Cache Attacks www.tugraz.at
OS
Disk
Victim Attacker
Address space
foo.so#2foo.so#1
foo.so#3foo.so#4
eviction#2eviction#3eviction#4eviction#5
eviction#1
foo.so#1foo.so#2foo.so#3foo.so#4
Address space
RAM
page cache
foo.so#2
eviction#5
accessesfetches eviction#5
buffers eviction#5
faults
slow
31 Daniel Gruss — Graz University of Technology
![Page 139: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/139.jpg)
Page Cache Attacks www.tugraz.at
OS
Disk
Victim Attacker
Address space
foo.so#2foo.so#1
foo.so#3foo.so#4
eviction#2eviction#3eviction#4eviction#5
eviction#1
foo.so#1foo.so#2foo.so#3foo.so#4
Address space
RAM
page cache
eviction#4foo.so#2
eviction#5
accessesfetches eviction#4
buffers eviction#4
faults
slow
32 Daniel Gruss — Graz University of Technology
![Page 140: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/140.jpg)
Page Cache Attacks www.tugraz.at
OS
Disk
Victim Attacker
Address space
foo.so#2foo.so#1
foo.so#3foo.so#4
eviction#2eviction#3eviction#4eviction#5
eviction#1
foo.so#1foo.so#2foo.so#3foo.so#4
Address space
RAM
page cache
eviction#4foo.so#2
eviction#3
eviction#5
accessesfetches eviction#3
buffers eviction#3
faults
slow
33 Daniel Gruss — Graz University of Technology
![Page 141: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/141.jpg)
Page Cache Attacks www.tugraz.at
OS
Disk
Victim Attacker
Address space
foo.so#2foo.so#1
foo.so#3foo.so#4
eviction#2eviction#3eviction#4eviction#5
eviction#1
foo.so#1foo.so#2foo.so#3foo.so#4
Address space
RAM
page cache
eviction#4foo.so#2
eviction#3eviction#2
eviction#5
accessesfetches eviction#2
buffers eviction#2
faults
slow
34 Daniel Gruss — Graz University of Technology
![Page 142: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/142.jpg)
Page Cache Attacks www.tugraz.at
OS
Disk
Victim Attacker
Address space
foo.so#2foo.so#1
foo.so#3foo.so#4
eviction#2eviction#3eviction#4eviction#5
eviction#1
foo.so#1foo.so#2foo.so#3foo.so#4
Address space
RAM
page cache
eviction#4eviction#1eviction#3eviction#2
eviction#5
accessesfetches eviction#1
buffers eviction#1
faults
slow
35 Daniel Gruss — Graz University of Technology
![Page 143: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/143.jpg)
Page Cache Attacks www.tugraz.at
OS
Disk
Victim Attacker
Address space
foo.so#2foo.so#1
foo.so#3foo.so#4
eviction#2eviction#3eviction#4eviction#5
eviction#1
foo.so#1foo.so#2foo.so#3foo.so#4
Address space
RAM
page cache
eviction#4eviction#1eviction#3eviction#2
eviction#5
36 Daniel Gruss — Graz University of Technology
![Page 144: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/144.jpg)
Page Cache Attacks www.tugraz.at
OS
Disk
Victim Attacker
Address space
foo.so#2foo.so#1
foo.so#3foo.so#4
eviction#2eviction#3eviction#4eviction#5
eviction#1
foo.so#1foo.so#2foo.so#3foo.so#4
Address space
RAM
page cache
eviction#4eviction#1eviction#3eviction#2
foo.so#2
accessesfetches foo.so#2
buffers foo.so#2
faults
slow
37 Daniel Gruss — Graz University of Technology
![Page 145: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/145.jpg)
Observe Page Cache State www.tugraz.at
1010 1
mincore (2.04µs)
• Takes virtual memory range, returns vector
• Indicates presence of queried pages in page cache
QueryWorkingSetEx (465.91 ns)
• Takes process handle + virtual memory address, returns struct
• Exposes attributes of queried page ...
• ... presence in working set
• ... number of working sets containing page (ShareCount)
38 Daniel Gruss — Graz University of Technology
![Page 146: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/146.jpg)
Observe Page Cache State www.tugraz.at
1010 1
mincore (2.04µs)
• Takes virtual memory range, returns vector
• Indicates presence of queried pages in page cache
QueryWorkingSetEx (465.91 ns)
• Takes process handle + virtual memory address, returns struct
• Exposes attributes of queried page ...
• ... presence in working set
• ... number of working sets containing page (ShareCount)
38 Daniel Gruss — Graz University of Technology
![Page 147: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/147.jpg)
Observe Page Cache State www.tugraz.at
1010 1
mincore (2.04µs)
• Takes virtual memory range, returns vector
• Indicates presence of queried pages in page cache
QueryWorkingSetEx (465.91 ns)
• Takes process handle + virtual memory address, returns struct
• Exposes attributes of queried page ...
• ... presence in working set
• ... number of working sets containing page (ShareCount)
38 Daniel Gruss — Graz University of Technology
![Page 148: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/148.jpg)
Observe Page Cache State www.tugraz.at
1010 1
mincore (2.04µs)
• Takes virtual memory range, returns vector
• Indicates presence of queried pages in page cache
QueryWorkingSetEx (465.91 ns)
• Takes process handle + virtual memory address, returns struct
• Exposes attributes of queried page ...
• ... presence in working set
• ... number of working sets containing page (ShareCount)
38 Daniel Gruss — Graz University of Technology
![Page 149: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/149.jpg)
Observe Page Cache State www.tugraz.at
1010 1
mincore (2.04µs)
• Takes virtual memory range, returns vector
• Indicates presence of queried pages in page cache
QueryWorkingSetEx (465.91 ns)
• Takes process handle + virtual memory address, returns struct
• Exposes attributes of queried page ...
• ... presence in working set
• ... number of working sets containing page (ShareCount)
38 Daniel Gruss — Graz University of Technology
![Page 150: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/150.jpg)
Observe Page Cache State www.tugraz.at
1010 1
mincore (2.04µs)
• Takes virtual memory range, returns vector
• Indicates presence of queried pages in page cache
QueryWorkingSetEx (465.91 ns)
• Takes process handle + virtual memory address, returns struct
• Exposes attributes of queried page ...
• ... presence in working set
• ... number of working sets containing page (ShareCount)
38 Daniel Gruss — Graz University of Technology
![Page 151: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/151.jpg)
Observe Page Cache State www.tugraz.at
1010 1
mincore (2.04µs)
• Takes virtual memory range, returns vector
• Indicates presence of queried pages in page cache
QueryWorkingSetEx (465.91 ns)
• Takes process handle + virtual memory address, returns struct
• Exposes attributes of queried page ...
• ... presence in working set
• ... number of working sets containing page (ShareCount)
38 Daniel Gruss — Graz University of Technology
![Page 152: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/152.jpg)
Observe Page Cache State www.tugraz.at
1010 1
mincore (2.04µs)
• Takes virtual memory range, returns vector
• Indicates presence of queried pages in page cache
QueryWorkingSetEx (465.91 ns)
• Takes process handle + virtual memory address, returns struct
• Exposes attributes of queried page ...
• ... presence in working set
• ... number of working sets containing page (ShareCount)
38 Daniel Gruss — Graz University of Technology
![Page 153: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/153.jpg)
Reset Page Cache State www.tugraz.at
• Necessary for detecting multiple accesses
• Bottleneck of side channel
• Linux: eviction (takes 149 ms)
• Windows: VirtualUnlock if possible (takes 17.69µs)
• Windows: SetProcessWorkingSetSize + eviction (takes
4.48 ms)
39 Daniel Gruss — Graz University of Technology
![Page 154: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/154.jpg)
Reset Page Cache State www.tugraz.at
• Necessary for detecting multiple accesses
• Bottleneck of side channel
• Linux: eviction (takes 149 ms)
• Windows: VirtualUnlock if possible (takes 17.69µs)
• Windows: SetProcessWorkingSetSize + eviction (takes
4.48 ms)
39 Daniel Gruss — Graz University of Technology
![Page 155: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/155.jpg)
Reset Page Cache State www.tugraz.at
• Necessary for detecting multiple accesses
• Bottleneck of side channel
• Linux: eviction (takes 149 ms)
• Windows: VirtualUnlock if possible (takes 17.69µs)
• Windows: SetProcessWorkingSetSize + eviction (takes
4.48 ms)
39 Daniel Gruss — Graz University of Technology
![Page 156: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/156.jpg)
![Page 157: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/157.jpg)
![Page 158: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/158.jpg)
Countermeasures are Difficult www.tugraz.at
• We want the performance optimizations
• Many side-channel attacks exploit intended behavior
• Often a trade-off between security and performance
• Every optimization is potentially a side channel
42 Daniel Gruss — Graz University of Technology
![Page 159: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/159.jpg)
Countermeasures are Difficult www.tugraz.at
• We want the performance optimizations
• Many side-channel attacks exploit intended behavior
• Often a trade-off between security and performance
• Every optimization is potentially a side channel
42 Daniel Gruss — Graz University of Technology
![Page 160: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/160.jpg)
Countermeasures are Difficult www.tugraz.at
• We want the performance optimizations
• Many side-channel attacks exploit intended behavior
• Often a trade-off between security and performance
• Every optimization is potentially a side channel
42 Daniel Gruss — Graz University of Technology
![Page 161: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/161.jpg)
Countermeasures are Difficult www.tugraz.at
• We want the performance optimizations
• Many side-channel attacks exploit intended behavior
• Often a trade-off between security and performance
• Every optimization is potentially a side channel
42 Daniel Gruss — Graz University of Technology
![Page 162: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/162.jpg)
The Future www.tugraz.at
• We won’t get rid of side channels
• More optimizations → more side channels
• But: low hanging fruits will disappear
43 Daniel Gruss — Graz University of Technology
![Page 163: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/163.jpg)
The Future www.tugraz.at
• We won’t get rid of side channels
• More optimizations → more side channels
• But: low hanging fruits will disappear
43 Daniel Gruss — Graz University of Technology
![Page 164: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/164.jpg)
The Future www.tugraz.at
• We won’t get rid of side channels
• More optimizations → more side channels
• But: low hanging fruits will disappear
43 Daniel Gruss — Graz University of Technology
![Page 165: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/165.jpg)
Software-based Microarchitectural Attacks
Daniel Gruss
July 8, 2018
Graz University of Technology
44 Daniel Gruss — Graz University of Technology
![Page 166: Software-based Microarchitectural Attacks · attacks and their mitigations [36, 43] are outside the scope of this work. [...] 5 Daniel Gruss | Graz University of Technology. Attacking](https://reader036.vdocuments.us/reader036/viewer/2022070107/6021cec56996713aba46c369/html5/thumbnails/166.jpg)
References
D. Gruss, C. Maurice, and S. Mangard. Rowhammer.js: A Remote
Software-Induced Fault Attack in JavaScript. In: DIMVA. 2016.
D. Gruss, R. Spreitzer, and S. Mangard. Cache Template Attacks: Automating
Attacks on Inclusive Last-Level Caches. In: USENIX Security Symposium. 2015.
M. Lipp, D. Gruss, R. Spreitzer, C. Maurice, and S. Mangard. ARMageddon:
Cache Attacks on Mobile Devices. In: USENIX Security Symposium. 2016.
Y. Oren, V. P. Kemerlis, S. Sethumadhavan, and A. D. Keromytis. The Spy in the
Sandbox: Practical Cache Attacks in JavaScript and their Implications. In: CCS.
2015.
M. Schwarz, D. Gruss, S. Weiser, C. Maurice, and S. Mangard. Malware Guard
Extension: Using SGX to Conceal Cache Attacks. In: DIMVA. 2017.