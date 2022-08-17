



Researchers at MIT have developed a new software mitigation technique for hardware-level security vulnerabilities exposed in on-chip mesh interconnects.

On-chip interconnects enable communication between processor cores. The vulnerability exists in situations where a program runs on multiple cores simultaneously. When multiple cores use the same interconnect to send data across the chip, it can introduce delays, and malicious agents can use these delays as encrypted information from elsewhere in the system. can be exploited for what is called a side-channel attack that can steal

MIT researchers studied these attacks by reverse-engineering the on-chip interconnects and investigating how the flaws worked. Through this research, they formed an analytical model of how traffic flows between processor cores, which helped them design and deploy their own side-channel attacks. This in-depth knowledge has allowed the team to develop two mitigation strategies that improve security without making any physical changes to the chip.

Many of the current side-channel defenses are ad-hoc, and we’re seeing a little leak here and patching. We hope that our approach using this analytical model will drive more systematic and robust defenses that simultaneously eliminate entire classes of attacks,” said co-lead author Miles Dai in his MIT News article says:

For research, the MIT team built an analytical model of the processor that summarizes how traffic flows over the interconnect. To do this, researchers first discovered that the interconnection is like a highway, with multiple lanes going in all directions, according to an MIT News report. conflict, the interconnect uses a priority arbitration policy to determine which traffic flow moves first. Priority is given to more important requests, such as requests from programs that are essential to the operation of your computer.

The resulting analytical model identifies which processor cores are most vulnerable to side-channel attacks. This is the core that is typically accessible through most lanes of traffic on the chip. By choosing the core most susceptible to attack, hackers can monitor it and extract sensitive information.

If an attacker understands how interconnects work, interconnect conflicts can be configured to monitor the execution of sensitive code. Second, it can extract secret information, such as cryptographic keys, piece by piece, co-author Ricardo Paccanella told his MIT News.

Using their model, the team was able to launch their own side-channel attack and steal the full cryptographic keys from two different programs. Further investigation of these attacks led them to design mitigation mechanisms.

The first mitigation technique uses analytical models to identify the most vulnerable cores and schedule sensitive software to run only on less vulnerable cores. In the second mitigation, administrators reserve cores around critical programs and run only trusted software on those cores.

As a result of their research, the MIT team significantly reduced the accuracy of side-channel attacks using these mitigation strategies. Researchers believe these strategies can be easily deployed, as no physical modification of the hardware is required. However, increasing security can reduce performance by removing risky cores, but in modern cloud environments where resources are often over-provisioned, the impact should be minimized. The team concludes that there is

The authors look forward to further research into interconnect security, which they say is an often overlooked attack surface.

The project was carried out by MIT graduate student and co-lead author Miles Dai, Riccardo Paccagnella of the University of Illinois at Urbana-Champaign, and Miguel Gomez-Garcia of MIT. John McCalpin, research scientist at Texas Advanced Computing Center. The lead author, Mengjia Yan, Homer A. Burnell, is a Career Development Assistant Professor, Assistant Professor of Electrical Engineering and Computer Science (EECS), and a member of the Institute of Computer Science and Artificial Intelligence (CSAIL).

For more information on this research, see the scientific paper here.

