Lord of the Ring(s): Side Channel Attacks on the CPU On-Chip Ring Interconnect Are Practical
This work addresses a critical security vulnerability in CPU microarchitecture for users and systems relying on cryptographic implementations, representing a novel attack vector rather than an incremental improvement.
The authors tackled the problem of exploiting CPU ring interconnect contention for side channel attacks, achieving a cross-core covert channel capacity of over 4 Mbps and successfully extracting key bits from EdDSA and RSA implementations and keystroke timings.
We introduce the first microarchitectural side channel attacks that leverage contention on the CPU ring interconnect. There are two challenges that make it uniquely difficult to exploit this channel. First, little is known about the ring interconnect's functioning and architecture. Second, information that can be learned by an attacker through ring contention is noisy by nature and has coarse spatial granularity. To address the first challenge, we perform a thorough reverse engineering of the sophisticated protocols that handle communication on the ring interconnect. With this knowledge, we build a cross-core covert channel over the ring interconnect with a capacity of over 4 Mbps from a single thread, the largest to date for a cross-core channel not relying on shared memory. To address the second challenge, we leverage the fine-grained temporal patterns of ring contention to infer a victim program's secrets. We demonstrate our attack by extracting key bits from vulnerable EdDSA and RSA implementations, as well as inferring the precise timing of keystrokes typed by a victim user.