Jump to content

TLBleed

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Zazpot (talk | contribs) at 21:42, 17 August 2018 (Avoid repetitive wording). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

TLBleed is a cryptographic side-channel attack that uses machine learning to exploit a timing side-channel via the translation look-aside buffer (TLB) on modern microprocessors that use simultaneous multithreading.[1][2] As of June 2018, the attack has only been demonstrated experimentally on Intel processors; it is speculated that other processors may also potentially be vulnerable to a variant of the attack, but no proof of concept has been demonstrated.[3] Recent news from AMD indicates that their processors are not vulnerable to this attack. [4]

The attack led to the OpenBSD project disabling simultaneous multithreading on Intel microprocessors.[2][5] The OpenBSD project leader Theo de Raadt has stated that, while the attack could theoretically be addressed by preventing tasks with different security contexts from sharing physical cores, such a fix is currently impractical because of the complexity of the problem.[2]

See also

References

  1. ^ Williams, Chris (2018-06-22). "Meet TLBleed: A crypto-key-leaking CPU attack that Intel reckons we shouldn't worry about". The Register. Retrieved 2018-06-25.
  2. ^ a b c Varghese, Sam (25 June 2018). "OpenBSD chief de Raadt says no easy fix for new Intel CPU bug". www.itwire.com. Retrieved 2018-06-25.
  3. ^ Halfacree, Gareth (June 25, 2018). "Researchers warn of TLBleed Hyper-Threading vuln". bit-tech.net. Retrieved 2018-06-25.
  4. ^ Williams, Chris (2018-06-22). "Meet TLBleed: A crypto-key-leaking CPU attack that Intel reckons we shouldn't worry about". The Register. Retrieved 2018-06-25.
  5. ^ Varghese, Sam (21 June 2018). "OpenBSD disables hyperthreading support for Intel CPUs due to likely data leaks". www.itwire.com. Retrieved 2018-06-25.