idw – Informationsdienst Wissenschaft

Nachrichten, Termine, Experten

Grafik: idw-Logo
Grafik: idw-Logo

idw - Informationsdienst
Wissenschaft

Erweiterte Suche ?
Science Video Project
idw-Abo
idw-News App:

AppStore

Google Play Store

Instanz:
Teilen: 
02.08.2023 08:31

New CPU security loophole: Analysis of energy consumption allows data theft

Philipp Jarke Kommunikation und Marketing
Technische Universität Graz

    Researchers at TU Graz and the Helmholtz Center for Information Security have discovered a novel security gap in all common CPUs that can hardly be mitigated.

    Main processors (CPUs) of computers are designed to run multiple applications simultaneously. This is beneficial for efficiency, but poses a security risk. Researchers at TU Graz and the Helmholtz Center for Information Security have found a novel method that allows attackers to read data from the memory of CPUs by analyzing the processor's energy consumption. They call this method of attack "Collide+Power".

    Overwriting data thousands of times

    In a "Collide+Power" attack, the attackers store a data package on a segment of the CPU. In a second step, malicious code causes the attacker's own data to be overwritten ("collide") with the data the attackers are targeting. This overwriting consumes power - the more the two data packages differ from each other, the more power is consumed. The entire process is then repeated thousands of times, each time with minimally different attacker data packages to be overwritten. Finally, the targeted data package can be derived from the slightly different power consumptions that occur each time during this process.

    Increased power consumption and time delays provide clues

    Although the power consumption of CPUs cannot be read without administrator rights, attackers can bypass this security barrier: In addition to increased power consumption, overwriting the data packets also leads to delays in the computing processes on the attacked processor. These delays can be used to determine the power consumption and, in turn, the target data.

    Attack currently still very time-consuming

    "All computers with modern CPUs are affected by this security weakness," says Andreas Kogler from the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology. "And this security risk is very difficult to fix." However, a "Collide+Power" attack is currently still extremely time-consuming: Due to the countless overwrite operations, the data theft requires at least 16 hours per bit, in other scenarios even up to a year. However, future leaps in technological development could significantly reduce the time required, making "Collide+Power" attacks an everyday security risk.
    In principle, the issue of so called power side channels has been known for a long time and is one of the research topics of Stefan Mangard, who leads the IAIK at the TU Graz and has co-authored the Collide+Power study. However, the research group of Daniel Gruss at IAIK only recently discovered that power measurements on modern computers do not require expensive measurement hardware and physical access, but can be done directly from software.

    Chip manufacturers have been informed in advance

    The major chip manufacturers have been informed about the "Collide+Power" risk in advance and have adjusted their guidelines accordingly. For the general public, the researchers have set up a website describing the security gap in detail: https://collidepower.com/

    Wissenschaftliche Ansprechpartner:

    Andreas KOGLER
    Dipl.-Ing. BSc
    Institute of Applied Information Processing and Communications
    Phone: +43 316 873 – 5583
    Email: andreas.kogler@tugraz.at

    Originalpublikation:

    Collide+Power: Leaking Inaccessible Data with Software-based Power Side Channels
    Authors: Andreas Kogler, Jonas Juffinger, Lukas Giner, Lukas Gerlach, Martin Schwarzl, Michael Schwarz, Daniel Gruss, Stefan Mangard
    https://collidepower.com/paper/Collide+Power.pdf

    Bilder

    Andreas Kogler from the Institute of Applied Information Processing and Communications at TU Graz.
    Andreas Kogler from the Institute of Applied Information Processing and Communications at TU Graz.
    Helmut Lunghammer
    Lunghammer - TU Graz

    Researcher from TU Graz and the Helmholtz Center for Information Security have found a new security loophole.
    Researcher from TU Graz and the Helmholtz Center for Information Security have found a new security ...
    Helmut Lunghmmer
    Lunghammr - TU Graz

    Merkmale dieser Pressemitteilung:
    Journalisten
    Elektrotechnik, Informationstechnik
    überregional
    Forschungsergebnisse, Wissenschaftliche Publikationen
    Englisch

     

    Hilfe

    Die Suche / Erweiterte Suche im idw-Archiv
    Verknüpfungen

    Sie können Suchbegriffe mit und, oder und / oder nicht verknüpfen, z. B. Philo nicht logie.

    Klammern

    Verknüpfungen können Sie mit Klammern voneinander trennen, z. B. (Philo nicht logie) oder (Psycho und logie).

    Wortgruppen

    Zusammenhängende Worte werden als Wortgruppe gesucht, wenn Sie sie in Anführungsstriche setzen, z. B. „Bundesrepublik Deutschland“.

    Auswahlkriterien

    Die Erweiterte Suche können Sie auch nutzen, ohne Suchbegriffe einzugeben. Sie orientiert sich dann an den Kriterien, die Sie ausgewählt haben (z. B. nach dem Land oder dem Sachgebiet).

    Haben Sie in einer Kategorie kein Kriterium ausgewählt, wird die gesamte Kategorie durchsucht (z.B. alle Sachgebiete oder alle Länder).