PLATYPUS Attack: Novel Power Side-channel Attack Threatening Intel Devices

  •  
  •  
  •  
  • 1
  •  
  •  
  •  
    1
    Share

Intel CPUs running on various devices can leak data with power consumption fluctuations. Researchers have devised the PLATYPUS attack that exploits this issue to steal cryptographic keys.

PLATYPUS Attack Can Steal Data From Intel CPUs

A team of academic researchers has shared an interesting study about how Intel CPUs can leak data to an adversary.

Specifically, they have devised an attack strategy dubbed PLATYPUS, which an adversary may use to extract information from Intel devices.

PLATYPUS is actually an acronym for “Power Leakage Attacks: Targeting Your Protected User Secrets”. As the term already hints, the attack strategy actually exploits the power consumption differences to steal secret data, such as cryptographic keys.

In brief, PLATYPUS attack is a side-channel attack targeting Intel CPUs. However, what is different here is that the PLATYPUS attack can execute remotely via software. This attack does not require physical access to the target device.

An attacker can monitor the power consumption changes by exploiting Intel’s RAPL (Running Average Power Limit) interface. RAPL apparently serves as a power meter allowing the user to monitor and manage the power consumption in the DRAM and CPU via software.

Since the driver implementation specified no user privilege for accessing RAPL, it became possible for an adversary to exploit the feature for stealing secrets from Intel’s security enclaves.

As stated by the researchers,

We demonstrate that we can observe variations in the power consumption to distinguish different instructions and different Hamming weights of operands and memory loads, allowing inference of loaded values. PLATYPUS can further infer intra-cacheline control flow of applications, break KASLRleak AES-NI keys from Intel SGX enclaves and the Linux kernel, and establish a timing-independent covert channel.

The following two videos demonstrate breaking KASLR and attacking the AES-NI respectively.

Patches Rolling Out Gradually

According to the researchers, PLATYPUS attack can target all Intel devices regardless of the underlying operating system.

It means that these attacks also threaten Linux systems.

However, following the researchers’ report, Intel has worked to develop a patch.

As per their security advisory, Intel has patched two different vulnerabilities (CVE-2020-8694 and CVE-2020-8695) that could lead to PLATYPUS attack.

Alongside releasing the fix, they have also confirmed no exploitation of the bugs in the wild.

The researchers have set up a dedicated website to describe the technical details of PLATYPUS. Moreover, they have also shared a research paper elaborating on their findings.

The following two tabs change content below.

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!