Today's devices have been backed up against countless software attacks, but a new exploit called Plundervolt is clearly using physical means to compromise the security of a chip. By playing on the actual amount of power supplied to the chip, an attacker can trick him into revealing his innermost secrets.
It should be noted at the outset that while this is not an error on the scale of Meltdown or Specter, it is a powerful and unique bug that can lead to changes in chip design.
There are two important things to know to understand how Plundervolt works.
The first is simply that chips today have very precise and complex rules about how much power they consume at a given time. They not only run at full power around the clock. That would discharge your battery and generate a lot of heat. Part of the design of an efficient chip is to make sure that the processor gets exactly the performance it needs for a given task – nothing more, nothing less.
The second reason is that Intel's chips, like many others today, have a so-called secure enclave, a special quarantine area of the chip where important things like cryptographic processes take place. The enclave (referred to here as SGX) is inaccessible to normal processes. Even if the computer is hacked thoroughly, the attacker can not access the data it contains.
The creators of Plundervolt were intrigued by recent work by curious security researchers who had reverse engineered the hidden channels through which Intel chips manage their own performance.
Hidden, but not inaccessible, it turns out. If you have control of the operating system for which many attacks are available, you can access these "model-specific registers" that control the chip voltage and optimize them to your heart's content.
However, modern processors are so carefully tuned that such optimization generally only leads to chip malfunction. The trick is to optimize it to just the kind of malfunction that you expect. And because the entire process takes place in the chip itself, the protection against external influences is ineffective.
The Plundervolt attack does just that by using the hidden registers to slightly change the voltage flowing to the chip just as the safe enclave performs an important task. In this way, they can trigger predictable errors in SGX and through these carefully controlled errors, cause SGX and related processes to reveal privileged information. It can even be run remotely, which of course requires full access to the operating system.
In a way, it's a very primitive attack where the chip gets hit at the right time to spit something good, like a gumball machine. But, of course, it's pretty sophisticated, since the blow is a millivolt-scale electrical manipulation that must be applied in exactly the right microsecond.
The researchers say that this can be mitigated by Intel, but only through updates at the BIOS and microcode level. Fortunately, important systems can verify that the exploit has been patched when establishing a trusted connection with another device.
Intel in turn downplayed the severity of the attack. "We are aware of publications by various academic researchers who have found interesting names for this theme, including" VoltJockey "and" Plundervolt. " "We do not know that any of these problems occur in nature, but as always, we recommend installing security updates as soon as possible."
Plundervolt is one of several recent attacks that have exploited the evolution of computer hardware in recent years. Increased efficiency usually means increased complexity, which means greater surface area for such non-traditional attacks.
The researchers who discovered and documented Plundervolt come from the British University of Birmingham, the Graz University of Technology in Austria and the KU Leuven in Belgium. They present their work at the IEEE S & P 2020.