Hackers to Obtain Crypto Keys
November 11, 2020
international team of security researchers, including experts from the
University of Birmingham, is presenting new side-channel attacks, which
use fluctuations in software power consumption to access sensitive data
on Intel CPUs.
Power side-channel attacks are attacks that exploit fluctuations in
power consumption to extract sensitive data such as cryptographic keys.
Because power measurements by malware were previously very inaccurate,
such attacks required physical access to the target device and special
measurement tools such as an oscilloscope.
The project, called PLATYPUS, is led by the Institute of Applied
Information Processing and Communications at Graz University of
Technology together with the University of Birmingham, UK and the
Helmholtz Center for Information Security (CISPA), shows a method that
allows power side-channel attacks that can access sensitive data with
unprecedented accuracy – even without physical access.
The team have demonstrated their method can affect devices including
desktop PCs, laptops and cloud computing servers from Intel and AMD.
Dr David Oswald, Senior Lecturer in Cyber Security at the University of
Birmingham, says: “PLATYPUS attacks show that power side channels –
which were previously only relevant to small embedded devices like
payment cards – are a relevant threat to processors in our laptops and
servers. Our work connects the dots between two research areas and
highlights that power side channel leakage has much wider relevance than
RAPL interface and SGX enclaves as key
The researchers used two key approaches. In the first, they used the
RAPL interface (Running Average Power Limit), which is built into Intel
and AMD CPUs. This interface monitors the energy consumption in the
devices and ensures that they don’t overheat or consume too much power.
RAPL has been configured so that power consumption can be logged even
without administrative rights. This means that the measured values can
be read out without any authorizations.
In the second approach, the group misuses Intel's security function
Software Guard Extensions (SGX). This functionality moves data and
critical programs to an isolated environment (called an enclave) where
they are secure - even if the normal operating system is already
compromised by malware.
Combination leads to (un)desired result
The researchers combined these two techniques in their methods of
attack. Using a compromised operating system targeting Intel SGX, they
made the processor execute certain instructions tens of thousands of
times within an SGX enclave. The power consumption of each of these
commands was measured via the RAPL interface. The fluctuations in the
measured values finally allow to reconstruct data and cryptographic
In further scenarios, the researchers also show that even attackers
without administrative rights can attack the operating system and steal
secret data from it.
New security updates resolve the threat
TU Graz computer scientists Moritz Lipp, Andreas Kogler and Daniel Gruss
together with their ex-colleague Michael Schwarz (researching at CISPA
in Saarbrücken since summer 2020) and with David Oswald from the
University of Birmingham informed Intel about their discoveries in
November 2019. The company has now developed solutions that users should
definitely adopt. A security update for operating systems permits access
to the RAPL measurement functions only with administrator rights. And
further updates for the affected processors themselves ensure that the
power consumption is returned in such a way that the subtle differences
in the power consumption of programs are no longer visible.
This research is anchored in the Field of Expertise “Information,
Communication & Computing”, one of the five research foci of Graz
University of Technology.