Remote Spectre exploits demonstrated
We show that memory access latency, in general, can be reflected in the latency of network requests. Hence, we demonstrate that it is possible for an attacker to distinguish cache hits and misses on specific cache lines remotely, by measuring and averaging over a larger number of measurements. Based on this, we implemented the first access-driven remote cache attack, a remote variant of Evict+ Reload called Thrash+Reload. Our remote Thrash+Reload attack is a significant leap forward from previous remote cache timing attacks on cryptographic algorithms. We facilitate this technique to retrofit existing Spectre attacks to our network-based scenario. This NetSpectre variant is able to leak 15 bits per hour from a vulnerable target system." Other attacks described in the paper are able to achieve higher rates.
(Log in to post comments)
Remote Spectre exploits demonstrated
Posted Jul 27, 2018 14:48 UTC (Fri) by martin.langhoff (guest, #61417) [Link]
Remote Spectre exploits demonstrated
Posted Jul 27, 2018 16:31 UTC (Fri) by jcm (subscriber, #18262) [Link]
Remote Spectre exploits demonstrated
Posted Jul 30, 2018 7:54 UTC (Mon) by jk (subscriber, #31383) [Link]
> We used `stress -i 1 -d 1` for the experiments, to simulate a
> realistic environment. Although we would have expected our attack
> to work best on a completely idle server, we did not see any negative
> effects from the moderate server loads. In fact, they even slightly
> improved the attack performance
(section 6.3)
Remote Spectre exploits demonstrated
Posted Jul 30, 2018 11:27 UTC (Mon) by rweikusat2 (subscriber, #117920) [Link]
Remote Spectre exploits demonstrated
Posted Aug 2, 2018 8:16 UTC (Thu) by timokokk (subscriber, #52029) [Link]
Remote Spectre exploits demonstrated
Posted Jul 27, 2018 23:26 UTC (Fri) by jcm (subscriber, #18262) [Link]
