6.5950 Lecture 2

Side Channels

Examples of Side Channels

1. Acoustic Side Channels

  • Monitor keystroke
  • Hard Drive Disk Spinning
  • “Hear” the screen
    • LCD Panel, Power supply board, digital logic and image rendering board

2. Cats

  • Cats love heat, sit next to computer

3. Network Side Channels

  • Website fingerprinting

Let’s say you are a user trying to talk to a remote server. Security within the connection very important. Generally want to encrypt message (HTTPS). However, metadata can give us enough info.

Case in point: iSideWith.com

Answer quiz questions, get candidate you are siding with. Encrypt quiz answers, encrypt candidate picture, not name. However, used large size for Trump picture, low size for Hillary picture, easy to distinguish who was actually voted for. Above is an example of side channel.

4. Timing Side Channels

Password: 128 digits To brute force, need 10128 guesses. If can check individual digits, through early termination, only need 10*128 guesses. How can we avoid the side channel that allows us to check these individual characters? Similar to vulnerability in Libgcrypt’s Montgomery ladder.

5. Microarchitectural Channels

When resources on same machine shared, can use timing, perf counters, etc. This classes focuses on microarchitectural channels.

Example: spinning disk attack to figure out which track a secret is on, as spinning disk uses elevator scheduling batching algorithm.

Attack Demo

Assume larger buffers, hundreds of MBs (so we’re using DRAM)

Sender:

while (1) {
1. Allocate buffer
2. Access buffer
3. Free buffer
sleep(5)
}

We have to access the buffer to bypass lazy allocation. We should write, not read, to trigger copy-on-write. Reading would just read 0’s, from a page that is used when no usage has actually taken place.

Receiver:

1. Allocate buffers A, B
2. Access the buffers
3. for every second
  alternate between measuring latency for accessing buffer A vs B

We use taskset to set these two programs to different cores, so that they’re not contending via context switch. Very hard to make the programs to stress the DRAM, potential ways:

  1. Cache (unlikely, check using perf)
  2. DRAM contention (unlikely, prof says so, as allocating buffer outside while loop did not change much)
  3. TLB (unlikely with just sender, 256MB overflows TLB with 65k pages)
  4. PCI bus
  5. Swap

In the end we show that it was actually TLB misses + flushes together once the sender and receiver programs are both running.

 Date: February 5, 2025
 Tags:  lecture
 Related Posts:
6.5950 Lecture 1
Docker 101
6.5830 Lecture 1 (WIP)

Previous:
⏪ 6.5950 Lecture 1