Why it matters: PortSmash is a dangerous side-channel vulnerability that exploits simultaneous multi-threading to steal cryptography keys and determine what a processor core is doing. While it’s only been confirmed to work on Intel’s Kaby Lake and Skylake platforms so far, it’s “strongly suspected” to work on all processors with hyperthreading including AMD’s.
Simultaneous multi-threading (SMT) creates two logical cores for each physical core, but the two logical cores can see a surprising amount of what the other is doing. PortSmash based malware is designed to operate on the parallel logical core to the targeted, legitimate process. It then records all the data that leaks from the legitimate process – mostly operation times – and then reconstructs what the other core is doing. It’s suspected to be able to steal a variety of information, but it’s most effective in accessing cryptography keys because of the way a processor calculates them.
A very similar vulnerability that also uses (SMT) multi-threading as a weak point was TLBleed, disclosed in June. That was able to determine a 256-bit cryptography key in a little over 17 seconds using just two milliseconds of data. PortSmash may or may not be slower, but it’s potentially even more versatile.
“PortSmash is highly portable and its prerequisites for execution are minimal, i.e., does not require knowledge of memory cache-lines, eviction sets, machine learning techniques, nor reverse engineering techniques. PortSmash definitely does not need root privileges,” Billy Bob Brumley, a PortSmash researcher, revealed in a blog post. “Just user space.”
Brumley, along with his team of four other researchers hailing from universities in Finland and Cuba, believes that server infrastructure could suffer the most. “Personally speaking, I feel remote login scenarios are the biggest targeted threat,” he said. For example, when a malicious user logs in to a website, they could use PortSmash to determine the cryptography key used by the website. They could then hack into the server and steal its data.
There’s no need to panic yet, however. OpenSSL, the cryptography library used by over 60% of the internet, has already released a patch that prevents access via this direct method. A more generalized patch may be coming soon they say, but the security researchers say something needs to be done on the hardware and BIOS front. They notified Intel of the vulnerability on October 1st.
Unfortunately, Intel won’t comply.
“This issue is not reliant on speculative execution, and is therefore unrelated to Spectre, Meltdown or L1 Terminal Fault. We expect that it is not unique to Intel platforms. Research on side-channel analysis methods often focuses on manipulating and measuring the characteristics, such as timing, of shared hardware resources. Software or software libraries can be protected against such issues by employing side channel safe development practices. Protecting our customers’ data and ensuring the security of our products is a top priority for Intel and we will continue to work with customers, partners and researchers to understand and mitigate any vulnerabilities that are identified.”
Basically, they say that libraries like OpenSSL should be able to prevent security breaches themselves. AMD is still considering their position.
“At AMD, security is a top priority and we are continually working to ensure the safety of our users as new risks arise. We are investigating the PortSmash side-channel vulnerability report, which we just received, to understand any potential AMD product susceptibility.”
Brumley and his team maintain that ending hyperthreading is simply the only way to stay secure. Even if PortSmash isn’t the vulnerability that results in computers everywhere being breached, then it will be some other multi-threaded vulnerability, they say. “This is the main reason we released the exploit — to show how reproducible it is,” Brumley told ZDnet, “and help to kill off the SMT (Simultaneous Multi-Threading) trend in chips. Security and SMT are mutually exclusive concepts. I hope our work encourages users to disable SMT in the BIOS or choose to spend their money on architectures not featuring SMT.”
The loss of simultaneous multi-threading would be massively damaging to performance, and ridiculously expensive to companies. It’s safe to say that it will never happen, at least in the server space. Brumley does concede that there are other approaches that could be implemented in future processors and operating system updates, but says that those will still have a noticeable performance hit and will be expensive.
If you’re curious to play around with PortSmash (not recommended) the researchers have released a proof of concept on Github. It’s capable of stealing an OpenSSL P-384 private key from a TLS server running OpenSSL software that hasn’t been updated to 1.1.1 yet.
A detailed paper on the topic, called Port Contention for Fun and Profit, will be released in the coming days. Whether or not PortSmash and other hyperthreading vulnerabilities will one day bring down half the internet remains to be seen. I personally have faith in Intel’s decision not to implement hardware protections – there’s simply so much of their income at risk that they wouldn’t dare ignore an issue if it was that serious.
For the average user though, standard malware remains a much more concerning issue and the PortSmash vulnerability is easily averted by avoiding downloading suspicious files.