News

Researchers Suggest AMD Chips Subject to Cache Side-Channel Attacks

• By Kurt Mackie
• 03/10/2020

AMD processors have "cache way predictors" that can leak information when subjected to attacks, according a paper (PDF) by university researchers.

Researchers from the Graz University of Technology in Austria and the University of Rennes in France described a so-called "Take A Way" method to extract secrets from an operating system kernel. They reverse-engineered AMD's L1D cache way predictor for the purpose, and created two side-channel attack techniques.

One of the attack techniques, called "Collide+Probe," was used to successfully leak a secret string on an "AMD Ryzen Threadripper 1920X" processor with a 99.5 percent success rate. The other attack technique, called "Load+Reload," is able to find the physical memory location in the L1D cache. It "allows an attacker to monitor memory accesses on a victim" as part of an attack.

"The key takeaway of this paper is that AMD's cache way predictors leak secret information," the researchers concluded. "Our attacks demonstrate that AMD's design is vulnerable to sidechannel attacks," they added.

Side-channel prediction is used by processors as a normal part of speeding up operations. However, researchers found a couple of years ago that side-channel prediction could be exploited to extract information from systems, both Linux and Windows. These attacks were called "speculative execution side-channel attacks," and were given specific names based on their characteristics, such as "Meltdown" and "Spectre." All modern processors were said to be subject to such attacks to one degree or another.

Those revelations led to a joint industry patching effort by chip and operating system makers that has continued to this day. Various speculative execution side-channel attack methods have been described in recent years.

The issue with AMD's cache way predictors doesn't seem to be quite as acute of a problem, though.

"Predictors are dangerous if an adversary can observe speculative operations," stated research paper coauthor Daniel Gruss in a March 6 Twitter post. "Way predictors look less dangerous than branch predictors for now. But also, branch predictors looked much less dangerous before #Spectre was discovered. Let's see what comes next."

The researchers had found issues in AMD's L1D cache way predictor in AMD's "microarchitectures from 2011 to 2019." They proposed a couple of possible countermeasures that AMD could take.

AMD responded in a March 7 security post that it was aware of a research paper "that claims potential security exploits in AMD CPUs" that could result in transmitting user data. It recommended that operating systems and firmware be kept up to date. No other measures were described. It described the findings as not new. The findings were "responsibly disclosed" to AMD on Aug. 23, 2019, the researchers had indicated in their report.

Research paper coauthor Vedad Hadžić was asked if existing mitigations would address the vulnerabilities. He indicated that they wouldn't.

"Well, no," Hadžić said in a March 8 Twitter post. "The way predictor still behaves like described in the paper. It leaks info on addresses and is not as severe as #Meltdown."