Stories
Slash Boxes
Comments

SoylentNews is people

What is a Side Channel Attack?

posted by Fnord666 on Monday June 22 2020, @10:52AM   Printer-friendly
from the An-ear-to-the-wall dept.

upstart writes in with an IRC submission for RandomFactor:

What Is a Side Channel Attack?:

Modern cybersecurity depends on machines keeping secrets. But computers, like poker-playing humans, have tells. They flit their eyes when they've got a good hand, or raise an eyebrow when they're bluffing—or at least, the digital equivalent. And a hacker who learns to read those unintended signals can extract the secrets they contain, in what's known as a "side channel attack.".

Side channel attacks take advantage of patterns in the information exhaust that computers constantly give off: the electric emissions from a computer's monitor or hard drive, for instance, that emanate slightly differently depending on what information is crossing the screen or being read by the drive's magnetic head. Or the fact that computer components draw different amounts of power when carrying out certain processes. Or that a keyboard's click-clacking can reveal a user's password through sound alone.

[...] For a sufficiently clever hacker, practically any accidental information leakage can be harvested to learn something they're not supposed to. As computing gets more complicated over time, with components pushed to their physical limits and throwing off unintended information in all directions, side channel attacks are only becoming more plentiful and difficult to prevent. Look no further than the litany of bugs that Intel and AMD have struggled to patch over the last two years with names like Meltdown, Spectre, Fallout, RIDL, or Zombieload—all of which used side channel attacks as part of their secret-stealing techniques.

The most basic form of a side channel attack might be best illustrated by a burglar opening a safe with a stethoscope pressed to its front panel. The thief slowly turns the dial, listening for the telltale clicks or resistance that might hint at the inner workings of the safe's gears and reveal its combination. The safe isn't meant to give the user any feedback other than the numbers on the dial and the yes-or-no answer of whether the safe unlocks and opens. But those tiny tactile and acoustic clues produced by the safe's mechanical physics are a side channel. The safecracker can sort through that accidental information to learn the combination.

[...] Attacks like Spectre and Meltdown left firms like Intel and other computer manufacturers in a cat-and-mouse game of chasing after their products' accidental information leaks, constantly releasing updates to hide data that's exposed in side channel attacks or pad it with other noise that makes it harder to decipher. As computers become more and more complex, and if the computing industry continues to prioritize performance over security, side channels will still appear, says Michigan's Genkin. In some cases like Spectre and Meltdown, researchers are even digging into years-old mechanics and pulling out secrets that were available for the taking all long—at least, for anyone who could decipher the accidental byproducts of a computer's processes.

"They were always there," says Genkin. "The reason you hear more and more about them is that as we dig further, we find more and more side channels to exploit. And as we find out just how bad they are, we are also learning how to defend against them."

Original Submission

 
This discussion has been archived. No new comments can be posted.
What is a Side Channel Attack? | Log In/Create an Account | Top | 16 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Monday June 22 2020, @04:53PM (3 children)

    by Anonymous Coward on Monday June 22 2020, @04:53PM (#1011152)

    I only pay a cursory amount of time on these stories, but the ones I recall all pretty much require the conditions to be very very restricted. You basically need to be within a few centimeters of the computer or something like that, and that these attacks "work" in the literal sense, but in a practical sense they don't have a shot.

  • (Score: 2) by Rupert Pupnick on Monday June 22 2020, @06:21PM (2 children)

    by Rupert Pupnick (7277) on Monday June 22 2020, @06:21PM (#1011191) Journal

    Agreed— for most of these overhyped side channel attacks (especially via the power supply) you need some serious instrumentation that would probably take up a lab cart or two. If you have that kind of access to a target system, you’ll get much better results just trying to go in the front door, so to speak.

    • (Score: 2) by TheReaperD on Monday June 22 2020, @08:40PM (1 child)

      by TheReaperD (5556) on Monday June 22 2020, @08:40PM (#1011238)

      Well, tricks like reading the sound waves from the power supply are mostly only for lab tests, the CIA and the KGB (oh, right, FSB). If you're not a target of one of the three, you can pretty much ignore this crap.

      --
      Ad eundum quo nemo ante iit

      • (Score: 0) by Anonymous Coward on Monday June 22 2020, @11:57PM

        by Anonymous Coward on Monday June 22 2020, @11:57PM (#1011316)

        Heartbleed & ilk actually impact many folks. Weaponization wasn't limited to state actors.

        (bah apparently this isn't long enough, or some other filter blocks post?)