Security Blog Shield




Bookmark and Share

Recent Posts

How Secure Service Containers Can Help With Side-Channel Attacks

December 6, 2018

Recently, I stayed at the Drury Plaza hotel in Pittsburgh. At one time, it was a federal reserve bank. The vaults, with their very impressive doors, are still there. The display includes windows that show the construction of the walls of the vault. It’s easy to forget about them, being buried underground. Had the unseen walls not been reinforced, crooks could have tunneled into the vaults, ignoring the impressive doors altogether.

In computing, that sort of approach to breaching a secure perimeter—where the defenses aren’t attacked head on by brute force, but by exploiting mistakes in implementation—is known as a “side-channel” attack.

One important tool in computing security is encryption. The Advanced Encryption Standard (AES) protects internet traffic, as well as encrypted data in databases. A brute force attack would take far longer than the universe is old to guess the correct AES 256-bit key. So, the bad guys resort to side-channel attacks. 

Side-Channel Attacks Can Vary 

“Heartbleed” is an example of a side-channel attack that exploited a flaw in the implementation of Transport Layer Security (TLS) provided by the popular OpenSSL package. In simple terms, the client of a web server could make a request with an oversized buffer. The size of the buffer wasn’t checked on the server. As a result, not only was the answer to the request placed in the buffer, but information that was in memory from other requests made by other clients was present in the buffer as well. In this way, the server was tricked into leaking potentially sensitive information; it was not necessary to break the TLS encryption to access the data.

While Heartbleed didn’t require a presence on the server, other side-channel attacks do. “Prime and Probe” is an attack that can extract encryption keys from Intel Software Guard Extensions (SGX) enclaves that are supposed to be cryptographically secure regions of memory for code and data. It measures the time required to access areas of memory to determine its location, and cache will be quicker to access than main memory. Measuring the time required to access memory can reveal what is still in cache and what has been evicted to make room for enclave encryption, leaking information about the key. The attack can yield results in minutes.

Other side-channel attacks have exploited characteristics of computers themselves. “Row Hammer” took advantage of the implementation of memory from certain computers by flipping rows of memory bits on and off, attempting to affect nearby bits electrically. This attack could affect enough bits to overwhelm the mechanisms that normally protect memory from accidental bit-flipping due to cosmic rays and other causes. Row Hammer was used successfully for privilege escalation on the x86-64 architecture.

Other vectors abound. One is the imaginatively named “Evil Maid” attack that takes advantage of the ability to modify the boot partition of an offline system so malware is injected next time the system is brought up. 

How to Protect Yourselves From Side-Channel Attacks 

One can develop requirements for an environment that minimizes the opportunity for side-channel attack.

To reduce threats like Heartbleed, interaction with the environment and the work it hosts should be restricted, to whatever extent possible, to functional access—access required for the business operation of the application—by authorized users only. Obviously, commercial websites must welcome all comers, but not all applications are commercial websites.

Threats that require malware to be running on the server, like Prime and Probe, could be reduced by eliminating vectors like non-functional access to the OS itself. Unused services shouldn’t be running, network ports shouldn’t be open and login shouldn’t be possible.

Evil Maid and other exploits that require modifying file systems can be reduced by encrypting file systems that can be encrypted, and by verifying the integrity of file systems and files of those that cannot.

Securing Workloads With Secure Service Containers 

IBM can also secure workloads in this way with Secure Service Container technology on IBM Z and LinuxONE. Data, both at rest and in flight, is encrypted automatically. Additionally, features that secure it from side-channel attacks include:
  • EAL5+ isolation that’s as good as an air-gapped server. Malware can’t run next to enterprise applications in any exploitable way.
  • A locked down environment, exposing only RESTful APIs for the application and its administration. Neither administrators nor the bad guys have direct access to the OS.
  • Verified integrity of boot components.
  • Hardware that’s resistant to attacks like Row Hammer, with features like the Redundant Array of Independent Memory (RAIM) from IBM Z and LinuxONE. 
In a world filled with side-channel attacks, it’s not sufficient to simply encrypt data and ignore the environment around that encrypted data. Secure Service Containers go beyond encrypting data, and remove attack vectors that attempt to go around that encryption. 

Mark A. Moore is a software architect in IBM's IT Economics and Research team, focusing on data security.

Posted December 6, 2018| Permalink

comments powered by Disqus