Intel allayed concerns over the possibility of hackers using a vulnerability in its Hyperthreading technology to steal cryptographic keys from compromised servers.
According to Colin Percival, a computer security researcher at Oxford University, processes that share the processor’s cache memory could allow an attacker to discover keys by running a malicious thread running with limited privileges that monitors the execution of another thread running on the same processor.
This spy process measures the time taken for cache operations and from that can work out what the other process is doing. As Percival observed, this is a “footprint in the cache”.
“Caches have already been demonstrated to be cryptographically dangerous,” said Percival. “Having caches shared between threads provides a vastly more dangerous avenue of attack.”
But a spokesman for Intel countered this suggestion and said the problem was a minor one that it knew about as early as March when the author of the report contacted Intel.
“It’s not unique to the Hyperthreading platform,” said Howard High, spokesman for Intel. “Timing exploits has been known to the security community since the mid-nineties. From a real world standpoint the attack is not practical.”
High added that the attack could only work on a server that has already been compromised to allow hackers to install a spy process. “A remote attacker could find simpler ways of stealing data than this,” he said.