2. Fórumok
  3. Lokál
  4. AMD CPU-k jövője - amit tudni vélünk

Új hozzászólás Aktív témák

  • #2837 S_x96x_S addikt
    Új Válasz #2837
    Új hozzászólás
    Összes hozzászólása itt Válaszok az összes hozzászólására itt Válaszok erre a hozzászólásra
    Privát üzenet küldése

    S_x96x_S

    addikt

    péntek esti - AMD security issue ; remélem lesz rá javítás
    ( Érdekesség: részben az Intel szponzorálta[1] a kutatást )

    TLDR: "Our attacks demonstrate that AMD’s design is vulnerable to side-
    channel attacks. However, we propose countermeasures in software
    and hardware, allowing to secure existing implementations and
    future designs of way predictors."
    [1] "Additional funding was provided by generous gifts from Intel."

    Azért rendes az Inteltől, hogy költ az AMD chipek biztonságosságára ;]

    ----------
    AMD | Security and privacy → Side-channel analysis and counter-
    measures; Operating systems security.
    https://t.co/gQ4cN9PYsX?amp=1 ( PDF)
    "Take A Way: Exploring the Security Implications of AMD’s
    Cache Way Predictors"

    "To optimize the energy consumption and performance of their
    CPUs, AMD introduced a way predictor for the L1-data (L1D) cache
    to predict in which cache way a certain address is located. Conse-
    quently, only this way is accessed, significantly reducing the power
    consumption of the processor.
    In this paper, we are the first to exploit the cache way predic-
    tor. We reverse-engineered AMD’s L1D cache way predictor in
    microarchitectures from 2011 to 2019, resulting in two new attack
    techniques. With Collide+Probe, an attacker can monitor a vic-
    tim’s memory accesses without knowledge of physical addresses
    or shared memory when time-sharing a logical core. With Load+
    Reload, we exploit the way predictor to obtain highly-accurate
    memory-access traces of victims on the same physical core. While
    Load+Reload relies on shared memory, it does not invalidate the
    cache line, allowing stealthier attacks that do not induce any last-
    level-cache evictions.
    We evaluate our new side channel in different attack scenarios.
    We demonstrate a covert channel with up to 588.9 kB/s, which we
    also use in a Spectre attack to exfiltrate secret data from the kernel.
    Furthermore, we present a key-recovery attack from a vulnerable
    cryptographic implementation. We also show an entropy-reducing
    attack on ASLR of the kernel of a fully patched Linux system, the
    hypervisor, and our own address space from JavaScript. Finally, we
    propose countermeasures in software and hardware mitigating the
    presented attacks."

Új hozzászólás Aktív témák