Researchers at Finland's Tampere University of Technology and Cuba's Technical University of Havana have discovered a new vulnerability in Intel processors that can allow attackers to leak encrypted data from the internal process of a central processing unit (CPU).
The researchers classified the PortSmash vulnerability as a side-channel attack that leaks encrypted data from the CPU.
The attack works by recording and analyzing discrepancies in operation times, power consumption, electromagnetic leaks, or even sound to gain additional information that may be used to break encryption algorithms and recover the CPU's processed data.
PortSmash impacts all CPUs that use a Simultaneous Multithreading architecture, which allows multiple computing threads to be executed at the same time on a single CPU core.
Said Tampere University's Billy Brumley, "We detect port contention to construct a timing side-channel to exfiltrate information from processes running in parallel on the same physical core."
View Full Article
Abstracts Copyright © 2018 Information Inc., Bethesda, Maryland, USA