Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 6 Mar 2019 21:35:17 +0100
From: Mathias Payer <>
Subject: Transient execution attacks leveraging port contention

Hi there,

# Intro

We (a team of researchers from EPFL and IBM Research) are releasing details
about a new transient execution attack that leaks secrets from an uncooperating
process through a combination of speculative execution (we use branch target
injection) and port contention (for SMT threads).

# SMoTherSpecre

We introduce SMoTher, a port-based side channel that leaks information on what
instruction sequences were executed by the victim due to port contention. We
precisely characterize and measure this side channel.

Second, we combine SMoTher with a speculative execution attack to leak register
values or memory values (that are likely in caches). We call the combined side
channel SMoTherSpectre.

Our attack requires two gadgets: a BTI gadget that speculatively redirects
execution to a SMoTher gadgets that, through port contention, leaks which branch
was taken. By competing for execution ports, the attacker measures if the JCC in
the SMoTher gadget was either taken or not taken (based on the execution
profiles of either branch).

We first analyze the capabilities of this transient execution attack and find
that we can guess one bit with 60% probability (on one try) and 98% probability
(on 9 tries). Second, we target OpenSSL where we leverage an indirect call that
selects the cipher to encrypt/decrypt as BTI target to compare individual bytes
of the plaintext to zero (through a SMoTher gadget).

See the blog post for more details:
The paper draft is at:
The PoC is at:
In our PoC we target Intel Skylake 6700 CPUs.

# Disclosure

We discovered SMoTher in June 2018 and SMoTherSpectre in November 2018. We
disclosed the details and PoC to Intel early December 2018. Our IBM research
collaborators finished the internal disclosure process on February 28.

# Credit

Atri Bhattacharyya, Alexandra Sandulescu, Matthias Neugschwandtner, Alessandro
Sorniotti, Babak Falsafi, Mathias Payer, and Anil Kurmus

As always, feedback, comments, and discussions are welcome.

Mathias (and all collaborators)

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.