A group of scientists from the Technical University of Graz (Austria), the University of Birmingham, and the Helmholtz Center for Information Security in Germany (CISPA) have revealed details of a new Platypus attack that allows stealing data from Intel processors.The name is an acronym derived from Power Leakage Attacks: Targeting Your Protected User Secrets.
The Platypus attack and related issues are tracked as CVE-2020-8694 (Linux + Intel), CVE-2020-8695 (Intel), and CVE-2020-12912 (Linux + AMD). It should also be noted that the study was conducted as part of a project that was partially funded by Intel.
The attack relies on the Running Average Power Limit (RAPL) interface of Intel processors, that is, it uses a component that allows firmware and applications to control CPU and DRAM power consumption.
Platypus enables discovering what data is being processed internally by the CPU by looking at RAPL values and at encryption keys, passwords, confidential documents, and other data. Typically, access to such information is protected by a variety of security systems, including KASLR (kernel address space randomization) and hardware-isolated environments such as Intel SGX. But Platypus allows bypassing the defense mechanisms, simply by observing the changes in energy consumption.
In the course of tests carried out by the researchers, it was found that in 20 seconds it was possible to bypass the KASLR by observing the power consumption in RAPL, and then get the data from the Linux kernel.
In another test, it was possible to obtain data that was processed in the protected enclaves of Intel SGX. The Platypus attack was extracting RSA private keys from the SGX enclave, which required tracking RAPL data for 100 minutes. In turn, it takes between 26 and 277 hours to extract AES-NI encryption keys from the SGX enclave and from the Linux kernel memory space.
While attacks are possible on Windows and macOS devices, in these cases, the Intel Power Gadget must be installed on the target machines in order for the attackers to interact with the RAPL interface.
However, Platypus attacks targeting Intel SGX enclaves work independently from the OS.
The worst news is that the Platypus attack can be carried out remotely. The attacker does not need physical access to the target machine; instead, the malicious code can be hidden inside the application, which will only have to be somehow installed on the victim’s machine.
Platypus works against Intel desktop and server processors, according to scientists. In addition, Intel engineers said the attack also affects some mobile and embedded processors.
A list of Intel processors that are vulnerable to the Platypus attack can be found here.
Intel has already prepared updated versions of the microcode that block Platypus attacks, and the company has already distributed them to manufacturers, who will soon include patches in updates for their products. The Linux kernel was also updated.
Moreover, most of the processors that Platypus endangers are the latest models supported by both Intel and device manufacturers. That is, updates will obviously arrive soon.
Of course, the Platypus authors did not have the opportunity to test all devices available on the market for vulnerabilities. However, other manufacturers use the RAPL interface in their products, so the researchers believe that they may be at risk too.
So, one of the specialists told ZDNet reporters that the research group had conducted a number of experiments on AMD processors, and also observed data leakage through power consumption. The same problem can affect ARM-based devices, and other manufacturers, including Nvidia, Marvell and Ampere, use solutions very similar to RAPL in their products.