The Collide+Power Side-Channel Attack: A New Threat to Data Leakage in Modern CPUs

Endpoint Security: Collide+Power Side-Channel Attack

Overview

A group of researchers from Graz University of Technology in Austria and the CISPA Helmholtz Center for Information Security in Germany has discovered a new power side-channel attack called Collide+Power. This attack can be used to obtain sensitive information from nearly any modern CPU, including those from Intel, AMD, and Arm processors. The researchers have compared Collide+Power to the notorious Spectre and Meltdown vulnerabilities, as well as a vulnerability known as Microarchitectural Data Sampling (MDS). While Collide+Power is not a processor vulnerability itself, it takes advantage of shared CPU components to combine the attacker’s data with data from user applications.

Method of Attack

The Collide+Power attack involves measuring the power consumption of a CPU over thousands of iterations while changing the data controlled by the attacker. By analyzing power consumption patterns, the attacker can determine the data associated with user applications. This attack can be executed by an unprivileged attacker, potentially through malware planted on the targeted device. The attacker can use Collide+Power to obtain valuable data such as passwords or encryption keys.

Implications and Mitigations

Although the Collide+Power attack has significant implications in theory, the data leakage rates observed by the researchers are relatively low. It would take several hours to obtain a password and several days to obtain an encryption key at the leakage rate achieved in their experiments. In real-world attack simulations, the researchers encountered practical limitations that significantly lowered leakage rates. Nonetheless, the research highlights potential issues and calls for further investigation.

Preventing data collisions at the hardware level would require the redesign of general-purpose CPUs, which is a challenging task. However, mitigations can be implemented to prevent attackers from observing power-related signals, which would effectively protect against all power side-channel attacks. It is crucial for users and organizations to ensure their devices are protected against malware and other malicious software that could be used to execute Collide+Power attacks.

Expert Opinion

The discovery of the Collide+Power attack serves as a reminder of the ongoing battle between attackers and security researchers. As CPUs continue to evolve, new vulnerabilities and attack methods are discovered. The fact that Collide+Power can target nearly any modern CPU highlights the importance of constantly improving and updating security measures. While the current data leakage rates are relatively low and the attack is unlikely to be used against end users in the wild, it is essential for researchers, chipmakers, and software developers to collaborate and implement appropriate mitigations to protect against potential future threats.

Conclusion

The Collide+Power attack is a new power side-channel attack that can be used to obtain sensitive information from nearly any modern CPU. While the current data leakage rates are relatively low and the attack is not likely to be deployed against end users in the wild, it highlights potential issues that need to be addressed. Redesigning general-purpose CPUs to prevent data collisions at the hardware level is a complex task, but mitigations can be implemented to prevent attackers from observing power-related signals. Users and organizations should remain vigilant against malware and other malicious software that could be used to execute Collide+Power attacks. The ongoing battle between attackers and security researchers underscores the need for constant improvement and collaboration within the cybersecurity community.