Researcher Names: Riccardo Paccagnella
Link: https://arxiv.org/abs/2103.03443
This research is the first to show that contention on the ring interconnect can be exploited to build practical side channel attacks. This is something that was not considered feasible until now, mainly because of the complexity and opaque design of on-chip interconnects and the fact that on-chip interconnects are noisy and coarse-grained channels.
Lord of the Ring(s) thoroughly reverse engineered the ring interconnect to reveal the precise conditions under which it is susceptible to contention. It then demonstrates interconnect-based side channel attacks that can leak cryptographic keys and user keystrokes. If that’s not enough, Lord of the Ring(s) throws in a covert channel with a capacity of over 4 Mbps for extra pizzazz, which is faster than all prior channels that do not rely on shared memory. Importantly, unlike previous attacks, this does not rely on sharing memory, cache sets, core-private resources, or any specific uncore structures.
As a consequence, mitigations are almost impossible using existing “domain isolation” techniques. This work will open up a new line of research that explores microarchitectural attacks and defenses on on-chip interconnects.