OpenBSD's decision to disable Intel's Hyper-Threading technology by default appears to have been built on a sound foundation, with details of a key-leaking exploit dubbed TLBleed appearing in public for the first time.
OpenBSD developer Mark Kettinis raised eyebrows last week by publishing a patch to disable Intel's Hyper-Threading technology by default, following concerns over the possibility that data could be exfiltrated from a supposedly 'secure' thread by another thread running on the same physical core.
While Kettinis did not share details of any potential exploit against the Hyper-Threading system, his patch appears to have been prescient: A team of security researchers have confirmed a vulnerability dubbed TLBleed which exploits Hyper-Threading in exactly the manner of which Kettinis warned. Far from theoretical, the attack is extremely effective: The researchers claim to have a 98 percent success rate in recovering a 256-bit EdDSA encryption key after a single signing operation.
Details of the flaw are to be made public later this week ahead of the team's presentation at the Black Hat USA security conference in August. The Register, however, has viewed the team's research paper, and confirms its details while stating that it is non-trivial to exploit - thus not of the same level of concern as this year's earlier Spectre and Meltdown vulnerabilities.
Reply With Quote
Bookmarks