Security news that informs and inspires

NetSpectre Highlights New Ways to Exploit Speculative Execution

By

NetSpectre may not be an immediate threat, but the research helps us understand microprocessor architecture better.

Spectre and Meltdown were the first examples of a new category of micro-architectural vulnerabilities in modern processor chips, and it was well-understood that there would be more. In the latest research, security researchers from Austria’s Graz University of Technology have developed a way to exploit speculative-execution design flaws over a network connection.

One reassuring thing about the various Spectre-related attacks devised thus far was that the malicious code would have to run locally on the targeted machine to potentially extract secrets such as passwords and keys from computer memory. NetSpectre showed that a service running the exploit code could establish a remote network connection to the targeted machine in order to—theoretically—pull the contents out of application memory.

With most vulnerabilities, the fact that it can be exploited remotely would move the flaw up higher on the critical scale. That isn’t the case with NetSpectre, because it is an extremely slow attack, leaking 15 bits per hour, or 60 bits an hour via an AVX-based covert channel. It could take days to find and gather secrets such as encryption keys or authentication tokens.

“Current attacks are very impractical and would likely not apply well in real-world scenarios,” said Mikhail Davidov, senior security researcher at Duo Security.

Novel Methods

Speculative execution is a core feature added to modern processors to boost performance. The processor tries to guess what instructions the program wants to call next and begins executing potential paths even before the program gets to that point. The program takes the results from the correct path and the processor discards the other paths.

Spectre is a timing attack that measures differences in cache performance to extract data from cache before the paths are discarded. NetSpectre measures the time taken to execute instructions over the network.

“The attacker only sends a series of crafted requests to the victim and measures the response time to leak a secret value from the victim’s memory,” the researchers wrote in the paper.

The Graz team developed two methods for NetSpectre. In the first method, the attackers makes the remote system perform a large data transfer, such as a file download, to fill the cache with useless data. The attacker calls the attack code to speculatively load some value in the processor’s cache, and measures the difference in the microarchitectural state.

The second method doesn’t use cache at all, and instead looks at the AVX2 vector instruction set on certain Intel processors. The processor powers down those units when not in use, so running an AVX2 instruction takes longer if the units were fully powered down compared to if they were on. The attacker can measure these small performance differences over a network.

Network latency, which is the time it takes the requests to move through the network, matters because the measurements themselves are so small. Researchers needed about 100,000 measurements on a local network to figure out the value of a single bit. To make the attack reliable and consistent, they used one million measurements per bit, or an overall data extraction rate of about one byte every 30 minutes. Over a remote network to a system hosted in Google Cloud, the researchers needed 20 million measurements for each bit, and the data rate dropped to one byte every hour for the cache side channel.

The precise timing and constant measurement required for NetSpectre makes it likely that noisy network environments would hamper execution. The research team’s proof-of-concept doesn’t reflect real-world situations, as the servers weren’t dealing with real traffic. The attack code was on a purpose-built application with only a single use. If the application had been dealing with a “real load” and not ideal network conditions, it would have slowed the attack down even further, Davidov said.

“Each network hop between switches adds entropy to the latency of the overall request,” Davidov said. Trying to execute the attack over the Internet “might make it impossible to execute.”

Research Impact

With the original Spectre and Meltdown attacks, cloud hosts were vulnerable, and browsers were vulnerable to sites with specially-crafted JavaScript. With this remote variant, the biggest risk would be if the attackers want highly targeted data extraction, such as a portion of an encryption key. The cache side channel can be used to leak memory addresses to defeat ASLR (address space layout randomization). With ASLR out of the picture, the attacker can exploit other flaws in the target system.

There is no known malware exploiting NetSpecture, or other Spectre and Meltdown variants.

We are getting too far into the weeds with these types of attacks—there are too many conditions for them to be practical,” said Mounir Hahad, Head of Threat Research at Juniper Networks. "Threat actors have access to much easier tools to compromise victims—they won’t need to deal with the complexity and uncertainty of a network-based Spectre attack.

Spectre’s countermeasures are effective for NetSpectre. If the system is fully patched against Spectre, it also blocks NetSpectre attacks. “NetSpectre is an application of Bounds Check Bypass (CVE-2017-5753), and is mitigated in the same manner—through code inspection and modification of software to ensure a speculation stopping barrier is in place where appropriate,” Intel said. The chip giant has updated the Analyzing Potential Bounds Check Bypass Vulnerabilities whitepaper with information about NetSpectre.

If a real-world attack in the current form is unlikely, and the existing mitigations are effective, it’s easy to dismiss the latest research as an academic exercise. The reality is the opposite: the research is valuable because it identifies the different pathways and subcomponents in the chip architecture that may potentially leak information. Researchers have been digging into modern processor chip design over the past few years, and the initial Spectre research proved that just because the data is isolated on the processor doesn’t mean the data is safe.

Increased scrutiny on the processor means more attacks being discovered. Researchers looking at this area means they will understand the dangers better and be able to tell when technology advances to the point that current technical limitations are removed. The insights from this kind of research will eventually feed into better chip design and application development.

Spectre was “an acknowledgement that CPU architectural side-channels are real threats,” Joe FitzPatrick, a hardware security researcher and trainer, said earlier this year.

NetSpectre is “an expected evolution of the bug class," Davidov said.