Quicker RSA key theft through branch prediction

Cryptologists have developed an improved method for user processes to spy on a secret RSA key from another higher privileged process. The approach was first articulated by Colin Percival from FreeBSD in mid 2005. He demonstrated that spy processes could garner information about operations currently running in other processes based on the timing of memory accesses. Minimal timing differences are enough to determine parts of the RSA keys for an OpenSSL encryption operation using what is known as a side channel attack. Such an attack only requires the observation of a single RSA private key operation.

The researchers report that the improved method allows for spy processes running parallel to one another to spy on all secret bits during a single RSA signing execution. The attack, known as Simple Branch Prediction Analysis (SBPA), observes the branch prediction of modern processors whilst attempting to determine the key from the timing differences. The report's authors, Onur Aciicmez, Cetin Kaya Koc and Jean-Pierre Seifert depict a concrete attack on OpenSSL on a Pentium 4 processor, albeit using a key that would be considered quite short by today's standards (512 bit).

They claim that the demonstration proves that protective measures like memory protection, sandboxing and virtualisation cannot protect against side channel attacks. The recommended masking techniques to protect against such attacks are completely useless, they feel. Bruce Schneier, writing about the new technique in his blog, notes that the security of applications using Digital Rights Management (DRM) could be threatened by such techniques.

Reference:

• On the Power of Simple Branch Prediction Analysis, Paper (PDF) by Onur Aciicmez, Cetin Kaya Koc and Jean-Pierre Seifert

(ehe)