Look Both Ways and Watch Out for Side-Channels!

By Matthew E Hoekstra, Published: 05/19/2015, Last Updated: 05/19/2015

It has been a while again since I've posted, I've been busy with the day job.

Given some recent research results, I thought I would briefly discuss side-channels.  In case you don't fully understand what a side-channel is I heard a great analogy from my boss, Intel Vice President Sridhar Iyengar (pro-tip:  it never hurts to compliment your boss occasionally :)).

Brief Description of Side Channels

Suppose you were considering starting a drive-thru coffee stand in your neighborhood.  Before you embark upon this venture it would be good to know how much revenue is generated by other coffee stands in your area.  Now if I owned a potential rival coffee stand across town there are a number of good reasons why I may want to keep my daily/weekly/monthly revenue a secret.  So if you want to know what other coffee stands make, but you can't expect the owners of those businesses to tell you, how can you do it?

You could set up a chair across the street from one of these stands and sit and count how many cars come through during a given time period.  Then if you knew what an average drink costs at the stand, you can form a rough idea of how much revenue is coming in.  You can go further by looking closer at how many people are in the cars and what types of cars are driving through (more brand new BMW SUVs or 20 year old Toyota pickups) and you can get an even better idea of how much revenue is coming in.

So even though the coffee stand owner didn't tell you how much money came in, by watching what was happening around the coffee stand you can get a pretty close approximation.  These observations of vehicle traffic, occupants, and type are side-channels!

Possible Side Channels for revealing secrets

Technical side channels are often used to infer information about secrets on a platform.  Researchers have shown that taking electromagnetic measurements of certain types of computing elements can allow them to infer some information about the information being processed by a device.  Network traffic analysis is yet another way to gain insights into the information being processed by a program or a device.

Another commonly used technical side-channel is the observation of the memory access patterns made by a program.  Just today, researchers from the University of Texas Austin and Microsoft Research published a paper showing how they could use a memory side channel to infer information about the data processed by large blocks of unmodified code placed into a protected environment.  These are some of the same folks that showed how Intel® SGX can be used to protect cloud workloads and just yesterday how it can also be used to help protect data analytics.  But as the side-channel research shows software developers still need to be careful.

Call to action

Many current libraries for cryptography have already been developed with memory side-channels in mind.  They ensure that if an application is performing an encryption or decryption operation, other software observing the memory access behavior of the application cannot infer anything interesting about the contents of the data being encrypted/decrypted or the associated keys.  But as the recent research shows if one is trying to protect a picture or a document the same sort of attention that has historically been paid to crypto algorithms to avoid side-channels may also need to be considered when developing the software that is using the secret information.

Work is underway at Intel and elsewhere to create tools that make the detection and prevention of possible memory side-channels easier, but more contributions are always welcome.  It would be good for all software developers to know a little bit more about side-channels and how these may impact the information they are protecting.  History shows that when a person or even an organization attempts to create a complete top-to-bottom security solution alone, in secret, the results almost always lead difficult future faced with continually dealing with flaws as they are discovered.  Any security technologist in today's day and age needs to be prepared to rapidly respond to vulnerabilities as they are discovered, but life is much easier if few of these issues are discovered after a solution is released.

As I mentioned in this Intel Labs blog post, some of the best results are achieved when experts from many disciplines and organizations come together to create a secure solution.  So I hope that any developer with enough interest to read this post would spend some time learning more about software side-channels and maybe propose some innovative solutions that will benefit the worldwide information technology community.

Product and Performance Information


Intel's compilers may or may not optimize to the same degree for non-Intel microprocessors for optimizations that are not unique to Intel microprocessors. These optimizations include SSE2, SSE3, and SSSE3 instruction sets and other optimizations. Intel does not guarantee the availability, functionality, or effectiveness of any optimization on microprocessors not manufactured by Intel. Microprocessor-dependent optimizations in this product are intended for use with Intel microprocessors. Certain optimizations not specific to Intel microarchitecture are reserved for Intel microprocessors. Please refer to the applicable product User and Reference Guides for more information regarding the specific instruction sets covered by this notice.

Notice revision #20110804