We do often include affiliate links to earn us some pennies. See more here.

Say hello to PLATYPUS, the latest CPU security problem

By - | Views: 28,765

This kind of PLATYPUS is not a sweet and unusual mammal, this is a security problem recently announced that affects Intel across server, desktop and laptop CPUs. Along with a long list of other Intel issues that went public today (there's like 40 of them…), PLATYPUS is one that's gaining some attention and came with its own fancy website.

PLATYPUS (Power Leakage Attacks: Targeting Your Protected User Secrets) is a way to exploit the unprivileged access to the Intel RAPL (Running Average Power Limit) interface exposing the processor's power consumption to infer data and extract cryptographic keys. Physical access is not required the researchers say, so it's quite a concerning one.

You can check out these two videos they released to explain it a little:

YouTube Thumbnail
YouTube videos require cookies, you must accept their cookies to view. View cookie preferences.
Accept Cookies & Show   Direct Link
YouTube Thumbnail
YouTube videos require cookies, you must accept their cookies to view. View cookie preferences.
Accept Cookies & Show   Direct Link

Here's some more information from the website setup for PLATYPUS:

With classical power side-channel attacks, an attacker typically has physical access to a victim device. Using an oscilloscope, the attacker monitors the energy consumption of the device. With interfaces like Intel RAPL, physical access is not required anymore as the measurements can be accessed directly from software. Previous work already showed limited information leakage caused by the Intel RAPL interface. Mantel et al. showed that it is possible to distinguish if different cryptographic keys have been processed by the CPU. Paiva et al. established a covert channel by modulating the energy consumption of the DRAM.

Our research shows that the Intel RAPL interface can be exploited in way more threatening scenarios. We show that in addition to distinguishing different keys, it is possible to reconstruct entire cryptographic keys. We demonstrate this by recovering AES keys from the side-channel resilient AES-NI implementation, as well as RSA keys from an Intel SGX enclave. In addition, we distinguish different Hamming weights of operands or memory loads, threatening constant-time implementations of cryptographic algorithms. To mitigate PLATYPUS, the unprivileged access to the energy consumption has been revoked with an update to the operating system. With Intel SGX, however, a compromised operating system is within the threat model, rendering this mitigation insufficient. Therefore, Intel released microcode updates that change the way the energy consumption is reported if Intel SGX is enabled on the system. Instead of actual energy measurements, it falls back to a model-based approach, such that same instructions with different data or operands can not be distinguished.

Who is behind PLATYPUS? Various developers at Graz University of Technology, CISPA Helmholtz Center for Information Security and the University of Birmingham including: Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella and Daniel Gruss.

Are you directly affected? Well it goes all the way back to Sandy Bridge (2011), so have a look at the list of what's affected which can be found here. Intel released microcode updates to affected processors and for Linux there's been security updates to help with it. As always, ensure you're up to date everywhere possible.

The research does mention that other vendors are affected too like AMD from the Zen architecture onwards, but it appears limited to AMD Rome CPUs. ARM and NVIDIA too are possible as they all have these features available but the main testing has been done against Intel for now.

You can read more about PLATYPUS here. See the full Intel Security page for the rest of them.

Article taken from GamingOnLinux.com.
23 Likes
About the author -
author picture
I am the owner of GamingOnLinux. After discovering Linux back in the days of Mandrake in 2003, I constantly came back to check on the progress of Linux until Ubuntu appeared on the scene and it helped me to really love it. You can reach me easily by emailing GamingOnLinux directly. Find me on Mastodon.
See more from me
The comments on this article are closed.
21 comments
Page: «2/3»
  Go to:

killyou Nov 11, 2020
Giving names to vulnerabilities annoys me to no end.
elmapul Nov 11, 2020
Quoting: GuestPlatypi are a myth, they have not be created yet.

i'm laughing and its not just a little bit.
Koopacabras Nov 11, 2020
I suppose if it is an academic research done by an University the standard measures apply and probably kernel devs already knew this for months and probably kernels are already patched. They usually make the devs aware of it before releasing the research on public.


Last edited by Koopacabras on 11 November 2020 at 3:23 am UTC
slaapliedje Nov 11, 2020
Quoting: killyouGiving names to vulnerabilities annoys me to no end.
Right? Who started the damn trend? It is like naming nasty features of nature!
Philadelphus Nov 11, 2020
Quoting: slaapliedjeSpeaking of drifting off-topic... I saw a video a while back that was all about some of the ridiculous creatures in Dungeons and Dragons throughout the years....

And now I want to see the specs for a Giant Platypus! I mean all other animals seem to have a 'Giant' version of them... Imagine riding one into battle?
Platypuses are like real-world Owlbears, except they're Duckbeavers.
Maweki Nov 11, 2020
What exactly are the INTEL guys doing for a living?
Nanobang Nov 11, 2020
View PC info
  • Supporter
Sounds like the wettest wet dream of every intelligence agency in the world. I mean, I'm a little hazy on the what it means to say that keys can be "recovered," but isn't the upshot of all this that unfriendly software can decrypt and use encryption keys to decrypt local information?


Last edited by Nanobang on 11 November 2020 at 12:27 pm UTC
wvstolzing Nov 11, 2020
Well, well, well...

You know who has a platypus mascot? The Darwin project, of course...

... and yesterday, Apple released their first arm-based line.
COINCIDENCE? I think not...
Cyril Nov 11, 2020
Quoting: Guest
Quoting: CyrilAh shit, here we go again...
But I don't see the Sandy Bridge CPU on that affected list.
It start with the 6th generation, am I wrong?

It starts with Sandy Bridge. But that generation had AES-NI instructions only for I5 or above.

https://en.wikipedia.org/wiki/AES_instruction_set

OK, thanks, still confusing I think, why not listing properly the affected CPU then?
slaapliedje Nov 11, 2020
Quoting: Philadelphus
Quoting: slaapliedjeSpeaking of drifting off-topic... I saw a video a while back that was all about some of the ridiculous creatures in Dungeons and Dragons throughout the years....

And now I want to see the specs for a Giant Platypus! I mean all other animals seem to have a 'Giant' version of them... Imagine riding one into battle?
Platypuses are like real-world Owlbears, except they're Duckbeavers.
Owlbears don't have bio luminescence though! The platypus really is a 'god was bored' creature.
While you're here, please consider supporting GamingOnLinux on:

Reward Tiers: Patreon. Plain Donations: PayPal.

This ensures all of our main content remains totally free for everyone! Patreon supporters can also remove all adverts and sponsors! Supporting us helps bring good, fresh content. Without your continued support, we simply could not continue!

You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
The comments on this article are closed.