Pete Finnigan's Oracle Security Weblog

I saw a mention of this paper on a list somewhere and made a note to have a look. This is a very interesting idea on how to hack cryptographic keys. The paper is titled "Cache missing for fun and profit" - by Colin Percival

"Abstract. Simultaneous multithreading — put simply, the shar-ing of the execution resources of a superscalar processor betweenmultiple execution threads — has recently become widespread viaits introduction (under the name “Hyper-Threading”) into IntelPentium 4 processors. In this implementation, for reasons of ef-ficiency and economy of processor area, the sharing of processorresources between threads extends beyond the execution units; ofparticular concern is that the threads share access to the memorycaches.We demonstrate that this shared access to memory caches pro-vides not only an easily used high bandwidth covert channel be-tween threads, but also permits a malicious thread (operating, intheory, with limited privileges) to monitor the execution of anotherthread, allowing in many cases for theft of cryptographic keys.Finally, we provide some suggestions to processor designers, op-erating system vendors, and the authors of cryptographic software,of how this attack could be mitigated or eliminated entirely."