Hello from the Other Side: SSH over Robust Cache Covert ... Conf... · March 30th, 2017 1. About...
Transcript of Hello from the Other Side: SSH over Robust Cache Covert ... Conf... · March 30th, 2017 1. About...
Hello from the Other Side:SSH over Robust Cache Covert Channels in the Cloud
Michael Schwarz and Manuel WeberMarch 30th, 2017
1
About this presentation
This talks shows how caches allow to circumvent the isolation of virtualmachines
• It is not about software bugs• The attack vector is due to hardware design• We demonstrate a robust covert channel on the Amazon cloud• And we have a really cool live demo at the end
2
Take aways
Take aways
• Cache-based covert channels are practical and a real threat• Virtual machines are not a perfect isolation mechanism• There is no known countermeasure for what we present
3
Introduction
Whoami
• Manuel Weber• PhD Student, Graz University of Technology• Interested in IoT, networks and security• @WeberOnNetworks
4
Whoami
• Michael Schwarz• PhD Student, Graz University of Technology• Likes to break stuff• @misc0110
5
And the team
The research team• Clémentine Maurice• Lukas Giner• Daniel Gruss• Carlo Alberto Boano• Kay Römer• Stefan Mangard
from Graz University of Technology
6
Covert channel
What is a covert channel?
• Two programs would like to communicate
but are not allowed to do so• either because there is no communication channel...• ...or the channels are monitored and programs are stopped on communicationattempts
• Use side channels and stay stealthy
7
Covert channel
What is a covert channel?
• Two programs would like to communicate but are not allowed to do so
• either because there is no communication channel...• ...or the channels are monitored and programs are stopped on communicationattempts
• Use side channels and stay stealthy
7
Covert channel
What is a covert channel?
• Two programs would like to communicate but are not allowed to do so• either because there is no communication channel...
• ...or the channels are monitored and programs are stopped on communicationattempts
• Use side channels and stay stealthy
7
Covert channel
What is a covert channel?
• Two programs would like to communicate but are not allowed to do so• either because there is no communication channel...• ...or the channels are monitored and programs are stopped on communicationattempts
• Use side channels and stay stealthy
7
Covert channel
What is a covert channel?
• Two programs would like to communicate but are not allowed to do so• either because there is no communication channel...• ...or the channels are monitored and programs are stopped on communicationattempts
• Use side channels and stay stealthy
7
Covert channel
8
Covert channel
8
Challenges
Cross-VM side channel
9
Challenges
Cross-VM side channel
Communication channel
9
Challenges
Cross-VM side channel
Communication channel
Synchronization
9
Challenges
Cross-VM side channel
Communication channel
Synchronization
Errorcorrection
9
Challenges
Cross-VM side channel
Communication channel
Synchronization
Errorcorrection
SSH
9
CPU Caches
Motivation
• Main memory is slow compared to the CPU
• Caches buffer frequently used data• Every data access goes through the cache• Caches are transparent to the OS and the software
10
Motivation
• Main memory is slow compared to the CPU• Caches buffer frequently used data
• Every data access goes through the cache• Caches are transparent to the OS and the software
10
Motivation
• Main memory is slow compared to the CPU• Caches buffer frequently used data• Every data access goes through the cache
• Caches are transparent to the OS and the software
10
Motivation
• Main memory is slow compared to the CPU• Caches buffer frequently used data• Every data access goes through the cache• Caches are transparent to the OS and the software
10
Memory access time
11
Memory access time
11
Cache hierarchy
Core 0
L1
L2
Core 1
L1
L2
Core 2
L1
L2
Core 3
L1
L2 ring bus
LLCslice 0
LLCslice 1
LLCslice 2
LLCslice 3
• L1 and L2 are private• Last-level cache is
• divided into slices• shared across cores• inclusive
12
Set-associative Last-level Cache
Memory Address
Cache
6 bits11 bits
2048 cache sets
• Location in cache depends on the physical address of data
13
Set-associative Last-level Cache
Memory Address
Cache
6 bits11 bits
Cache Set
2048 cache sets
• Location in cache depends on the physical address of data
• Bits 6 to 16 determine the cache set
13
Set-associative Last-level Cache
Memory Address
Cache
Way 0 Way 1 ... Way n
6 bits11 bits
Cache Set
2048 cache sets
• Location in cache depends on the physical address of data
• Bits 6 to 16 determine the cache set
• A cache set has multiple ways to store the data
13
Set-associative Last-level Cache
Memory Address
Cache
Way 0 Way 1 ... Way n
6 bits11 bits
Cache Set
2048 cache sets
Cache Line
• Location in cache depends on the physical address of data
• Bits 6 to 16 determine the cache set
• A cache set has multiple ways to store the data
• A way inside a cache set is a cache line, determined by the cache replacement policy
13
Prime+Probe
Prime+Probe
Prime+Probe...
• exploits the timing difference when accessing...• cached data (fast)• uncached data (slow)
• is applied to one cache set• works across CPU cores as the last-level cache is shared
14
Prime+Probe
Prime+Probe...
• exploits the timing difference when accessing...
• cached data (fast)• uncached data (slow)
• is applied to one cache set• works across CPU cores as the last-level cache is shared
14
Prime+Probe
Prime+Probe...
• exploits the timing difference when accessing...• cached data (fast)
• uncached data (slow)• is applied to one cache set• works across CPU cores as the last-level cache is shared
14
Prime+Probe
Prime+Probe...
• exploits the timing difference when accessing...• cached data (fast)• uncached data (slow)
• is applied to one cache set• works across CPU cores as the last-level cache is shared
14
Prime+Probe
Prime+Probe...
• exploits the timing difference when accessing...• cached data (fast)• uncached data (slow)
• is applied to one cache set
• works across CPU cores as the last-level cache is shared
14
Prime+Probe
Prime+Probe...
• exploits the timing difference when accessing...• cached data (fast)• uncached data (slow)
• is applied to one cache set• works across CPU cores as the last-level cache is shared
14
Prime+Probe
Receiveraddress space Cache Sender
address space
Step0: Receiver fills the cache (prime)
15
Prime+Probe
Receiveraddress space Cache Sender
address space
Step0: Receiver fills the cache (prime)
15
Prime+Probe
Receiveraddress space Cache Sender
address space
Step0: Receiver fills the cache (prime)
15
Prime+Probe
Receiveraddress space Cache Sender
address space
Step0: Receiver fills the cache (prime)Step 1: Sender evicts cache lines by accessing owndata
loads data
15
Prime+Probe
Receiveraddress space Cache Sender
address space
Step0: Receiver fills the cache (prime)Step 1: Sender evicts cache lines by accessing owndata
loads data
15
Prime+Probe
Receiveraddress space Cache Sender
address space
Step0: Receiver fills the cache (prime)Step 1: Sender evicts cache lines by accessing owndata
loads data
15
Prime+Probe
Receiveraddress space Cache Sender
address space
Step0: Receiver fills the cache (prime)Step 1: Sender evicts cache lines by accessing owndata
loads data
15
Prime+Probe
Receiveraddress space Cache Sender
address space
Step0: Receiver fills the cache (prime)Step 1: Sender evicts cache lines by accessing owndata
15
Prime+Probe
Receiveraddress space Cache Sender
address space
Step0: Receiver fills the cache (prime)Step 1: Sender evicts cache lines by accessing owndataStep 2: Receiver probes data to determine if the set was accessed
15
Prime+Probe
Receiveraddress space Cache Sender
address space
Step0: Receiver fills the cache (prime)Step 1: Sender evicts cache lines by accessing owndataStep 2: Receiver probes data to determine if the set was accessed
fast access
15
Prime+Probe
Receiveraddress space Cache Sender
address space
Step0: Receiver fills the cache (prime)Step 1: Sender evicts cache lines by accessing owndataStep 2: Receiver probes data to determine if the set was accessed
slow access
15
Building a robust covert channel
The goal
We want to build a covert channel which...
• works across virtual machines• runs on the Amazon cloud• is fast (i.e., multiple kB/s)• is free of transmission errors• is robust against system noise
16
The goal
We want to build a covert channel which...
• works across virtual machines
• runs on the Amazon cloud• is fast (i.e., multiple kB/s)• is free of transmission errors• is robust against system noise
16
The goal
We want to build a covert channel which...
• works across virtual machines• runs on the Amazon cloud
• is fast (i.e., multiple kB/s)• is free of transmission errors• is robust against system noise
16
The goal
We want to build a covert channel which...
• works across virtual machines• runs on the Amazon cloud• is fast (i.e., multiple kB/s)
• is free of transmission errors• is robust against system noise
16
The goal
We want to build a covert channel which...
• works across virtual machines• runs on the Amazon cloud• is fast (i.e., multiple kB/s)• is free of transmission errors
• is robust against system noise
16
The goal
We want to build a covert channel which...
• works across virtual machines• runs on the Amazon cloud• is fast (i.e., multiple kB/s)• is free of transmission errors• is robust against system noise
16
Challenges
Cross-VM side channel
Communication channel
Synchronization
Errorcorrection
SSH
17
Cross-VM side channel
We require a side channel which works across virtual machines
• We do not want to rely on software bugs, they can be patched• We want to exploit the hardware• Memory is shared between all virtual machines
• DRAM→ covert channel (Schwarz and Fogh 2016, BlackHat Europe)• Cache→ this talk!
18
Cross-VM side channel
We require a side channel which works across virtual machines
• We do not want to rely on software bugs, they can be patched
• We want to exploit the hardware• Memory is shared between all virtual machines
• DRAM→ covert channel (Schwarz and Fogh 2016, BlackHat Europe)• Cache→ this talk!
18
Cross-VM side channel
We require a side channel which works across virtual machines
• We do not want to rely on software bugs, they can be patched• We want to exploit the hardware
• Memory is shared between all virtual machines• DRAM→ covert channel (Schwarz and Fogh 2016, BlackHat Europe)• Cache→ this talk!
18
Cross-VM side channel
We require a side channel which works across virtual machines
• We do not want to rely on software bugs, they can be patched• We want to exploit the hardware• Memory is shared between all virtual machines
• DRAM→ covert channel (Schwarz and Fogh 2016, BlackHat Europe)• Cache→ this talk!
18
Cross-VM side channel
We require a side channel which works across virtual machines
• We do not want to rely on software bugs, they can be patched• We want to exploit the hardware• Memory is shared between all virtual machines
• DRAM
→ covert channel (Schwarz and Fogh 2016, BlackHat Europe)• Cache→ this talk!
18
Cross-VM side channel
We require a side channel which works across virtual machines
• We do not want to rely on software bugs, they can be patched• We want to exploit the hardware• Memory is shared between all virtual machines
• DRAM→ covert channel (Schwarz and Fogh 2016, BlackHat Europe)
• Cache→ this talk!
18
Cross-VM side channel
We require a side channel which works across virtual machines
• We do not want to rely on software bugs, they can be patched• We want to exploit the hardware• Memory is shared between all virtual machines
• DRAM→ covert channel (Schwarz and Fogh 2016, BlackHat Europe)• Cache
→ this talk!
18
Cross-VM side channel
We require a side channel which works across virtual machines
• We do not want to rely on software bugs, they can be patched• We want to exploit the hardware• Memory is shared between all virtual machines
• DRAM→ covert channel (Schwarz and Fogh 2016, BlackHat Europe)• Cache→ this talk!
18
Cross-VM side channel
We can use Prime+Probe for the side channel
• Prime+Probe works with the last-level cache
• The last-level cache is shared among all CPU cores• No requirement for any form of shared memory• We just need to build eviction sets and negotiate the used cache sets
19
Cross-VM side channel
We can use Prime+Probe for the side channel
• Prime+Probe works with the last-level cache• The last-level cache is shared among all CPU cores
• No requirement for any form of shared memory• We just need to build eviction sets and negotiate the used cache sets
19
Cross-VM side channel
We can use Prime+Probe for the side channel
• Prime+Probe works with the last-level cache• The last-level cache is shared among all CPU cores• No requirement for any form of shared memory
• We just need to build eviction sets and negotiate the used cache sets
19
Cross-VM side channel
We can use Prime+Probe for the side channel
• Prime+Probe works with the last-level cache• The last-level cache is shared among all CPU cores• No requirement for any form of shared memory• We just need to build eviction sets and negotiate the used cache sets
19
Cross-VM side channel
• We need a set of addresses in the same cache set and same slice
• Problem: slice number depends on all bits of the physical address
physical address
cache tagcache setindex
cache lineoffset
2MB page offset
xxxx
• We can build a set of addresses in the same cache set and same slice...
• ...without knowing which slice• And then remove the addresses of the wrong slices afterwards
20
Cross-VM side channel
• We need a set of addresses in the same cache set and same slice• Problem: slice number depends on all bits of the physical address
physical address
cache tagcache setindex
cache lineoffset
2MB page offset
xxxx
• We can build a set of addresses in the same cache set and same slice...• ...without knowing which slice
• And then remove the addresses of the wrong slices afterwards
20
Cross-VM side channel
• We need a set of addresses in the same cache set and same slice• Problem: slice number depends on all bits of the physical address
physical address
cache tagcache setindex
cache lineoffset
2MB page offset
xxxx
• We can build a set of addresses in the same cache set and same slice...
• ...without knowing which slice• And then remove the addresses of the wrong slices afterwards
20
Cross-VM side channel
• We need a set of addresses in the same cache set and same slice• Problem: slice number depends on all bits of the physical address
physical address
cache tagcache setindex
cache lineoffset
2MB page offset
xxxx
• We can build a set of addresses in the same cache set and same slice...• ...without knowing which slice
• And then remove the addresses of the wrong slices afterwards
20
Cross-VM side channel
• We need a set of addresses in the same cache set and same slice• Problem: slice number depends on all bits of the physical address
physical address
cache tagcache setindex
cache lineoffset
2MB page offset
xxxx
• We can build a set of addresses in the same cache set and same slice...• ...without knowing which slice• And then remove the addresses of the wrong slices afterwards
20
Cross-VM side channel
• We need a set of addresses in the same cache set and same slice• Problem: slice number depends on all bits of the physical address
physical address
cache tagcache setindex
cache lineoffset
2MB page offset
xxxx
• We can build a set of addresses in the same cache set and same slice...• ...without knowing which slice• And then remove the addresses of the wrong slices afterwards
20
Challenges
Cross-VM side channelPrime+Probe
Communication channel
Synchronization
Errorcorrection
SSH
21
Challenges
Cross-VM side channelPrime+Probe
Communication channel
Synchronization
Errorcorrection
SSH
21
Communication Channel
• For a communication, we have to agree on communication channels
• We have to negotiate them dynamically• There is always noise on all cache sets
(a) Quiet system (b)Watching an 1080p video
22
Communication Channel
• For a communication, we have to agree on communication channels• We have to negotiate them dynamically
• There is always noise on all cache sets
(a) Quiet system (b)Watching an 1080p video
22
Communication Channel
• For a communication, we have to agree on communication channels• We have to negotiate them dynamically• There is always noise on all cache sets
(a) Quiet system (b)Watching an 1080p video22
Communication Channel
Quite similar to a wireless communication channel
-100
-80
-60
-40
-20
0
0 2500 5000 7500
RSS
I [dB
m]
Time [µs]
(a) Bluetooth
-100
-80
-60
-40
-20
0
0 20000 40000 60000
RSS
I [dB
m]
Time [µs]
(b) Microwave
-100
-80
-60
-40
-20
0
0 500 1000 1500 2000
RSS
I [dB
m]
Time [µs]
(c)WiFi
Figure 2: Noise in wireless channels (Boano et al. 2012)
23
Jamming Agreement
• Idea: »He who shouts loudest will be heard«
• One party generates a lot of “noise” on the channel• The other party monitors the channels• Correct channel if the noise level never falls below a certain value
24
Jamming Agreement
• Idea: »He who shouts loudest will be heard«• One party generates a lot of “noise” on the channel
• The other party monitors the channels• Correct channel if the noise level never falls below a certain value
24
Jamming Agreement
• Idea: »He who shouts loudest will be heard«• One party generates a lot of “noise” on the channel• The other party monitors the channels
• Correct channel if the noise level never falls below a certain value
24
Jamming Agreement
• Idea: »He who shouts loudest will be heard«• One party generates a lot of “noise” on the channel• The other party monitors the channels• Correct channel if the noise level never falls below a certain value
24
Jamming Agreement
-100
-80
-60
-40
-20
0
0 5000 10000 15000
RSS
I [dB
m]
Time [µs]
Jamming sequence of 13 ms(absence of interference)
(a) No interference
-100
-80
-60
-40
-20
0
0 5000 10000 15000
RSS
I [dB
m]
Time [µs]
Jamming sequence of 13 ms(presence of Wi-Fi interference)
(b)WiFi interference
Figure 3: Jamming agreement in wireless channels (Boano et al. 2012) 25
Jamming Agreement
SenderEviction Sets
#1
#2
#3
#4
Cache Sets
ReceiverEviction Sets
26
Jamming Agreement
SenderEviction Sets
#1
prime
#2
#3
#4
Cache Sets
S S S S S S S S
ReceiverEviction Sets
26
Jamming Agreement
SenderEviction Sets
#1
#2
#3
#4
Cache Sets
S S S S S S S S
R R R R R R R R
ReceiverEviction Sets
prime
26
Jamming Agreement
SenderEviction Sets
#1
probe
#2
#3
#4
Cache Sets
S S S S S S S S
R R R R R R R R
ReceiverEviction Sets
26
Jamming Agreement
SenderEviction Sets
#1
#2
#3
#4
Cache Sets
S S S S S S S S
R R R R R R R R
ReceiverEviction Sets
probe
26
Jamming Agreement
SenderEviction Sets
#1
prime
#2
#3
#4
Cache Sets
S S S S S S S S
ReceiverEviction Sets
26
Jamming Agreement
SenderEviction Sets
#1
#2
#3
#4
Cache Sets
S S S S S S S S
R R R R R R R R
ReceiverEviction Sets
prime
26
Jamming Agreement
SenderEviction Sets
#1
probe
#2
#3
#4
Cache Sets
S S S S S S S S
R R R R R R R R
ReceiverEviction Sets
26
Jamming Agreement
SenderEviction Sets
#1
#2
#3
#4
Cache Sets
S S S S S S S S
R R R R R R R R
ReceiverEviction Sets
probe
26
Jamming Agreement
SenderEviction Sets
#1
prime
#2
#3
#4
Cache Sets
S S S S S S S S
ReceiverEviction Sets
26
Jamming Agreement
SenderEviction Sets
#1
#2
#3
#4
Cache Sets
R R R R R R R R
S S S S S S S S
ReceiverEviction Sets
prime
26
Jamming Agreement
SenderEviction Sets
#1
probe
#2
#3
#4
Cache Sets
R R R R R R R R
S S S S S S S S
ReceiverEviction Sets
26
Jamming Agreement
SenderEviction Sets
#1
#2
#3
#4
Cache Sets
R R R R R R R R
S S S S S S S S
ReceiverEviction Sets
probe
26
Jamming Agreement
SenderEviction Sets
#1
prime
#2
#3
#4
Cache Sets
S S S S S S S S
ReceiverEviction Sets
26
Jamming Agreement
SenderEviction Sets
#1
#2
#3
#4
Cache Sets
R R R R R R R R
ReceiverEviction Sets
prime
26
Jamming Agreement
SenderEviction Sets
#1
probe
#2
#3
#4
Cache Sets
S S S S S S S S
ReceiverEviction Sets
26
Jamming Agreement
SenderEviction Sets
#1
#2
#3
#4
Cache Sets
R R R R R R R R
ReceiverEviction Sets
#1probe
26
Jamming Agreement
SenderEviction Sets
#1 X
#2
#3
#4
Cache Sets
ReceiverEviction Sets
#1
26
Jamming Agreement
SenderEviction Sets
#1 X
#2
#3
#4
Cache Sets
ReceiverEviction Sets
#1
Achievement unlockedFinding each other in the cloud
26
Jamming Agreement
SenderEviction Sets
#1 X
#2
#3
#4
repeat!
ReceiverEviction Sets
#1
26
Jamming Agreement
SenderEviction Sets
#1 X
#2 X
#3
#4
repeat!
ReceiverEviction Sets
#2
#1
26
Jamming Agreement
SenderEviction Sets
#1 X
#2 X
#3 X
#4
repeat!
ReceiverEviction Sets
#3
#2
#1
26
Jamming Agreement
SenderEviction Sets
#1 X
#2 X
#3 X
#4 X
repeat!
ReceiverEviction Sets
#4
#3
#2
#1
26
Jamming Agreement
SenderEviction Sets
#1 X
#2 X
#3 X
#4 X
repeat!
ReceiverEviction Sets
#4
#3
#2
#1
Achievement unlockedAgreed on common channels
26
Sending Data
Last-level cache
Cache Set #1
Cache Set #2
Cache Set #3
Cache Set #4
Cache Set #5
Cache Set #6
Cache Set #7
Cache Set #8
Sender Receiver
27
Sending Data
Last-level cache
Cache Set #1
Cache Set #2
Cache Set #3
Cache Set #4
Cache Set #5
Cache Set #6
Cache Set #7
Cache Set #8
Sender Receiver
evict
evict
evict
evict
evict
evict
evict
evict
27
Sending Data
Last-level cache
Cache Set #1
Cache Set #2
Cache Set #3
Cache Set #4
Cache Set #5
Cache Set #6
Cache Set #7
Cache Set #8
Sender Receiver
01001000
27
Sending Data
Last-level cache
Cache Set #1
Cache Set #2
Cache Set #3
Cache Set #4
Cache Set #5
Cache Set #6
Cache Set #7
Cache Set #8
Sender Receiver
01001000
evict
evict
27
Sending Data
Last-level cache
Cache Set #1
Cache Set #2
Cache Set #3
Cache Set #4
Cache Set #5
Cache Set #6
Cache Set #7
Cache Set #8
Sender Receiver
01001000
measure
measure
measure
measure
measure
measure
measure
measure
01001000
27
Sending Data
Last-level cache
Cache Set #1
Cache Set #2
Cache Set #3
Cache Set #4
Cache Set #5
Cache Set #6
Cache Set #7
Cache Set #8
Sender Receiver
00101001
27
Sending Data
Last-level cache
Cache Set #1
Cache Set #2
Cache Set #3
Cache Set #4
Cache Set #5
Cache Set #6
Cache Set #7
Cache Set #8
Sender Receiver
00101001
evict
evict
evict
27
Sending Data
Last-level cache
Cache Set #1
Cache Set #2
Cache Set #3
Cache Set #4
Cache Set #5
Cache Set #6
Cache Set #7
Cache Set #8
Sender Receiver
00101001
measure
measure
measure
measure
measure
measure
measure
measure
00101001
27
Why don’t we just take the file...
28
...and put it into the channel?
29
Sending the first image
Achievement unlockedFirst transmission
30
Sending the first image
Achievement unlockedFirst transmission
30
Sending the first image
31
Sending the first image
32
Challenges
Cross-VM side channelPrime+Probe
Communication channel
JammingAgreement
Synchronization
Errorcorrection
SSH
33
Challenges
Cross-VM side channelPrime+Probe
Communication channel
JammingAgreement
Synchronization
Errorcorrection
SSH
33
Synchronization
What we see are mostly synchronization errors
1 0 0 1 1 0Sender
1 0 0 1 1 0Receiver
Normal transmission
34
Synchronization
What we see are mostly synchronization errors
1 0 0 1 1 0Sender
1 0 0Receiver
Deletion errors due to receiver not scheduled
34
Synchronization
What we see are mostly synchronization errors
1 0 0 1 1 0Sender
1 0 0 0 0 0 1 1 0Receiver
Insertion errors due to sender not scheduled
34
Synchronization
Only sometimes substitution errors which can be corrected
1 0 0 1 1 0Sender
1 1 0 1 1 0Receiver
Substitution errors due to unrelated noise
34
Synchronization
To cope with deletion errors, we use a request-to-send scheme.
• Transmission uses packets
DataPhysical layer word
12 bits
SQN
3 bits
• Receiver acknowledges by requesting the next sequence number
35
Synchronization
To cope with deletion errors, we use a request-to-send scheme.
• Transmission uses packets
DataPhysical layer word
12 bits
SQN
3 bits
• Receiver acknowledges by requesting the next sequence number
35
Synchronization
To cope with deletion errors, we use a request-to-send scheme.
• Transmission uses packets with 3-bit sequence numbers
DataPhysical layer word
12 bits
SQN
3 bits
• Receiver acknowledges by requesting the next sequence number
35
Synchronization
To cope with deletion errors, we use a request-to-send scheme.
• Transmission uses packets with 3-bit sequence numbers
DataPhysical layer word
12 bits
SQN
3 bits
• Receiver acknowledges by requesting the next sequence number
35
Synchronization
Important observation: insertion errors are almost always ‘0’s.
• Detecting additional ‘0’s detects (many) insertion errors• We need an error detection code
DataPhysical layer word
12 bits
SQN
3 bits
EDC
4 bits
• Count the number of ‘0’s in a word• Side effect: there is no ‘0’-word anymore
Achievement unlockedDetect Interrupts
36
Synchronization
Important observation: insertion errors are almost always ‘0’s.
• Detecting additional ‘0’s detects (many) insertion errors
• We need an error detection code
DataPhysical layer word
12 bits
SQN
3 bits
EDC
4 bits
• Count the number of ‘0’s in a word
• Side effect: there is no ‘0’-word anymore
Achievement unlockedDetect Interrupts
36
Synchronization
Important observation: insertion errors are almost always ‘0’s.
• Detecting additional ‘0’s detects (many) insertion errors• We need an error detection code
DataPhysical layer word
12 bits
SQN
3 bits
EDC
4 bits
• Count the number of ‘0’s in a word• Side effect: there is no ‘0’-word anymore
Achievement unlockedDetect Interrupts
36
Synchronization
Important observation: insertion errors are almost always ‘0’s.
• Detecting additional ‘0’s detects (many) insertion errors• We need an error detection code → Berger codes
DataPhysical layer word
12 bits
SQN
3 bits
EDC
4 bits
• Count the number of ‘0’s in a word• Side effect: there is no ‘0’-word anymore
Achievement unlockedDetect Interrupts
36
Synchronization
Important observation: insertion errors are almost always ‘0’s.
• Detecting additional ‘0’s detects (many) insertion errors• We need an error detection code → Berger codes
DataPhysical layer word
12 bits
SQN
3 bits
EDC
4 bits
• Count the number of ‘0’s in a word
• Side effect: there is no ‘0’-word anymore
Achievement unlockedDetect Interrupts
36
Synchronization
Important observation: insertion errors are almost always ‘0’s.
• Detecting additional ‘0’s detects (many) insertion errors• We need an error detection code → Berger codes
DataPhysical layer word
12 bits
SQN
3 bits
EDC
4 bits
• Count the number of ‘0’s in a word• Side effect: there is no ‘0’-word anymore
Achievement unlockedDetect Interrupts
36
Synchronization
Important observation: insertion errors are almost always ‘0’s.
• Detecting additional ‘0’s detects (many) insertion errors• We need an error detection code → Berger codes
DataPhysical layer word
12 bits
SQN
3 bits
EDC
4 bits
• Count the number of ‘0’s in a word• Side effect: there is no ‘0’-word anymore
Achievement unlockedDetect Interrupts
36
Synchronization
Sender ReceiverSEQ = 1 Initiate
transmission
Senderdescheduled
Receiverdescheduled
37
Synchronization
Sender ReceiverSEQ = 1 Initiate
transmission[DATA] SEQ = 1
Senderdescheduled
Receiverdescheduled
37
Synchronization
Sender ReceiverSEQ = 1 Initiate
transmission[DATA] SEQ = 1
SEQ = 2
Senderdescheduled
Receiverdescheduled
37
Synchronization
Sender ReceiverSEQ = 1 Initiate
transmission[DATA] SEQ = 1
SEQ = 2
[DATA] SEQ = 2
Senderdescheduled
Receiverdescheduled
37
Synchronization
Sender ReceiverSEQ = 1 Initiate
transmission[DATA] SEQ = 1
SEQ = 2
[DATA] SEQ = 2
[DATA] SEQ = 2
Senderdescheduled
Receiverdescheduled
37
Synchronization
Sender ReceiverSEQ = 1 Initiate
transmission[DATA] SEQ = 1
SEQ = 2
[DATA] SEQ = 2
[DATA] SEQ = 2
SEQ = 3Senderdescheduled
Receiverdescheduled
37
Synchronization
Sender ReceiverSEQ = 1 Initiate
transmission[DATA] SEQ = 1
SEQ = 2
[DATA] SEQ = 2
[DATA] SEQ = 2
SEQ = 3
SEQ = 3
Senderdescheduled
Receiverdescheduled
37
Synchronization
Sender ReceiverSEQ = 1 Initiate
transmission[DATA] SEQ = 1
SEQ = 2
[DATA] SEQ = 2
[DATA] SEQ = 2
SEQ = 3
SEQ = 3
[DATA] SEQ = 3...
Senderdescheduled
Receiverdescheduled
37
Synchronization
Sender ReceiverSEQ = 1 Initiate
transmission[DATA] SEQ = 1
SEQ = 2
[DATA] SEQ = 2
[DATA] SEQ = 2
SEQ = 3
SEQ = 3
[DATA] SEQ = 3...
Senderdescheduled
Receiverdescheduled
Achievement unlockedSynchronized parties
37
Without synchronization
38
Synchronization
39
Synchronization
39
Synchronization
39
Synchronization
39
Synchronization
C S I : C a c h eCovertly Sending Information
39
Challenges
Cross-VM side channelPrime+Probe
Communication channel
JammingAgreement
SynchronizationEDC
Errorcorrection
SSH
40
Challenges
Cross-VM side channelPrime+Probe
Communication channel
JammingAgreement
SynchronizationEDC
Errorcorrection
SSH
40
Error correction
• Substitution errors can be corrected using forward error correction
• We use wide-spread Reed-Solomon codes• Packets made of symbols
• Symbol size: 12 bits (“RS-word”)• Packet size: 4095 symbols (= 2symbol − 1)
• Packet consists of actual message and error correction symbols
41
Error correction
• Substitution errors can be corrected using forward error correction• We use wide-spread Reed-Solomon codes
• Packets made of symbols• Symbol size: 12 bits (“RS-word”)• Packet size: 4095 symbols (= 2symbol − 1)
• Packet consists of actual message and error correction symbols
41
Error correction
• Substitution errors can be corrected using forward error correction• We use wide-spread Reed-Solomon codes• Packets made of symbols
• Symbol size: 12 bits (“RS-word”)• Packet size: 4095 symbols (= 2symbol − 1)
• Packet consists of actual message and error correction symbols
41
Error correction
• Substitution errors can be corrected using forward error correction• We use wide-spread Reed-Solomon codes• Packets made of symbols
• Symbol size: 12 bits (“RS-word”)
• Packet size: 4095 symbols (= 2symbol − 1)
• Packet consists of actual message and error correction symbols
41
Error correction
• Substitution errors can be corrected using forward error correction• We use wide-spread Reed-Solomon codes• Packets made of symbols
• Symbol size: 12 bits (“RS-word”)• Packet size: 4095 symbols (= 2symbol − 1)
• Packet consists of actual message and error correction symbols
41
Error correction
• Substitution errors can be corrected using forward error correction• We use wide-spread Reed-Solomon codes• Packets made of symbols
• Symbol size: 12 bits (“RS-word”)• Packet size: 4095 symbols (= 2symbol − 1)
• Packet consists of actual message and error correction symbols
41
Error correction
RS codes are a simple matrix multiplication
1 0 0 0
0 1 0 0
0 0 1 0
0 0 0 1
x00 x01 x02 x03
x10 x11 x12 x13
×
d0
d1
d2
d3
=
d0
d1
d2
d3
c0
c1
42
Error correction
RS codes are a simple matrix multiplication
1 0 0 0
0 1 0 0
0 0 1 0
0 0 0 1
x00 x01 x02 x03
x10 x11 x12 x13
×
d0
d1
d2
d3
=
d0
d1
d2
d3
c0
c1
42
Error correction
RS codes are a simple matrix multiplication
1 0 0 0
0 1 0 0
0 0 1 0
0 0 0 1
x00 x01 x02 x03
x10 x11 x12 x13
×
d0
d1
d2
d3
=
d0
d1
d2
d3
c0
c1
42
Error correction
43
Error correction
43
Error correction
43
Error correction
• Better safe than sorry: 10% error-correcting code
• 3686 data symbols and 409 error correction symbols
Data Parity
3686 RS-words 409 RS-words
Data SQN EDC
12 bits 3 bits 4 bits
Data-link layer packet
Physical layer word
Achievement unlockedGetting rid of noise
44
Error correction
• Better safe than sorry: 10% error-correcting code• 3686 data symbols and 409 error correction symbols
Data Parity
3686 RS-words 409 RS-words
Data SQN EDC
12 bits 3 bits 4 bits
Data-link layer packet
Physical layer word
Achievement unlockedGetting rid of noise
44
Error correction
• Better safe than sorry: 10% error-correcting code• 3686 data symbols and 409 error correction symbols
Data Parity
3686 RS-words 409 RS-words
Data SQN EDC
12 bits 3 bits 4 bits
Data-link layer packet
Physical layer word
Achievement unlockedGetting rid of noise
44
Error correction
Comparison of transmission speeds (in kbit/s)
Dial Up
ISDN
GPRS
Amazon EC2 covert channel
EDGE
Native covert channel
3G
56
128
144
362
384
600
1,433
56
45
Error correction
Comparison of transmission speeds (in kbit/s)
Dial Up
ISDN
GPRS
Amazon EC2 covert channel
EDGE
Native covert channel
3G
56
128
144
362
384
600
1,433
56
128
45
Error correction
Comparison of transmission speeds (in kbit/s)
Dial Up
ISDN
GPRS
Amazon EC2 covert channel
EDGE
Native covert channel
3G
56
128
144
362
384
600
1,433
56
128
144
45
Error correction
Comparison of transmission speeds (in kbit/s)
Dial Up
ISDN
GPRS
Amazon EC2 covert channel
EDGE
Native covert channel
3G
56
128
144
362
384
600
1,433
56
128
144
362
45
Error correction
Comparison of transmission speeds (in kbit/s)
Dial Up
ISDN
GPRS
Amazon EC2 covert channel
EDGE
Native covert channel
3G
56
128
144
362
384
600
1,433
56
128
144
362
384
45
Error correction
Comparison of transmission speeds (in kbit/s)
Dial Up
ISDN
GPRS
Amazon EC2 covert channel
EDGE
Native covert channel
3G
56
128
144
362
384
600
1,433
56
128
144
362
384
600
45
Error correction
Comparison of transmission speeds (in kbit/s)
Dial Up
ISDN
GPRS
Amazon EC2 covert channel
EDGE
Native covert channel
3G
56
128
144
362
384
600
1,433
56
128
144
362
384
600
1,433
45
Challenges
Cross-VM side channelPrime+Probe
Communication channel
JammingAgreement
SynchronizationEDC
Errorcorrection
RS-Codes
SSH
46
Challenges
Cross-VM side channelPrime+Probe
Communication channel
JammingAgreement
SynchronizationEDC
Errorcorrection
RS-Codes
SSH
46
SSH
• The covert channel is fast and error free
• We want it to be useful• A remote shell without network access would be really nice...
• Prerequisites: just TCP
47
SSH
• The covert channel is fast and error free• We want it to be useful
• A remote shell without network access would be really nice...
• Prerequisites: just TCP
47
SSH
• The covert channel is fast and error free• We want it to be useful• A remote shell without network access would be really nice...
• Prerequisites: just TCP
47
SSH
• The covert channel is fast and error free• We want it to be useful• A remote shell without network access would be really nice...
• Prerequisites: just TCP
47
SSH
• The covert channel is fast and error free• We want it to be useful• A remote shell without network access would be really nice...
• Prerequisites: just TCP
47
SSH
TCP-over-Cache
Hypervisor
Last Level Cache (LLC)
VM 1 VM 2
Achievement unlockedTCP over anything
48
SSH
TCP-over-Cache
Hypervisor
Last Level Cache (LLC)
VM 1
Covert Channel
Prime+Probe
VM 2
Covert Channel
Prime+Probe
Achievement unlockedTCP over anything
48
SSH
TCP-over-Cache
Hypervisor
Last Level Cache (LLC)
VM 1
Covert Channel
Prime+Probe
File System
VM 2
Covert Channel
Prime+Probe
File System
Achievement unlockedTCP over anything
48
SSH
TCP-over-Cache
Hypervisor
Last Level Cache (LLC)
VM 1
Covert Channel
Prime+Probe
TCP↔File
File System
VM 2
Covert Channel
Prime+Probe
TCP↔File
File System
Achievement unlockedTCP over anything
48
SSH
TCP-over-Cache
Hypervisor
Last Level Cache (LLC)
VM 1
Covert Channel
Prime+Probe
TCP↔File
File System
Socket
VM 2
Covert Channel
Prime+Probe
TCP↔File
File System
Socket
Achievement unlockedTCP over anything
48
SSH
TCP-over-Cache
Hypervisor
Last Level Cache (LLC)
VM 1
Covert Channel
Prime+Probe
TCP↔File
File System
TCP Client(e.g. ssh)
Socket
VM 2
Covert Channel
Prime+Probe
TCP↔File
File System
TCP Server(e.g. sshd)
Socket
Achievement unlockedTCP over anything
48
SSH
TCP-over-Cache
Hypervisor
Last Level Cache (LLC)
VM 1
Covert Channel
Prime+Probe
TCP↔File
File System
TCP Client(e.g. ssh)
Socket
VM 2
Covert Channel
Prime+Probe
TCP↔File
File System
TCP Server(e.g. sshd)
Socket
Achievement unlockedTCP over anything
48
SSH
TCP-over-Cache
Hypervisor
Last Level Cache (LLC)
VM 1
Covert Channel
Prime+Probe
TCP↔File
File System
TCP Client(e.g. ssh)
Socket
VM 2
Covert Channel
Prime+Probe
TCP↔File
File System
TCP Server(e.g. sshd)
SocketAchievement unlockedTCP over anything
48
SSH
SSH between two instances on Amazon EC2
Noise Connection
No noise 3
stress -m 8 on third VM 3
Web server on third VM 3
Web server on all VMs 3
stress -m 1 on server side unstable
Telnet also works with occasional corrupted bytes with stress -m 1
49
SSH
SSH between two instances on Amazon EC2
Noise Connection
No noise 3
stress -m 8 on third VM 3
Web server on third VM 3
Web server on all VMs 3
stress -m 1 on server side unstable
Telnet also works with occasional corrupted bytes with stress -m 1
49
SSH
SSH between two instances on Amazon EC2
Noise Connection
No noise 3
stress -m 8 on third VM 3
Web server on third VM 3
Web server on all VMs 3
stress -m 1 on server side unstable
Telnet also works with occasional corrupted bytes with stress -m 1
49
SSH
SSH between two instances on Amazon EC2
Noise Connection
No noise 3
stress -m 8 on third VM 3
Web server on third VM 3
Web server on all VMs 3
stress -m 1 on server side unstable
Telnet also works with occasional corrupted bytes with stress -m 1
49
SSH
SSH between two instances on Amazon EC2
Noise Connection
No noise 3
stress -m 8 on third VM 3
Web server on third VM 3
Web server on all VMs 3
stress -m 1 on server side unstable
Telnet also works with occasional corrupted bytes with stress -m 1
49
SSH
SSH between two instances on Amazon EC2
Noise Connection
No noise 3
stress -m 8 on third VM 3
Web server on third VM 3
Web server on all VMs 3
stress -m 1 on server side unstable
Telnet also works with occasional corrupted bytes with stress -m 1
49
Challenges
Cross-VM side channelPrime+Probe
Communication channel
JammingAgreement
SynchronizationEDC
Errorcorrection
RS-Codes
SSHTCP Proxy
50
Challenges
Cross-VM side channelPrime+Probe
Communication channel
JammingAgreement
SynchronizationEDC
Errorcorrection
RS-Codes
SSHTCP ProxyAchievement unlocked
Error-free covert channel
50
Conclusion
Black Hat Sound Bytes
Black Hat Sound Bytes.
• Cache covert channels are practical• We can get a noise-free and fast channel, even in the cloud• Noise does not protect against covert channels
51
Try it!
Is my cloud (provider) vulnerable?
https://github.com/IAIK/CJAG 52
Demo
LiveDEMO
53
What you just saw
We extended Amazon’s product portfolio
54
What you just saw
We extended Amazon’s product portfolio
54
What you just saw
We extended Amazon’s product portfolio
54
Hello from the Other Side:SSH over Robust Cache Covert Channels in the Cloud
Michael Schwarz and Manuel WeberMarch 30th, 2017
https://github.com/IAIK/CJAG
55
Bibliography I
References
Boano, Carlo Alberto et al. (2012). “Jag: Reliable and predictable wireless agreement underexternal radio interference”. In: IEEE 33rd Real-Time Systems Symposium (RTSS).
Schwarz, Michael and Anders Fogh (2016). “DRAMA: How your DRAM becomes a security problem”.In: Black Hat Europe 2016.
56