Don't Mesh Around: Side-Channel Attacks and Mitigations on Mesh Interconnects

Authors: 

Miles Dai, MIT; Riccardo Paccagnella, University of Illinois at Urbana-Champaign; Miguel Gomez-Garcia, MIT; John McCalpin, Texas Advanced Computing Center; Mengjia Yan, MIT

Abstract: 

This paper studies microarchitectural side-channel attacks and mitigations on the on-chip mesh interconnect used in modern, server-class Intel processors. We find that, though difficult to exploit, the mesh interconnect can be abused by an adversary even when known attack vectors inside the cores and caches are closed. We then present novel, non-invasive mitigation mechanisms to interconnect side-channel attacks and offer insights to guide the design of future defenses.

Our analysis starts by thoroughly reverse engineering the mesh interconnect to reveal, for the first time, the precise conditions under which it is susceptible to contention. We show that an attacker can use these conditions to build a cross-core covert channel with a capacity of over 1.5 Mbps. We then demonstrate the feasibility of side-channel attacks that leak keys from vulnerable cryptographic implementations by monitoring mesh interconnect contention. Finally, we present an analytical model to quantify the vulnerability levels of different victim and attacker placements on the chip and use the results to design a software-only mitigation mechanism.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {281426,
author = {Miles Dai and Riccardo Paccagnella and Miguel Gomez-Garcia and John McCalpin and Mengjia Yan},
title = {Don{\textquoteright}t Mesh Around: {Side-Channel} Attacks and Mitigations on Mesh Interconnects},
booktitle = {31st USENIX Security Symposium (USENIX Security 22)},
year = {2022},
isbn = {978-1-939133-31-1},
address = {Boston, MA},
pages = {2857--2874},
url = {https://www.usenix.org/conference/usenixsecurity22/presentation/dai},
publisher = {USENIX Association},
month = aug,
}

Presentation Video