Send email Copy Email Address

2021-12-08
Annabelle Theobald

Tool automatically detects information leaks

The software tool Osiris automatically searches for so-called side channels in microprocessors that unintentionally reveal information and thus enable attackers to steal data. The program to combat attacks such as Spectre or Meltdown was developed by Daniel Weber from Saarland, who works as a research assistant on the team of CISPA faculty member Dr. Michael Schwarz. The 25-year-old presented his paper "Osiris: Automated Discovery of Microarchitectural Side Channels" at the renowned IT conference USENIX. His idea also won 3rd place in the Applied Research Competition at the IT Security Conference CSAW.
Research articles

Guaranteeing the security of private data has always been a major challenge for IT security researchers. This grew even bigger when researchers discovered vulnerabilities in microprocessors (CPUs) a few years ago that make powerful attacks on computer chips possible. "Through so-called side channels, which unintentionally leak information such as the calculation times of tasks, attackers can draw conclusions about passwords, credit card numbers, and other sensitive data - even without having physical access to the computer," explains CISPA researcher Daniel Weber. Such information leaks open up within program sequences and are a consequence of the performance-optimized design of modern CPUs. Detecting possible side channels has been very time-consuming until now and requires deep knowledge of the microarchitecture of the respective computer.

"Osiris can make the work of CPU manufacturers and security researchers easier in the future when searching for side channels.  The tool automatically reveals ways in which information is involuntarily leaked from processes. Information leaks can be detected and closed more quickly with this knowledge," explains Daniel Weber. Together with his team and under the guidance of CISPA faculty Dr. Michael Schwarz and Prof. Dr. Christian Rossow, Weber was able to use the tool to reveal not only already known but also four previously unknown side channels in Intel and AMD processors. The researchers demonstrated the practical relevance of these side channels in three different attack scenarios.

To test where and when the problematic channels open up, Osiris automatically sends machine instructions to the CPU. "Depending on the microprocessor in question, this currently takes between three and four days per computer," Weber explains. Until now, IT security experts themselves had to spend days studying the CPU manufacturers' documentation on the possible commands to the CPU and manually test when problems arise. According to Weber, Osiris can be used immediately and requires no hardware adjustments.

Weber's idea was also well received at the CSAW IT conference, which claims to be "the most comprehensive student-organized cybersecurity event in the world. CSAW tries to bridge the gap between academia and industry." Accordingly, the "Applied Research Competition," one of several cybersecurity competitions in which security researchers compete at CSAW, also awards prizes only to ideas that can be practically implemented. "I am pleased that Osiris was well received by the jury."

translated by Oliver Schedler