PortSmash Exploits Hyper-Threading to Steal Encrypted Data
Security researchers have discovered a secondary channel attack called PortSmash that affects Intel chips and could allow attackers to access encrypted data processed by a computer’s processor.
The new side channel vulnerability is based on Intel’s Hyper-Threading technology, which is the implementation of the Simultaneous MultiThreading (SMT) mode.
In addition, the researchers said they informed Intel of the vulnerability in early October, the day of the release of the proof-of-concept code on Github, to show how the attack on the Intel, Skylake and Kaby Lake architectures would work.
For PortSmash to work, the malicious code must be running on the same processor as the target computer. The Brumley team has not tested PortSmash on AMD processors, but it is expected to determine if the same type of attack on Ryzen processors can be launched in the future.
Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data