Academics Discover New CPU Side-Channel Attack Named BranchScope




A team of academics from four US universities have discovered a new side-channel attack that takes advantage of the speculative execution feature in modern processors to recover data from users' CPUs.


Speculative execution is the same CPU function exploited by the Meltdown and Spectre flaws disclosed at the start of the year, but the attack researchers found is different from previous flaws, as it attacks a new section of the speculative execution process.


Researchers named this new technique BranchScope because it attacks the "branch prediction" operation —which is the same part of a CPU speculative execution process that the Spectre variant 2 (CVE-2017-5715) vulnerability also targets.


To understand how modern CPUs use speculative execution and branch prediction, there's an explanation at the 00:35 mark in this Intel video below.



As the video explains, branch prediction is the phase when a CPU decides what operation to compute in advance, in its attempt to predict the outcome of a computer process, as part of the speculative execution optimization feature.

BranchScope is very similar to Spectre variant 2

The BranchScope technique allows attackers to make this decision instead of the CPU (similar to the "flag person" example from the video above).


This way, attackers can direct speculative execution in certain areas of the CPU memory and extract information that would have been previously inaccessible.


The entire BranchScope vulnerability is eerily identical to how Spectre variant 2 works. But while Spectre variant 2 targeted the Branch Target Buffer, a cache component for branch prediction operations, BranchScope attacks the "directional branch predictor," a process that decides what "speculative" operations to execute (aka what branches to take).

BranchScope sucessfully tested against Intel CPUs

Academics say that BranchScope is the first side-channel attack that targets "direction prediction" and that the technique can also be used to retrieve content stored inside SGX enclaves, secure areas of Intel CPUs, previously thought to be untouchable.


The research team also tested their technique in field tests and said they successfully retrieved data from three recent Intel x86_64
processors — Sandy Bridge, Haswell, and Skylake. The team said the attack can be launched from user space (no admin rights) and has an error rate of less than 1%.


Researchers also say that because this is a novel attack, there are no mitigations currently in place for BranchScope attacks. Spectre patches (meant to fix TBT-based attacks) are ineffective against BranchScope.


Patching BranchScope shouldn't be a problem, though, as researchers say that both software and hardware-level mitigations can be applied, both detailed in their work.


The research paper describing this new side-channel attack is entitled "BranchScope: A New Side-Channel Attack on Directional Branch Predictor," [1, 2] and will be presented tomorrow at the 23rd ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS 2018).


Besides Meltdown, Spectre, and now BranchScope, other side-channel attacks recently discovered include SgxSpectre, MeltdownPrime and SpectrePrime.