Collide+Power: Discovery of a Side-Channel CPU Attack Method with Unprecedented Scope

Security researchers have unveiled a new side-channel attack method, named Collide+Power, that they claim could theoretically compromise nearly any modern central processing unit (CPU).

Some members of the team, which includes researchers from the Graz University of Technology in Austria and the CISPA Helmholtz Center for Information Security in Germany, were also part of previous investigations that discovered the notorious Spectre and Meltdown vulnerabilities.

Collide+Power is a software-based attack that can be used against devices powered by Intel, AMD or Arm processors, virtually covering the spectrum of contemporary systems. Notably, the attack can be leveraged against any application and data type. Although its rate of successful execution is high, the researchers highlight that its impracticality and slow leakage rate make it unlikely to become a prevalent threat any time soon.

Collide+Power isn't strictly a processor vulnerability, the researchers explain. Rather, it takes advantage of the fact that certain CPU components are designed to share data across different security domains. This allows attackers to merge their data with user application data. An unauthorized actor could use malware to launch the Collide+Power attack to obtain sensitive data, including encryption keys or passwords.

Collide+Power also has an intriguing side-effect: it enhances the signals of other side-channel attacks, such as PLATYPUS and Hertzbleed.

"Previous software-based power side-channels attacks like PLATYPUS and Hertzbleed target cryptographic implementations and require precise knowledge of the algorithm or victim program executed on the target machine," the researchers explained. "In contrast, Collide+Power targets the CPU memory subsystem, which abstracts the precise implementation away as all programs require the memory subsystem in some way. Furthermore, any signal reflecting the power consumption can be used due to the fundamental physical power leakage exploited by Collide+Power."

Despite these revelations, the real-world potential of the Collide+Power attack is limited by a slow data leakage rate. In one of their experiments, the researchers achieved a data leakage rate of 4.82 bits per hour.

This outcome was observed in a situation where an attacker could read the power consumption of the CPU directly via the Running Average Power Limit (RAPL) interface. However, even in this scenario, an attacker would need to run the attack for several hours to obtain a password and several days to extract an encryption key.

The researchers noted that, under exceptional circumstances, such as the key or password being present in a cache line multiple times, the data leakage rate could increase significantly, reaching up to 188 bits per hour. Despite this, a real-life attack simulation significantly reduced the data leakage rate. In fact, with throttling, it would take more than a year to extract a single bit of data. This experiment further highlights the current low practical risk posed by the Collide+Power attack method.

Despite its limitations, the discovery of the Collide+Power attack sets the stage for future research. In response to the findings, chip manufacturers have already begun issuing security advisories, and a specific vulnerability, registered as CVE-2023-20583, has been identified for AMD processors.