Researchers warned earlier this year that side-channel attacks, such as Spectre, wouldn't go away unless companies like Intel made serious changes to their CPU architectures. That doesn't mean these attacks can't be defended against, though, and an Intel-funded research group at the Georgia Institute of Technology has created a circuit that's much better at withstanding such attacks.
As reported by IEEE Spectrum this week, the college that would probably rather not be abbreviated to GIT has been working on this problem for a while. GIT School of Electrical and Computer Engineering professor Saibal Mukhopadhyay has led a team on this project since late 2015. That team published a paper on its efforts in 2017, released another one in November 2018 and then presented its work at the IEEE International Solid State Circuit Conference (ISSCC) in February.
“Any [encryption key] can eventually be broken if you have the computer work on it long enough, but the key is to make it take so long that it’s not worth it,” Mukhopadhyay told IEEE Spectrum. “Making it take 20 minutes instead of one minute, isn’t that exciting. But when you can get to several days or a week, it gets interesting.” That's exactly what the team's circuit is supposed to do: make breaking encryption keys take too long to be worth it.
IEEE Spectrum reported that Mukhopadhyay and team's circuit "uses an all-digital version of a traditionally analog low-dropout voltage regulator to power 128-bit encryption engines." Those engines then "injected noise into the chip's emissions and scrambled the timing of outputs." This is said to make sniffing the encryption key from the circuit take as much as 3,579 times as long as it would take to sniff it out from the circuits used today.
Intel reportedly funded the GITs' work and was a "close collaborator," frequently visiting the campus and letting students visit its offices. That investment makes sense--the company needs to find a way to mitigate the vulnerability of its chips to side-channel attacks without drastically impacting performance. We wouldn't be surprised if Intel is working with other research groups at other colleges to find additional solutions to the problem.
The problem is making sure any solutions work in the real world instead of the controlled environment of a research facility.
"You can lock a chip in a room and make sure no one comes near it, or you can add the noise of 1,000 redundant tasks and kill the battery in 15 minutes," Mukhopadhyay told IEEE Spectrum. "Both of those would keep it secure but they’re not realistic in the real world.” (Linux creator Linus Torvalds has made a similar point.)
Which means the best part of this circuit is that it's said to incur a performance overhead of just 10 percent. That might not seem great--most people would rather not have to worry about security measures impacting performance in their shiny new processors--but it's significantly better than previous side-channel attack mitigations. No wonder Intel's interested.
