Schneier on Security

Clive Robinson • June 1, 2021 11:54 AM

@ Bruce, ALL,

From the article,

“Besides, there are already a million side channels you can use for cooperative cross-process communication (e.g. cache stuff), on every system. Covert channels can’t leak data from uncooperative apps or systems.

Actually, that one’s worth repeating: Covert channels are completely useless unless your system is already compromised.”

Is one of those ambiguous things. That is “Side Channels”[1] and “Covert Channels”[2] are not just related there is cross over because they have common theoretical foundations.

As for “already compromised” this is a hindsight view point. Both Covert and Side channels exist as a function of communications, they are unavoidable and whilst they can be mitigated, not perfectly so. All you can realy do is reduce the energy and bandwidth of a channel and clock the data such that timing attacks become difficult at best.

This attack in the M1 CPU falls in the “cross over” as most “low down the computing stack” potential attack vectors do. And as with all such channels, we tend to over estimate the difficulty of exploiting them, untill somebody does so and goes public with a proof of concept or an exploit they have found in use by others.

The real question people should ask is “What did Apple do to the ARM design that made this channel available?” Then they should look carefully around it, for other channels, because “Where there is one roach there is usually a family of roaches”.

[1] Side channels are usually considered to be artifacts of the system hardware, but they can also be artifacts of RTL, Microcode, and the general architecture and some such as RowHammer can be artifacts of layers below the logic gate level. Some such ad those to do with power subsystems within a chip do not need any co-operation to get “off chip” (PSU noise modulating WiFi or similar envelope). Others might require external signals to be injected and carry data out via cross modulation of the illumination signal. As you work your way up the computing stack, you eventually reach the CPU level, which is where “software security” starts and traditional malware compromise becomes possible. However there are “reach around” attacks, where user level software whilst staying well within the bounds of software security can inject signals at a lower level, RowHammer being just one of several. For instance the AES cache timing attack worked quite happily across not just a LAN but also across a WAN. Likewise the detecting of CPU XTAL clock drift due to power factors via TCP Time Stamps worked across the Internet.

[2] Covert Channels originated from the work of Butler Lampson and became public way back in 1973. Originally defined as Shannon channels that existed that were “not intended for information transfer at all, such as the service program’s effect on system load”. Obviously such Shannon Channels are an integral side effect of any active,

1, Communications
2, Storage
3, Processing

Of information, much as we would expect of “inefficiency” in any “work” process releases energy.

A further qualification to distinguish Covert Channels from legitimate channels, was that their ability to communicate are not subject to the access controls available by the system security processes. Now into six decades later the term has been subject to further changes.

[3] Subliminal Channels are a subset of Covert Channels[2] They were found by Gustavus Simmons just over a decade later than covert channels in mathmatical crypto systems such as digital signitures in 1984. He realised that not only can subliminal channels can exist but that they can be used to communicate secretly in normal looking communication over an other Shannon Channel.

[4] The Shannon Channel arises from work by Claude Shannon back before 1948 into what is often called the noisy-channel coding theorem or Shannon’s limit theorm which forms one of the fundemental axioms of information theory and communications science and engineering. Whilst based in part on earlier work and ideas of Harry Nyquist and Ralph Hartley, it provided a significant step forward. Shannon came up with an idealised communications channel that provides a fundemental model for communications in a medium susceptible to Additive White Gaussian Noise (AWGN) in amplitude, phase, frequency, sequency etc, with a data source encoding transmitter at one end of the medium and decoding receiver at the data sink end of the medium. Like the other channels described here it hase been augmented in various ways over the years, but still remains a fundemental building block.