Thermal Covert Channels on Multi-core Platforms

TL;DR

This paper reveals that thermal side channels can bypass strong resource partitioning on multi-core platforms, enabling covert communication and process detection despite existing isolation techniques.

Contribution

It demonstrates for the first time that thermal channels can be exploited for covert communication and side-channel attacks on multi-core systems with strong isolation.

Findings

Thermal covert channels can transmit data at up to 12.5 bps.

Thermal side channels can detect processes on neighboring cores.

Strong spatial and temporal partitioning does not prevent thermal side-channel attacks.

Abstract

Side channels remain a challenge to information flow control and security in modern computing platforms. Resource partitioning techniques that minimise the number of shared resources among processes are often used to address this challenge. In this work, we focus on multi-core platforms and we demonstrate that even seemingly strong isolation techniques based on dedicated cores and memory can be circumvented through the use of thermal side channels. Specifically, we show that the processor core temperature can be used both as a side channel as well as a covert communication channel even when the system implements strong spatial and temporal partitioning. Our experiments on an x86-based platform demonstrate covert thermal channels that achieve up to 12.5 bps and a weak side channel that can detect processes executed on neighbouring cores. This work therefore shows a limitation in the isolation that can be achieved on existing multi-core systems.