Security threat

News

An independent researcher has found a security flaw in Intel's Hyper-Threading Technology.

Colin Percival claims that Hyper-Threading, as currently implemented on Intel Pentium Extreme Edition, Pentium 4, Mobile Pentium 4, and Xeon processors, suffers from a flaw that permits local information disclosure, including allowing an unprivileged user to steal an RSA private key being used on the same machine.

The sharing of the execution resources of a superscalar processor between multiple execution threads has recently become widespread in Intel processors under the name Hyper-Threading. In this implementation, for reasons of efficiency and economy of processor area, the sharing of processor resources between threads extends beyond the execution units - the threads also share access to the memory caches.

Percival has demonstrated that this shared access to memory caches not only provides an easily used high bandwidth channel between threads, but also permits a malicious thread (operating, in theory, with limited privileges) to monitor the execution of another thread, allowing in many cases for theft of the cryptographic keys.

Register now to continue reading

Thanks for visiting The Engineer. You’ve now reached your monthly limit of news stories. Register for free to unlock unlimited access to all of our news coverage, as well as premium content including opinion, in-depth features and special reports.  

Benefits of registering

  • In-depth insights and coverage of key emerging trends

  • Unrestricted access to special reports throughout the year

  • Daily technology news delivered straight to your inbox

Register
Or continue by

Signing in with your registered email address