The Security Risks of Power Measurements in Multicores

Two of the main goals of power management in modern multicore processors are reducing the average power dissipation and delivering the maximum performance up to the physical limits of the system, when demanded. To achieve these goals, hardware manufacturers and operating system providers include sophisticated power and performance management systems, which require detailed information about the current processor state. For example, Intel processors offer the possibility to measure the power dissipation of the processor. In this work, we are evaluating whether such power measurements can be used to establish a covert channel between two isolated applications on the same system; the power covert channel. We present a detailed theoretical and experimental evaluation of the power covert channel on two platforms based on Intel processors. Our theoretical analysis is based on detailed modelling and allows us to derive a channel capacity bound for each platform. Moreover, we conduct an extensive experimental study under controlled, yet realistic, conditions. Our study shows, that the platform dependent channel capacities are in the order of 2000 bps and that it is possible to achieve throughputs of up to 1000 bps with a bit error probability of less than 15%, using a simple implementation. This illustrates the potential of leaking sensitive information and breaking a systems security framework using a covert channel based on power measurements.