The "Prime+Probe" technique is a cache side-channel attack method that can detect which cache sets are accessed by the target and then use that to infer potentially valuable information, according to a research paper published by Ben-Gurion University of the Negev, the University of Adelaide and the University of Michigan. The researchers have successfully tested this technique on a wide range of platforms, including Apple’s recently introduced M1 chip.
The researchers show that the technique is architecturally agnostic, "resulting in microarchitectural website fingerprinting attacks that work across hardware platforms, including Intel Core, AMD Ryzen, Samsung Exynos, and Apple M1 architectures," researchers state.
The researchers evaluated their technique in hardened browser environments, including the Tor browser, DeterFox and Chrome Zero, and confirmed that none of these approaches defended against their attacks.
"We further argue that the protections of Chrome Zero need to be more comprehensively applied, and that the performance and user experience of Chrome Zero will be severely degraded if this approach is taken," the researchers note.
The researchers shared a draft of their paper with the product security teams of Intel, AMD, Apple, Chrome and Mozilla prior to publication.
"We show that advanced variants of the cache contention attack allow Prime+Probe attacks to be mounted through the browser in extremely constrained situations," the researchers state. "Cache attacks cannot be prevented by reduced timer resolution, by the abolition of timers, threads, or arrays, or even by completely disabling scripting support. This implies that any secret-bearing process which shares cache resources with a browser connecting to untrusted websites is potentially at risk of exposure."
In June 2020, researchers from Ben-Gurion University of the Negev and the Weizmann Institute of Science in Israel described another side-channel attack technique that could enable hackers to eavesdrop on a conversation by tracking vibrations in a hanging lightbulb (see: Hackers Can Use Lightbulbs to Eavesdrop: Study).
The technique, which the researchers call "Lamphone," works by intercepting the vibrations in a hanging lightbulb caused by the changing air pressure created by sound.