000016369 - Remediation for FLUSH+RELOAD Attack on RSA BSAFE

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000016369
Applies ToBSAFE C Toolkit
BSAFE Java Toolkit
x86 Processor
Cause

Flush+Reload is a potential cache side-channel attack that monitors access to data in shared pages.


The Flush+Reload attack is a variant of the Prime+Probe attack that relies on sharing pages between the attacker and the victim programs.  With shared pages, the attacker program can ensure that a specific memory line is evicted from the whole cache hierarchy.  The attacker uses this to monitor access to the memory line.


In order to exploit this vulnerability, the attacker must have access to the machine (in order to run a process) and the attack is only successful when the machine uses an Intel x86 processor.


For more information, refer to the document entitled "Flush+Reload: a High Resolution, Low Noise, L3 CacheSide-Channel Attack"

Resolution

The BSAFE toolkits are not susceptible to the specific vulnerability described in CVE-2014-0076.  However, after further investigation, it appears that the BSAFE toolkits may be potentially vulnerable to a specially crafted attack that is similar to the Flush+Reload side-channel attack.  At this time, there are no known workarounds or fix for the BSAFE toolkits to mitigate against any attack that might be similar to the Flush+Reload side-channel attack.  RSA is targeting to remediate this issue in the CCME 4.5 and Crypto-J 6.2 releases and will update the support team periodically of any changes

Legacy Article IDa65295

Attachments

    Outcomes