GPU.zip: On the Side-Channel Implications of Hardware-Based Graphical Data Compression
Yingchen Wang, Riccardo Paccagnella, Zhao Gang, Willy R. Vasquez, David Kohlbrenner, Hovav Shacham
IEEE Symposium on Security and Privacy 2024 · Day 3 · Continental Ballroom 5
The talk "GPU.zip: On the Side-Channel Implications of Hardware-Based Graphical Data Compression" by Yingchen Wang and colleagues introduces a novel and insidious form of side-channel attack that exploits hardware-based graphical data compression within modern GPUs. This work challenges long-held assumptions about the visibility and mitigability of compression side channels, revealing a new frontier for privacy and security vulnerabilities. Unlike traditional compression side channels, which typically target software-visible and well-documented compression algorithms, GPU.zip focuses on a type of compression that operates silently within the GPU's microarchitecture, is entirely transparent to software, and whose algorithms are proprietary and undocumented by vendors.
AI review
This is a critical piece of research exposing a fundamental, unaddressed hardware-level side channel in modern GPUs. The team's work reverse-engineering proprietary compression algorithms and demonstrating an end-to-end pixel-stealing attack bypassing SOP is top-tier. It highlights a "missing hardware-software contract" that demands immediate attention from vendors and security architects.