Filters








2,290 Hits in 4.4 sec

A Survey of Microarchitectural Side-channel Vulnerabilities, Attacks and Defenses in Cryptography [article]

Xiaoxuan Lou, Tianwei Zhang, Jun Jiang, Yinqian Zhang
2021 arXiv   pre-print
Side-channel attacks have become a severe threat to the confidentiality of computer applications and systems.  ...  In this paper, we systematize microarchitectural side channels with a focus on attacks and defenses in cryptographic applications.  ...  More analyses of secure cache architectures have been done using computation tree logic [56] , three-step model [57] , attack graphs [203] , and neural networks [237] .  ... 
arXiv:2103.14244v1 fatcat:u35eyivqbngplfa4qrswfsqqti

KLEESPECTRE: Detecting Information Leakage through Speculative Cache Attacks via Symbolic Execution [article]

Guanhua Wang, Sudipta Chattopadhyay, Arnab Kumar Biswas, Tulika Mitra, Abhik Roychoudhury
2019 arXiv   pre-print
Our tool KLEESPECTRE, built on top of the KLEE symbolic execution engine, can thus provide a testing engine to check for the data leakage through cache side-channel as shown via Spectre attacks.  ...  Spectre attacks disclosed in early 2018 expose data leakage scenarios via cache side channels.  ...  Cache modeling in KLEESPECTRE : KLEESPECTRE computes the set of memory access sequences that are potentially vulnerable to a cache side-channel attack.  ... 
arXiv:1909.00647v1 fatcat:uq7yxwxrsvgw3poqee77lspfhe

Statistical Model Checking for Hyperproperties [article]

Yu Wang, Siddhartha Nalluri, Borzoo Bonakdarpour, Miroslav Pajic
2020 arXiv   pre-print
To show the effectiveness of our technique, we evaluate our SMC algorithms on four case studies focused on information security: timing side-channel vulnerability in encryption, probabilistic anonymity  ...  Unlike exhaustive model checking, SMC works based on drawing samples from the system at hand and evaluate the specification with statistical confidence.  ...  Side-channel Vulnerability Timing side-channel attacks are possible if an attacker can infer the secret values, which are set at the second step of an execution, by observing the execution time of a program  ... 
arXiv:1902.04111v5 fatcat:fgunbs5r4ndjphxmhjguuo6ram

Security-first architecture: deploying physically isolated active security processors for safeguarding the future of computing

Dan Meng, Rui Hou, Gang Shi, Bibo Tu, Aimin Yu, Ziyuan Zhu, Xiaoqi Jia, Peng Liu
2018 Cybersecurity  
The Active Security Processors are provided with dedicated channels to access all the resources of the Computation Processors but not vice versa.  ...  Some vulnerabilities are difficult to remove without significant performance impact because performance and security can be conflicting with each other.  ...  First, cache is often the target of attacks. Exploiting the time difference between cache miss and hit, side channel attacks (Liu et al. 2015) can successfully speculate code paths.  ... 
doi:10.1186/s42400-018-0001-z fatcat:o5bmborpbzffnerexmsja4bwvu

PoisonIvy: Safe speculation for secure memory

Tamara Silbergleit Lehman, Andrew D. Hilton, Benjamin C. Lee
2016 2016 49th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO)  
This work presents PoisonIvy, a mechanism which speculatively uses data before its integrity has been verified while preserving security and closing address-based side-channels.  ...  Encryption and integrity trees guard against physical attacks, but harm performance.  ...  PoisonIvy protects against this new timing side-channel attack with a Timing Poison (TP) bit.  ... 
doi:10.1109/micro.2016.7783741 dblp:conf/micro/LehmanHL16 fatcat:vsdc4murjrazxnqefzuko3a3bu

A Survey on Hardware Vulnerability Analysis Using Machine Learning

Zhixin Pan, Prabhat Mishra
2022 IEEE Access  
Specifically, we discuss how existing approaches effectively utilize machine learning algorithms for hardware security verification using simulation-based validation, formal verification as well as side-channel  ...  A typical SoC consists of diverse components gathered from third-party vendors to reduce SoC design cost and meet time-to-market constraints.  ...  An example cache-based side channel attack.  ... 
doi:10.1109/access.2022.3173287 fatcat:yri7ggwdnjffzmpgojiuvr54ta

New models of cache architectures characterizing information leakage from cache side channels

Tianwei Zhang, Ruby B. Lee
2014 Proceedings of the 30th Annual Computer Security Applications Conference on - ACSAC '14  
In this paper, we propose a novel method to evaluate a system's vulnerability to side-channel attacks. We establish side-channel leakage models based on the non-interference property.  ...  We use mutual information to quantitatively reveal potential side-channel leakage of the architectures, and allow comparison of these architectures for their relative vulnerabilities to side-channel attacks  ...  , and using a model-checking tool for quantitative characterization of the systems' side-channel vulnerabilities; • Verifying our cache security models and their relative side-channel vulnerabilities with  ... 
doi:10.1145/2664243.2664273 dblp:conf/acsac/ZhangL14 fatcat:b5bdogfuejcwfoesfbdxqgl4mu

Lucky 13 Strikes Back

Gorka Irazoqui, Mehmet Sinan Inci, Thomas Eisenbarth, Berk Sunar
2015 Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security - ASIA CCS '15  
In fact, the new side channel is significantly more accurate, thus yielding a much more effective attack. We briefly survey prominent cryptographic libraries for this vulnerability.  ...  Our version of the attack exploits distinguishable cache access times enabled by VM deduplication to detect dummy function calls that only happen in case of an incorrectly CBC-padded TLS packet.  ...  Cache Side channel attacks. Cache based side channel attacks have been widely studied over the last two decades.  ... 
doi:10.1145/2714576.2714625 dblp:conf/ccs/ApececheaIES15 fatcat:wdfl4jazofas7j5vp2chs7jjcq

Side-Channel Evaluation Methodology on Software

Sylvain Guilley, Khaled Karray, Thomas Perianin, Ritu-Ranjan Shrivastwa, Youssef Souissi, Sofiane Takarabt
2020 Cryptography  
Many certification schemes, such as Common Criteria and FIPS 140, continue without addressing side-channel flaws.  ...  Cryptographic implementations need to be robust amidst the widespread use of crypto-libraries and attacks targeting their implementation, such as side-channel attacks (SCA).  ...  Introduction Many papers deal with side-channel attacks ( [1] [2] [3] [4] ).  ... 
doi:10.3390/cryptography4040027 fatcat:cmdy3ij6nzgrpe3b6avfvjwniq

Authenticated storage using small trusted hardware

Hsin-Jung Yang, Victor Costan, Nickolai Zeldovich, Srinivas Devadas
2013 Proceedings of the 2013 ACM workshop on Cloud computing security workshop - CCSW '13  
Our design achieves high performance by parallelizing server-side authentication operations and permitting the untrusted server to maintain caches and schedule disk writes, while enforcing precise crash  ...  A major security concern with outsourcing data storage to thirdparty providers is authenticating the integrity and freshness of data.  ...  memory (the tree cache), in which the data stored is vulnerable to power loss.  ... 
doi:10.1145/2517488.2517494 dblp:conf/ccs/YangCZD13 fatcat:jzxoep3dzvbjdovtsvr72zoari

Implementation of a Memory Disclosure Attack on Memory Deduplication of Virtual Machines

Kuniyasu SUZAKI, Kengo IIJIMA, Toshiki YAGI, Cyrille ARTHO
2013 IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences  
This paper indicates that the attack includes implementation issues caused by memory alignment, self-reflection between page cache and heap, and run-time modification (swap-out, anonymous pages, ASLR,  ...  The covert channel is a difference in write access time on deduplicated memory pages that are re-created by Copy-On-Write, but it has some interferences caused by execution environments.  ...  The cross-VM side channel attack monitors behavior of the shared cache.  ... 
doi:10.1587/transfun.e96.a.215 fatcat:3ul2z334gjha5aitrldqrp7zsa

Hardware and Security [chapter]

Gedare Bloom, Eugen Leontie, Bhagirath Narahari, Rahul Simha
2012 Handbook on Securing Cyber-Physical Critical Infrastructure  
Side-channel analysis performs well against large modifications, but small Trojan circuits can hide in the noise of the side-channel.  ...  A dedicated hardware accelerator for cryptographic primitives can outperform most software implementations and can reduce the likelihood of side-channel vulnerabilities.  ... 
doi:10.1016/b978-0-12-415815-3.00012-1 fatcat:usk6j5webjdytjmtjublkukjve

Memory deduplication as a threat to the guest OS

Kuniyasu Suzaki, Kengo Iijima, Toshiki Yagi, Cyrille Artho
2011 Proceedings of the Fourth European Workshop on System Security - EUROSEC '11  
Such an attack takes advantage of a difference in write access times on deduplicated memory pages that are re-created by Copy-On-Write.  ...  It is effective on environments that run many virtual machines with the same operating system.  ...  That cross-VM side channel attack also has strong restrictions, but it only accesses the physical cache assigned to a VM.  ... 
doi:10.1145/1972551.1972552 dblp:conf/eurosec/SuzakiIYA11 fatcat:ehnexy3mfbbudpxrd4ymotawna

The DEEPSEC Prover [chapter]

Vincent Cheval, Steve Kremer, Itsaka Rakotonirina
2018 Lecture Notes in Computer Science  
We performed experiments with and without this optimisation: for example, protocols requiring more than 12 h of computation time without POR can be verified in less than a second.  ...  The use of symbolic verification techniques, in the line of the seminal work by Dolev and Yao [19] , has proven its worth in discovering logical vulnerabilities or proving their absence.  ... 
doi:10.1007/978-3-319-96142-2_4 fatcat:vv7xzkd7mzekngvefueu2ihp24

PASCAL: Timing SCA Resistant Design and Verification Flow [article]

Xinhui Lai, Maksim Jenihhin, Jaan Raik, Kolin Paul
2020 arXiv   pre-print
We propose an approach/flow-PASCAL-that works on RTL designs and discovers potential Timing Side-Channel Attack(SCA) vulnerabilities in them.  ...  The insertion of a lightweight Compensator Block as balancing or compliance FSM removes the timing channel with minimum modifications to the design with no impact on the clock cycle time or combinational  ...  Deng et. al. have proposed a Computation Tree Logic to model execution paths of the processor cache logic and derive formulas for paths that can lead to timing side-channel vulnerabilities [10] .  ... 
arXiv:2002.11108v2 fatcat:2q4grzutfbh2zjr7yvd53oslpi
« Previous Showing results 1 — 15 out of 2,290 results