A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Filters
Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory
2017
USENIX Security Symposium
Preserved Fulltext
We address this problem with Cloak, a new technique that uses hardware transactional memory to prevent adversarial observation of cache misses on sensitive code and data. ...
We show that Cloak provides strong protection against all known cache-based side-channel attacks with low performance overhead. ...
Cloak enables the efficient retrofitting of existing algorithms with strong cache side-channel protection. ...
dblp:conf/uss/GrussLSOHC17
fatcat:uslqlslklzh33pn5hbb43isouu
Strongly Secure and Efficient Data Shuffle On Hardware Enclaves
[article]
2017
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Mitigating memory-access attacks on the Intel SGX architecture is an important and open research problem. ...
In the system building, we propose software techniques to prefetch memory data prior to the TSX transaction to defend the physical bus-tapping attacks. ...
a dirty line means the line stay present in the cache, implying a cache hit upon a memory request. the untrusted OS. is work uses TSX for detecting cache-misses and for defending side-channel a acks. ...
arXiv:1711.04243v1
fatcat:duvcrbso3jf2lpfkobbuc7ybdm
Cape: compiler-aided program transformation for HTM-based cache side-channel defense
2022
Proceedings of the 31st ACM SIGPLAN International Conference on Compiler Construction
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Prior work called Cloak leverages commodity hardware transactional memory (HTM) to protect sensitive data and code from cache side-channel attacks. ...
This paper presents Cape, a compiler analysis and transformation that soundly and automatically protects programs from cache side-channel attacks using Cloak's defense. ...
This work was supported by NSF grants XPS-1629126, CAREER-1253703, and CCF-1421612. ...
doi:10.1145/3497776.3517778
fatcat:emrlfxgmvfcwriyn5vo6e4m7y4
CURE: A Security Architecture with CUstomizable and Resilient Enclaves
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Third, their protection against cache side-channel attacks is either an afterthought or impractical, i.e., no fine-grained mapping between cache resources and individual enclaves is provided. ...
We implemented CURE on a RISC-V-based SoC and thoroughly evaluated our prototype in terms of hardware and performance overhead. ...
Acknowledgments We thank our anonymous reviewers for their valuable and constructive feedback. This work was funded by the Deutsche Forschungsgemeinschaft (DFG) -SFB 1119 -236615297. ...
arXiv:2010.15866v1
fatcat:fggaxnplzrejhiejnqeqpm3c2a
Hardware/Software Obfuscation against Timing Side-channel Attack on a GPU
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
In this paper, a series of hardware/software countermeasures are proposed to obfuscate the memory timing side channel, making the GPU more resilient without impacting performance. ...
As multiple concurrent GPU memory requests can refer to the same cache block, the coalescing unit collapses them into a single memory transaction. ...
Therefore, to protect a GPU from a side-channel attack, we should try to reduce the SNR. ...
arXiv:2007.16175v1
fatcat:oyuvuw3kbffd5kb2mpzveuyb5y
Processor Hardware Security Vulnerabilities and their Detection by Unique Program Execution Checking
[article]
2018
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Recent discovery of security attacks in advanced processors, known as Spectre and Meltdown, has resulted in high public alertness about security of hardware. ...
method called "Unique Program Execution Checking" which detects and locates vulnerabilities to covert channels systematically, including those to covert channels unknown so far. ...
The reported research was partly supported by BMBF KMU-Innovativ 01IS17083C (Proforma) and by DARPA. ...
arXiv:1812.04975v1
fatcat:rlrjzmclinh43h72u6y3tt6la4
An Off-Chip Attack on Hardware Enclaves via the Memory Bus
[article]
2019
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
We introduce three techniques, critical page whitelisting, cache squeezing, and oracle-based fuzzy matching algorithm to increase cache misses for memory accesses that are useful for the attack, with no ...
First, DRAM requests are only visible on the memory bus at last-level cache misses. ...
Acknowledgments We thank our shepherd, Daniel Genkin, and the anonymous reviewers for their insightful comments. We thank Krste Asanović and Martin Maas for sharing their ideas. ...
arXiv:1912.01701v1
fatcat:nj6kipl65zewtd4tn6x6p6gzse
Detecting Privileged Side-Channel Attacks in Shielded Execution with Déjà Vu
2017
Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security - ASIA CCS '17
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
of transactional memory. ...
For instance, it has been shown that by changing page table entries of memory pages used by shielded execution, a malicious OS kernel could observe memory page accesses from the execution and hence infer ...
This research was supported in part by NSF grants 1330599 and 1566444. ...
doi:10.1145/3052973.3053007
dblp:conf/ccs/ChenZRZ17
fatcat:pmebfujv4nhfbb3bm3ncfmh4gu
Automated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU Features
[article]
2017
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
We present the first generic technique based on hardware transactional memory, to eliminate double-fetch bugs in a fully automated and transparent manner. ...
Double-fetch bugs are a special type of race condition, where an unprivileged execution thread is able to change a memory location between the time-of-check and time-of-use of a privileged execution thread ...
[30] demonstrated that TSX can be used to protect against cache side-channel attacks in the cloud. Shih et al. [66] and Gruss et al. ...
arXiv:1711.01254v1
fatcat:gjvy55elprg4xjueslr2snjeia
Automated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU Features
2018
Proceedings of the 2018 on Asia Conference on Computer and Communications Security - ASIACCS '18
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
We present the first generic technique based on hardware transactional memory, to eliminate double-fetch bugs in a fully automated and transparent manner. ...
Double-fetch bugs are a special type of race condition, where an unprivileged execution thread is able to change a memory location between the time-of-check and time-of-use of a privileged execution thread ...
[29] demonstrated that TSX can be used to protect against cache side-channel attacks in the cloud. Shih et al. [66] and Gruss et al. ...
doi:10.1145/3196494.3196508
dblp:conf/ccs/0001GLMSFM18
fatcat:z6liqwtfq5durm6kfzx4qgws7i
Protecting Private Keys against Memory Disclosure Attacks Using Hardware Transactional Memory
2015
2015 IEEE Symposium on Security and Privacy
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
To the best of our knowledge, Mimosa is the first solution to use transactional memory to protect sensitive data against memory disclosure attacks. ...
During the cryptographic computing, Mimosa uses hardware transactional memory (HTM) to ensure that (a) whenever a malicious process other than Mimosa attempts to read the plaintext private key, the transaction ...
More importantly, timing and cache-based [1, 8, 13] side channels of AES implementations are eliminated by running in dataindependent time. ...
doi:10.1109/sp.2015.8
dblp:conf/sp/GuanLLJW15
fatcat:rp7dvouiq5dozj4xqimcwkisqu
Malicious Management Unit: Why Stopping Cache Attacks in Software is Harder Than You Think
2018
USENIX Security Symposium
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
side-channel attack. ...
To demonstrate the viability of these attacks, we focus on the MMU, demonstrating that indirect cache attacks based on translation operations performed by the MMU are practical and can be used to bypass ...
project and by the Netherlands Organisation for Scientific Research through grants NWO 639.023.309 VICI "Dowsing", NWO 639.021.753 VENI "PantaRhei", and NWO 629.002.204 "Parallax". ...
dblp:conf/uss/SchaikGBR18
fatcat:obv2gh5lbfby5mwhdgb42kpk4y
Translation Leak-aside Buffer: Defeating Cache Side-channel Protections with TLB Attacks
2018
USENIX Security Symposium
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
project and by the Netherlands Organisation for Scientific Research through grants NWO 639.023.309 VICI "Dowsing", NWO 639.021.753 VENI "PantaRhei", and NWO 629.002.204 "Parallax". ...
The research leading to these results has received funding from the European Union's Horizon 2020 Research and Innovation Programme, under Grant Agreement No. 786669 and was supported in part by the MAL-PAY ...
Compromising Intel TSX We now want to assess whether TLBleed can compromise strong, hardware-based cache defenses that protect the cache activity of the victim with hardware transactional memory features ...
dblp:conf/uss/GrasRBG18
fatcat:wuxg6ilndnhdppn4kbekyjjwni
SoK: Hardware Security Support for Trustworthy Execution
[article]
2019
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
This has given birth to a plethora of hardware mechanisms providing trusted execution environments (TEEs), support for integrity checking and memory safety and widespread uses of hardware roots of trust ...
Hardware offers many advantages over pure software approaches: immutability of mechanisms to software attacks, better execution and power efficiency and a smaller interface allowing it to better maintain ...
Side channels. The term side-channel attack originated from cryptography [69] . ...
arXiv:1910.04957v1
fatcat:5luczjg34ve67nm73xso5xhzx4
Shielding Software From Privileged Side-Channel Attacks
2018
USENIX Security Symposium
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
This paper presents defenses against page table and last-level cache (LLC) side-channel attacks launched by a compromised OS kernel. ...
Shielding systems such as InkTag, Haven, and Virtual Ghost protect sensitive application data from compromised OS kernels. However, such systems are still vulnerable to side-channel attacks. ...
This work was supported by NSF Awards CNS-1319353, CNS-1618497, CNS-1618588, CNS-1629770, and CNS-1652280. ...
dblp:conf/uss/DongSCCD18
fatcat:3gvp7yemobcr3ps5v2im7jae5y
« Previous
Showing results 1 — 15 out of 2,665 results