Filters








2,665 Hits in 5.5 sec

Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory

Daniel Gruss, Julian Lettner, Felix Schuster, Olga Ohrimenko, István Haller, Manuel Costa
2017 USENIX Security Symposium  
We address this problem with Cloak, a new technique that uses hardware transactional memory to prevent adversarial observation of cache misses on sensitive code and data.  ...  We show that Cloak provides strong protection against all known cache-based side-channel attacks with low performance overhead.  ...  Cloak enables the efficient retrofitting of existing algorithms with strong cache side-channel protection.  ... 
dblp:conf/uss/GrussLSOHC17 fatcat:uslqlslklzh33pn5hbb43isouu

Strongly Secure and Efficient Data Shuffle On Hardware Enclaves [article]

Ju Chen, Yuzhe Tang, Hao Zhou
2017 arXiv   pre-print
Mitigating memory-access attacks on the Intel SGX architecture is an important and open research problem.  ...  In the system building, we propose software techniques to prefetch memory data prior to the TSX transaction to defend the physical bus-tapping attacks.  ...  a dirty line means the line stay present in the cache, implying a cache hit upon a memory request. the untrusted OS. is work uses TSX for detecting cache-misses and for defending side-channel a acks.  ... 
arXiv:1711.04243v1 fatcat:duvcrbso3jf2lpfkobbuc7ybdm

Cape: compiler-aided program transformation for HTM-based cache side-channel defense

Rui Zhang, Michael D. Bond, Yinqian Zhang
2022 Proceedings of the 31st ACM SIGPLAN International Conference on Compiler Construction  
Prior work called Cloak leverages commodity hardware transactional memory (HTM) to protect sensitive data and code from cache side-channel attacks.  ...  This paper presents Cape, a compiler analysis and transformation that soundly and automatically protects programs from cache side-channel attacks using Cloak's defense.  ...  This work was supported by NSF grants XPS-1629126, CAREER-1253703, and CCF-1421612.  ... 
doi:10.1145/3497776.3517778 fatcat:emrlfxgmvfcwriyn5vo6e4m7y4

CURE: A Security Architecture with CUstomizable and Resilient Enclaves [article]

Raad Bahmani, Ferdinand Brasser, Ghada Dessouky, Patrick Jauernig, Matthias Klimmek, Ahmad-Reza Sadeghi, Emmanuel Stapf
2020 arXiv   pre-print
Third, their protection against cache side-channel attacks is either an afterthought or impractical, i.e., no fine-grained mapping between cache resources and individual enclaves is provided.  ...  We implemented CURE on a RISC-V-based SoC and thoroughly evaluated our prototype in terms of hardware and performance overhead.  ...  Acknowledgments We thank our anonymous reviewers for their valuable and constructive feedback. This work was funded by the Deutsche Forschungsgemeinschaft (DFG) -SFB 1119 -236615297.  ... 
arXiv:2010.15866v1 fatcat:fggaxnplzrejhiejnqeqpm3c2a

Hardware/Software Obfuscation against Timing Side-channel Attack on a GPU [article]

Elmira Karimi, Yunsi Fei, David Kaeli
2020 arXiv   pre-print
In this paper, a series of hardware/software countermeasures are proposed to obfuscate the memory timing side channel, making the GPU more resilient without impacting performance.  ...  As multiple concurrent GPU memory requests can refer to the same cache block, the coalescing unit collapses them into a single memory transaction.  ...  Therefore, to protect a GPU from a side-channel attack, we should try to reduce the SNR.  ... 
arXiv:2007.16175v1 fatcat:oyuvuw3kbffd5kb2mpzveuyb5y

Processor Hardware Security Vulnerabilities and their Detection by Unique Program Execution Checking [article]

Mohammad Rahmani Fadiheh, Dominik Stoffel, Clark Barrett, Subhasish Mitra, Wolfgang Kunz
2018 arXiv   pre-print
Recent discovery of security attacks in advanced processors, known as Spectre and Meltdown, has resulted in high public alertness about security of hardware.  ...  method called "Unique Program Execution Checking" which detects and locates vulnerabilities to covert channels systematically, including those to covert channels unknown so far.  ...  The reported research was partly supported by BMBF KMU-Innovativ 01IS17083C (Proforma) and by DARPA.  ... 
arXiv:1812.04975v1 fatcat:rlrjzmclinh43h72u6y3tt6la4

An Off-Chip Attack on Hardware Enclaves via the Memory Bus [article]

Dayeol Lee, Dongha Jung, Ian T. Fang, Chia-Che Tsai, Raluca Ada Popa
2019 arXiv   pre-print
We introduce three techniques, critical page whitelisting, cache squeezing, and oracle-based fuzzy matching algorithm to increase cache misses for memory accesses that are useful for the attack, with no  ...  First, DRAM requests are only visible on the memory bus at last-level cache misses.  ...  Acknowledgments We thank our shepherd, Daniel Genkin, and the anonymous reviewers for their insightful comments. We thank Krste Asanović and Martin Maas for sharing their ideas.  ... 
arXiv:1912.01701v1 fatcat:nj6kipl65zewtd4tn6x6p6gzse

Detecting Privileged Side-Channel Attacks in Shielded Execution with Déjà Vu

Sanchuan Chen, Xiaokuan Zhang, Michael K. Reiter, Yinqian Zhang
2017 Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security - ASIA CCS '17  
of transactional memory.  ...  For instance, it has been shown that by changing page table entries of memory pages used by shielded execution, a malicious OS kernel could observe memory page accesses from the execution and hence infer  ...  This research was supported in part by NSF grants 1330599 and 1566444.  ... 
doi:10.1145/3052973.3053007 dblp:conf/ccs/ChenZRZ17 fatcat:pmebfujv4nhfbb3bm3ncfmh4gu

Automated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU Features [article]

Michael Schwarz, Daniel Gruss, Moritz Lipp, Clémentine Maurice, Thomas Schuster, Anders Fogh, Stefan Mangard
2017 arXiv   pre-print
We present the first generic technique based on hardware transactional memory, to eliminate double-fetch bugs in a fully automated and transparent manner.  ...  Double-fetch bugs are a special type of race condition, where an unprivileged execution thread is able to change a memory location between the time-of-check and time-of-use of a privileged execution thread  ...  [30] demonstrated that TSX can be used to protect against cache side-channel attacks in the cloud. Shih et al. [66] and Gruss et al.  ... 
arXiv:1711.01254v1 fatcat:gjvy55elprg4xjueslr2snjeia

Automated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU Features

Michael Schwarz, Daniel Gruss, Moritz Lipp, Clémentine Maurice, Thomas Schuster, Anders Fogh, Stefan Mangard
2018 Proceedings of the 2018 on Asia Conference on Computer and Communications Security - ASIACCS '18  
We present the first generic technique based on hardware transactional memory, to eliminate double-fetch bugs in a fully automated and transparent manner.  ...  Double-fetch bugs are a special type of race condition, where an unprivileged execution thread is able to change a memory location between the time-of-check and time-of-use of a privileged execution thread  ...  [29] demonstrated that TSX can be used to protect against cache side-channel attacks in the cloud. Shih et al. [66] and Gruss et al.  ... 
doi:10.1145/3196494.3196508 dblp:conf/ccs/0001GLMSFM18 fatcat:z6liqwtfq5durm6kfzx4qgws7i

Protecting Private Keys against Memory Disclosure Attacks Using Hardware Transactional Memory

Le Guan, Jingqiang Lin, Bo Luo, Jiwu Jing, Jing Wang
2015 2015 IEEE Symposium on Security and Privacy  
To the best of our knowledge, Mimosa is the first solution to use transactional memory to protect sensitive data against memory disclosure attacks.  ...  During the cryptographic computing, Mimosa uses hardware transactional memory (HTM) to ensure that (a) whenever a malicious process other than Mimosa attempts to read the plaintext private key, the transaction  ...  More importantly, timing and cache-based [1, 8, 13] side channels of AES implementations are eliminated by running in dataindependent time.  ... 
doi:10.1109/sp.2015.8 dblp:conf/sp/GuanLLJW15 fatcat:rp7dvouiq5dozj4xqimcwkisqu

Malicious Management Unit: Why Stopping Cache Attacks in Software is Harder Than You Think

Stephan van Schaik, Cristiano Giuffrida, Herbert Bos, Kaveh Razavi
2018 USENIX Security Symposium  
side-channel attack.  ...  To demonstrate the viability of these attacks, we focus on the MMU, demonstrating that indirect cache attacks based on translation operations performed by the MMU are practical and can be used to bypass  ...  project and by the Netherlands Organisation for Scientific Research through grants NWO 639.023.309 VICI "Dowsing", NWO 639.021.753 VENI "PantaRhei", and NWO 629.002.204 "Parallax".  ... 
dblp:conf/uss/SchaikGBR18 fatcat:obv2gh5lbfby5mwhdgb42kpk4y

Translation Leak-aside Buffer: Defeating Cache Side-channel Protections with TLB Attacks

Ben Gras, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida
2018 USENIX Security Symposium  
project and by the Netherlands Organisation for Scientific Research through grants NWO 639.023.309 VICI "Dowsing", NWO 639.021.753 VENI "PantaRhei", and NWO 629.002.204 "Parallax".  ...  The research leading to these results has received funding from the European Union's Horizon 2020 Research and Innovation Programme, under Grant Agreement No. 786669 and was supported in part by the MAL-PAY  ...  Compromising Intel TSX We now want to assess whether TLBleed can compromise strong, hardware-based cache defenses that protect the cache activity of the victim with hardware transactional memory features  ... 
dblp:conf/uss/GrasRBG18 fatcat:wuxg6ilndnhdppn4kbekyjjwni

SoK: Hardware Security Support for Trustworthy Execution [article]

Lianying Zhao, He Shuang, Shengjie Xu, Wei Huang, Rongzhen Cui, Pushkar Bettadpur, David Lie
2019 arXiv   pre-print
This has given birth to a plethora of hardware mechanisms providing trusted execution environments (TEEs), support for integrity checking and memory safety and widespread uses of hardware roots of trust  ...  Hardware offers many advantages over pure software approaches: immutability of mechanisms to software attacks, better execution and power efficiency and a smaller interface allowing it to better maintain  ...  Side channels. The term side-channel attack originated from cryptography [69] .  ... 
arXiv:1910.04957v1 fatcat:5luczjg34ve67nm73xso5xhzx4

Shielding Software From Privileged Side-Channel Attacks

Xiaowan Dong, Zhuojia Shen, John Criswell, Alan L. Cox, Sandhya Dwarkadas
2018 USENIX Security Symposium  
This paper presents defenses against page table and last-level cache (LLC) side-channel attacks launched by a compromised OS kernel.  ...  Shielding systems such as InkTag, Haven, and Virtual Ghost protect sensitive application data from compromised OS kernels. However, such systems are still vulnerable to side-channel attacks.  ...  This work was supported by NSF Awards CNS-1319353, CNS-1618497, CNS-1618588, CNS-1629770, and CNS-1652280.  ... 
dblp:conf/uss/DongSCCD18 fatcat:3gvp7yemobcr3ps5v2im7jae5y
« Previous Showing results 1 — 15 out of 2,665 results