Filters








1,044 Hits in 6.9 sec

Cache-Timing Attacks on RSA Key Generation

Alejandro Cabrera Aldaya, Cesar Pereida García, Luis Manuel Alvarez Tapia, Billy Bob Brumley
2019 Transactions on Cryptographic Hardware and Embedded Systems  
In this work, we propose a methodology to analyze security-critical software for side-channel insecure code path traversal.  ...  Exploiting one of these leaks, we design, implement, and mount a single trace cache-timing attack on the GCD computation step.  ...  This article is based in part upon work from COST Action IC1403 CRYPTACUS, supported by COST (European Cooperation in Science and Technology).  ... 
doi:10.13154/tches.v2019.i4.213-242 dblp:journals/tches/AldayaGTB19 fatcat:dpjhae2h5jeidnzkxybkwim2am

Managing confidentiality leaks through private algorithms on Software Guard eXtensions (SGX) enclaves

Kubilay Ahmet Küçük, David Grawrock, Andrew Martin
2019 EURASIP Journal on Information Security  
First, we provide a taxonomy and give an extensive understanding of trade-offs during secure enclave development.  ...  Many applications are built upon private algorithms, and executing them in untrusted, remote environments poses confidentiality issues.  ...  Acknowledgements We thank Sean Smith, II Ceylan, M Geden, K Kalkan, E Ucan, IM Tas, and B Sari for their helpful discussions and reviews.  ... 
doi:10.1186/s13635-019-0091-5 fatcat:53lwbanrpjhv7buzrrm73tcjr4

STACCO

Yuan Xiao, Mengyuan Li, Sanchuan Chen, Yinqian Zhang
2017 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security - CCS '17  
Particularly, we consider a category of side-channel attacks against SSL/TLS implementations in secure enclaves, which we call the control-flow inference attacks.  ...  To validate the detected vulnerabilities, we developed a man-in-the-kernel adversary to demonstrate Bleichenbacher attacks against the latest OpenSSL library running in the SGX enclave (with the help of  ...  Control-Flow Inference Attacks In previous work, it has been shown that SGX enclaves are vulnerable to a variety of side-channel attacks.  ... 
doi:10.1145/3133956.3134016 dblp:conf/ccs/XiaoLCZ17 fatcat:smeafct6pjhyzka23kxg57ej5e

Util::Lookup: Exploiting key decoding in cryptographic libraries [article]

Florian Sieck, Sebastian Berndt, Jan Wichelmann, Thomas Eisenbarth
2021 arXiv   pre-print
Implementations of cryptographic libraries have been scrutinized for secret-dependent execution behavior exploitable by microarchitectural side-channel attacks.  ...  We present a complete attack, including a broad library analysis, a high-resolution last level cache attack on SGX enclaves, and a fully parallelized implementation of the extend-and-prune approach that  ...  and constructive feedback.  ... 
arXiv:2108.04600v1 fatcat:2a4gjovzxbfezgvkmal66hrcju

V0LTpwn: Attacking x86 Processor Integrity from Software [article]

Zijo Kenjar, Tommaso Frassetto, David Gens, Michael Franz, and Ahmad-Reza Sadeghi
2019 arXiv   pre-print
In contrast to recently presented side-channel attacks that leverage vulnerable speculative execution, V0LTpwn is not limited to information disclosure, but allows adversaries to affect execution, and  ...  Fault-injection attacks have been proven in the past to be a reliable way of bypassing hardware-based security measures, such as cryptographic hashes, privilege and access permission enforcement, and trusted  ...  Hence, the attacker analyzes the target binary, in order to identify parts of the code most vulnerable to faults.  ... 
arXiv:1912.04870v1 fatcat:4bazs7ee65hlbd4d5dga63op7q

Leaky Cauldron on the Dark Land

Wenhao Wang, Guoxing Chen, Xiaorui Pan, Yinqian Zhang, XiaoFeng Wang, Vincent Bindschaedler, Haixu Tang, Carl A. Gunter
2017 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security - CCS '17  
Our findings reveal the gap between the ongoing security research on SGX and its side-channel weaknesses, redefine the side-channel threat model for secure enclaves, and can provoke a discussion on when  ...  In the paper, we report the first step toward systematic analyses of side-channel threats that SGX faces, focusing on the risks associated with its memory management.  ...  As a first step towards a complete understanding of all side-channel threats software vendors face, in this paper, we focus on memoryrelated side channels, which is an important, and arguably the most  ... 
doi:10.1145/3133956.3134038 pmid:30853868 pmcid:PMC6405214 fatcat:p7mol7zpszajzgrrhw2fi4osky

Composite Enclaves: Towards Disaggregated Trusted Execution [article]

Moritz Schneider, Aritra Dhar, Ivan Puddu, Kari Kostiainen, Srdjan Capkun
2021 arXiv   pre-print
We observe that the TEEs' hardware trusted computing base (TCB) is fixed at design time, which in practice leads to using untrusted software to employ peripherals in TEEs.  ...  Based on this observation, we propose composite enclaves with a configurable hardware and software TCB, allowing enclaves access to multiple computing and IO resources.  ...  Thanks to Kaveh Razavi and Shwetha Shinde for feedback on early versions of this paper.  ... 
arXiv:2010.10416v3 fatcat:do3jol7aajef3njawe4s4rbrgi

Composite Enclaves: Towards Disaggregated Trusted Execution

Moritz Schneider, Aritra Dhar, Ivan Puddu, Kari Kostiainen, Srdjan Čapkun
2021 Transactions on Cryptographic Hardware and Embedded Systems  
We observe that the TEEs' hardware trusted computing base (TCB) is fixed at design time, which in practice leads to using untrusted software to employ peripherals in TEEs.  ...  Based on this observation, we propose composite enclaves with a configurable hardware and software TCB, allowing enclaves access to multiple computing and IO resources.  ...  Thanks to Kaveh Razavi and Shwetha Shinde for feedback on early versions of this paper.  ... 
doi:10.46586/tches.v2022.i1.630-656 fatcat:rzbybefahvfind6cbbkjibshqa

Introduction to Hardware Security

Yier Jin
2015 Electronics  
To help researchers who have recently joined in this area better understand the challenges and tasks within the hardware security domain and to help both academia and industry investigate countermeasures  ...  and solutions to solve hardware security problems, we will introduce the key concepts of hardware security as well as its relations to related research topics in this survey paper.  ...  Acknowledgments This work was supported in part by the National Science Foundation grant (CNS-1319105). Conflicts of Interest The authors declare no conflict of interest.  ... 
doi:10.3390/electronics4040763 fatcat:njdmrvdogzc73mp4yun6rpnun4

Towards Memory Safe Python Enclave for Security Sensitive Computation [article]

Huibo Wang, Mingshen Sun, Qian Feng, Pei Wang, Tongxin Li, Yu Ding
2020 arXiv   pre-print
Therefore, Python application developers cannot benefit from secure enclaves like Intel SGX and rust-SGX.  ...  However, since enclave applications are developed with memory unsafe languages such as C/C++, traditional memory corruption is not eliminated in SGX.  ...  Side-channel attacks are orthogonal to the memory safety problem, so they are not in scope. Python-SGX will only focus on enabling application layer memory safety in SGX enclaves.  ... 
arXiv:2005.05996v1 fatcat:2zi4nkaruzhu5gonl6lf5v3yli

Practical Enclave Malware with Intel SGX [article]

Michael Schwarz, Samuel Weiser, Daniel Gruss
2019 arXiv   pre-print
Modern CPU architectures offer strong isolation guarantees towards user applications in the form of enclaves.  ...  In this work, we practically demonstrate the first enclave malware which fully and stealthily impersonates its host application.  ...  Researchers have practically demonstrated enclave spyware stealing confidential information via side channels [46] . Apart from side-channel attacks, Costan et al.  ... 
arXiv:1902.03256v1 fatcat:u2sxye4jqne4hogecfxsxjtepu

Attestation Transparency

Jethro G. Beekman, John L. Manferdelli, David Wagner
2016 Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security - ASIA CCS '16  
This is caused by a lack of guarantees about what is happening on the server side. As a worst case scenario, the service might be subjected to an insider attack.  ...  Internet services can provide a wealth of functionality, yet their usage raises privacy, security and integrity concerns for users.  ...  ACKNOWLEDGEMENTS We thank Jon McCune and our anonymous reviewers for their feedback.  ... 
doi:10.1145/2897845.2897895 dblp:conf/ccs/BeekmanMW16 fatcat:tfcnuuch2ramplztvrn2tglkyu

Protecting the stack with PACed canaries

Hans Liljestrand, Zaheer Gauhar, Thomas Nyman, Jan-Erik Ekberg, N. Asokan
2019 Proceedings of the 4th Workshop on System Software for Trusted Execution - SysTEX '19  
The enclave provides both integrity and confidentiality guarantees, even against the OS. Unfortunately, SGX is vulnerable to side-channel attacks.  ...  Due to such varied use, reference counters cannot be automatically identified and found without developer intervention.  ... 
doi:10.1145/3342559.3365336 dblp:conf/sosp/LiljestrandGNEA19 fatcat:nrvxdisehbau7kd3ojbkuhtxeu

Analysis of Trusted Execution Environment usage in Samsung KNOX

Ahmad Atamli-Reineh, Ravishankar Borgaonkar, Ranjbar A. Balisane, Giuseppe Petracca, Andrew Martin
2016 Proceedings of the 1st Workshop on System Software for Trusted Execution - SysTEX '16  
In order to mitigate the risks arising from such vulnerabilities, various techniques have been proposed to isolate the execution of sensitive code from the rest of the application and from other software  ...  , including vulnerabilities in other partitions of the same application.  ...  ACKNOWLEDGEMENT The authors would like to thank the editor and the anonymous reviewers for their constructive and generous feedback.  ... 
doi:10.1145/3007788.3007795 dblp:conf/middleware/Atamli-ReinehBB16 fatcat:qgob3wtqyfdipkxz4rtsmvefkq

A framework for application partitioning using trusted execution environments

Ahmad Atamli-Reineh, Andrew Paverd, Giuseppe Petracca, Andrew Martin
2017 Concurrency and Computation  
In order to mitigate the risks arising from such vulnerabilities, various techniques have been proposed to isolate the execution of sensitive code from the rest of the application and from other software  ...  , including vulnerabilities in other partitions of the same application.  ...  ACKNOWLEDGEMENT The authors would like to thank the editor and the anonymous reviewers for their constructive and generous feedback.  ... 
doi:10.1002/cpe.4130 fatcat:ojcrwrl5hnavpmb6g7xbnnqumy
« Previous Showing results 1 — 15 out of 1,044 results